Java AccessController Examples

Programming Language: Java

Namespace/Package Name: org.mozilla.javascript

Class/Type: AccessController

Examples at hotexamples.com: 3

Java AccessController - 3 examples found. These are the top rated real world Java examples of org.mozilla.javascript.AccessController extracted from open source projects. You can rate examples to help us improve the quality of examples.

Frequently Used Methods

Show Hide

doPrivileged(2)

getContext(1)

Example #1

Show file

File: JavaPolicySecurity.java Project: benmfaul/JQL

 // Construct PermissionCollection that permits an action only
 // if it is permitted by staticDomain and by security context of Java stack on
 // the moment of constructor invocation
 ContextPermissions(ProtectionDomain staticDomain) {
   _context = AccessController.getContext();
   if (staticDomain != null) {
     _statisPermissions = staticDomain.getPermissions();
   }
   setReadOnly();
 }

Example #2

Show file

File: JavaPolicySecurity.java Project: benmfaul/JQL

 protected void callProcessFileSecure(
     final Context cx, final Scriptable scope, final String filename) {
   AccessController.doPrivileged(
       new PrivilegedAction() {
         public Object run() {
           URL url = getUrlObj(filename);
           ProtectionDomain staticDomain = getUrlDomain(url);
           Main.processFileSecure(cx, scope, url.toExternalForm(), staticDomain);
           return null;
         }
       });
 }

Example #3

Show file

File: JavaPolicySecurity.java Project: benmfaul/JQL

  public Object callWithDomain(
      Object securityDomain,
      final Context cx,
      final Callable callable,
      final Scriptable scope,
      final Scriptable thisObj,
      final Object[] args) {
    ProtectionDomain staticDomain = (ProtectionDomain) securityDomain;
    // There is no direct way in Java to intersect permitions according
    // stack context with additional domain.
    // The following implementation first constructs ProtectionDomain
    // that allows actions only allowed by both staticDomain and current
    // stack context, and then constructs AccessController for this dynamic
    // domain.
    // If this is too slow, alternative solution would be to generate
    // class per domain with a proxy method to call to infect
    // java stack.
    // Another optimization in case of scripts coming from "world" domain,
    // that is having minimal default privileges is to construct
    // one AccessControlContext based on ProtectionDomain
    // with least possible privileges and simply call
    // AccessController.doPrivileged with this untrusted context

    ProtectionDomain dynamicDomain = getDynamicDomain(staticDomain);
    ProtectionDomain[] tmp = {dynamicDomain};
    AccessControlContext restricted = new AccessControlContext(tmp);

    PrivilegedAction action =
        new PrivilegedAction() {
          public Object run() {
            return callable.call(cx, scope, thisObj, args);
          }
        };

    return AccessController.doPrivileged(action, restricted);
  }