下面列出了java.security.AccessController#checkPermission ( ) 实例代码,或者点击链接到github查看源代码,也可以在右侧发表评论。
/**
* Check if the connector server creator can assume the identity of each
* principal in the authenticated subject, i.e. check if the connector
* server creator codebase contains a subject delegation permission for
* each principal present in the authenticated subject.
*
* @return {@code true} if the connector server creator can delegate to all
* the authenticated principals in the subject. Otherwise, {@code false}.
*/
public static synchronized boolean
checkRemoveCallerContext(Subject subject) {
try {
for (Principal p : getSubjectPrincipals(subject)) {
final String pname =
p.getClass().getName() + "." + p.getName();
final Permission sdp =
new SubjectDelegationPermission(pname);
AccessController.checkPermission(sdp);
}
} catch (SecurityException e) {
return false;
}
return true;
}
/**
* Check if the connector server creator can assume the identity of each
* principal in the authenticated subject, i.e. check if the connector
* server creator codebase contains a subject delegation permission for
* each principal present in the authenticated subject.
*
* @return {@code true} if the connector server creator can delegate to all
* the authenticated principals in the subject. Otherwise, {@code false}.
*/
public static synchronized boolean
checkRemoveCallerContext(Subject subject) {
try {
for (Principal p : getSubjectPrincipals(subject)) {
final String pname =
p.getClass().getName() + "." + p.getName();
final Permission sdp =
new SubjectDelegationPermission(pname);
AccessController.checkPermission(sdp);
}
} catch (SecurityException e) {
return false;
}
return true;
}
public static void main(String args[]) throws Throwable {
// ExtensiblePolicyTest1.policy: policy file grants permission to
// watch TVChannel 3-6
// ExtensiblePolicyTest2.policy: policy file grants permission to
// watch TVChanel 4
// ExtensiblePolicyTest3.policy: policy file grants permission signed
// by duke2 to watch TVChanel 5
TVPermission perm = new TVPermission("channel:5", "watch");
boolean getException = false;
String exceptionMessage = null;
boolean expectException = Boolean.parseBoolean(args[0]);
try {
AccessController.checkPermission(perm);
} catch (SecurityException se) {
getException = true;
exceptionMessage = se.getMessage();
}
if (expectException ^ getException) {
throw new RuntimeException("Test Failed: expectException = "
+ expectException + " getException = " + getException
+ "\n" + exceptionMessage);
}
}
/**
* Check if the connector server creator can assume the identity of each
* principal in the authenticated subject, i.e. check if the connector
* server creator codebase contains a subject delegation permission for
* each principal present in the authenticated subject.
*
* @return {@code true} if the connector server creator can delegate to all
* the authenticated principals in the subject. Otherwise, {@code false}.
*/
public static synchronized boolean
checkRemoveCallerContext(Subject subject) {
try {
for (Principal p : getSubjectPrincipals(subject)) {
final String pname =
p.getClass().getName() + "." + p.getName();
final Permission sdp =
new SubjectDelegationPermission(pname);
AccessController.checkPermission(sdp);
}
} catch (SecurityException e) {
return false;
}
return true;
}
public static void main(String args[]) throws Throwable {
// ExtensiblePolicyTest1.policy: policy file grants permission to
// watch TVChannel 3-6
// ExtensiblePolicyTest2.policy: policy file grants permission to
// watch TVChanel 4
// ExtensiblePolicyTest3.policy: policy file grants permission signed
// by duke2 to watch TVChanel 5
TVPermission perm = new TVPermission("channel:5", "watch");
boolean getException = false;
String exceptionMessage = null;
boolean expectException = Boolean.parseBoolean(args[0]);
try {
AccessController.checkPermission(perm);
} catch (SecurityException se) {
getException = true;
exceptionMessage = se.getMessage();
}
if (expectException ^ getException) {
throw new RuntimeException("Test Failed: expectException = "
+ expectException + " getException = " + getException
+ "\n" + exceptionMessage);
}
}
/**
* Check if the connector server creator can assume the identity of each
* principal in the authenticated subject, i.e. check if the connector
* server creator codebase contains a subject delegation permission for
* each principal present in the authenticated subject.
*
* @return {@code true} if the connector server creator can delegate to all
* the authenticated principals in the subject. Otherwise, {@code false}.
*/
public static synchronized boolean
checkRemoveCallerContext(Subject subject) {
try {
for (Principal p : getSubjectPrincipals(subject)) {
final String pname =
p.getClass().getName() + "." + p.getName();
final Permission sdp =
new SubjectDelegationPermission(pname);
AccessController.checkPermission(sdp);
}
} catch (SecurityException e) {
return false;
}
return true;
}
public static void main(String args[]) throws Throwable {
// ExtensiblePolicyTest1.policy: policy file grants permission to
// watch TVChannel 3-6
// ExtensiblePolicyTest2.policy: policy file grants permission to
// watch TVChanel 4
// ExtensiblePolicyTest3.policy: policy file grants permission signed
// by duke2 to watch TVChanel 5
TVPermission perm = new TVPermission("channel:5", "watch");
boolean getException = false;
String exceptionMessage = null;
boolean expectException = Boolean.parseBoolean(args[0]);
try {
AccessController.checkPermission(perm);
} catch (SecurityException se) {
getException = true;
exceptionMessage = se.getMessage();
}
if (expectException ^ getException) {
throw new RuntimeException("Test Failed: expectException = "
+ expectException + " getException = " + getException
+ "\n" + exceptionMessage);
}
}
/**
* Check if the connector server creator can assume the identity of each
* principal in the authenticated subject, i.e. check if the connector
* server creator codebase contains a subject delegation permission for
* each principal present in the authenticated subject.
*
* @return {@code true} if the connector server creator can delegate to all
* the authenticated principals in the subject. Otherwise, {@code false}.
*/
public static synchronized boolean
checkRemoveCallerContext(Subject subject) {
try {
for (Principal p : getSubjectPrincipals(subject)) {
final String pname =
p.getClass().getName() + "." + p.getName();
final Permission sdp =
new SubjectDelegationPermission(pname);
AccessController.checkPermission(sdp);
}
} catch (SecurityException e) {
return false;
}
return true;
}
public static void main (String argv[]) throws Exception {
try {
AccessController.checkPermission(
new BasicPermission("no such permission"){});
} catch (NullPointerException npe) {
throw new Exception("Unexpected NullPointerException for security" +
" debug option, -Djava.security.debug=failure");
} catch (AccessControlException ace) {
}
}
public AccessControlContext
delegatedContext(AccessControlContext authenticatedACC,
Subject delegatedSubject,
boolean removeCallerContext)
throws SecurityException {
if (System.getSecurityManager() != null && authenticatedACC == null) {
throw new SecurityException("Illegal AccessControlContext: null");
}
// Check if the subject delegation permission allows the
// authenticated subject to assume the identity of each
// principal in the delegated subject
//
Collection<Principal> ps = getSubjectPrincipals(delegatedSubject);
final Collection<Permission> permissions = new ArrayList<>(ps.size());
for(Principal p : ps) {
final String pname = p.getClass().getName() + "." + p.getName();
permissions.add(new SubjectDelegationPermission(pname));
}
PrivilegedAction<Void> action =
new PrivilegedAction<Void>() {
public Void run() {
for (Permission sdp : permissions) {
AccessController.checkPermission(sdp);
}
return null;
}
};
AccessController.doPrivileged(action, authenticatedACC);
return getDelegatedAcc(delegatedSubject, removeCallerContext);
}
public static void main(String args[]) {
TVPermission perm = new TVPermission("channel:5", "watch");
try {
AccessController.checkPermission(perm);
} catch (SecurityException se) {
throw new RuntimeException(se);
}
}
public static void main (String argv[]) throws Exception {
try {
AccessController.checkPermission(
new BasicPermission("no such permission"){});
} catch (NullPointerException npe) {
throw new Exception("Unexpected NullPointerException for security" +
" debug option, -Djava.security.debug=failure");
} catch (AccessControlException ace) {
}
}
public AccessControlContext
delegatedContext(AccessControlContext authenticatedACC,
Subject delegatedSubject,
boolean removeCallerContext)
throws SecurityException {
if (System.getSecurityManager() != null && authenticatedACC == null) {
throw new SecurityException("Illegal AccessControlContext: null");
}
// Check if the subject delegation permission allows the
// authenticated subject to assume the identity of each
// principal in the delegated subject
//
Collection<Principal> ps = getSubjectPrincipals(delegatedSubject);
final Collection<Permission> permissions = new ArrayList<>(ps.size());
for(Principal p : ps) {
final String pname = p.getClass().getName() + "." + p.getName();
permissions.add(new SubjectDelegationPermission(pname));
}
PrivilegedAction<Void> action =
new PrivilegedAction<Void>() {
public Void run() {
for (Permission sdp : permissions) {
AccessController.checkPermission(sdp);
}
return null;
}
};
AccessController.doPrivileged(action, authenticatedACC);
return getDelegatedAcc(delegatedSubject, removeCallerContext);
}
public static void main(String args[]) {
TVPermission perm = new TVPermission("channel:5", "watch");
try {
AccessController.checkPermission(perm);
} catch (SecurityException se) {
throw new RuntimeException(se);
}
}
public static void main (String argv[]) throws Exception {
try {
AccessController.checkPermission(
new BasicPermission("no such permission"){});
} catch (NullPointerException npe) {
throw new Exception("Unexpected NullPointerException for security" +
" debug option, -Djava.security.debug=failure");
} catch (AccessControlException ace) {
}
}
public static void main(String args[]) {
TVPermission perm = new TVPermission("channel:5", "watch");
try {
AccessController.checkPermission(perm);
} catch (SecurityException se) {
throw new RuntimeException(se);
}
}
public static void main (String argv[]) throws Exception {
try {
AccessController.checkPermission(
new BasicPermission("no such permission"){});
} catch (NullPointerException npe) {
throw new Exception("Unexpected NullPointerException for security" +
" debug option, -Djava.security.debug=failure");
} catch (AccessControlException ace) {
}
}
@Override public Void run() {
AccessController.checkPermission(permission);
return null;
}
@Override public Void run() {
AccessController.checkPermission(permission);
return null;
}
@Override public Void run() {
AccessController.checkPermission(permission);
return null;
}