下面列出了java.security.ProtectionDomain#getClassLoader ( ) 实例代码,或者点击链接到github查看源代码,也可以在右侧发表评论。
/**
* 清理来自URLClassLoader.acc.ProtectionDomain[]中,来自上一个ModuleJarClassLoader的ProtectionDomain
* 这样写好蛋疼,而且还有不兼容的风险,从JDK6+都必须要这样清理,但我找不出更好的办法。
* 在重置沙箱时,遇到MgrModule模块无法正确卸载类的情况,主要的原因是在于URLClassLoader.acc.ProtectionDomain[]中包含了上一个ModuleJarClassLoader的引用
* 所以必须要在这里清理掉,否则随着重置次数的增加,类会越累积越多
*/
private void cleanProtectionDomainWhichCameFromModuleJarClassLoader() {
// got ProtectionDomain[] from URLClassLoader's acc
final AccessControlContext acc = unCaughtGetClassDeclaredJavaFieldValue(URLClassLoader.class, "acc", this);
final ProtectionDomain[] protectionDomainArray = unCaughtInvokeMethod(
unCaughtGetClassDeclaredJavaMethod(AccessControlContext.class, "getContext"),
acc
);
// remove ProtectionDomain which loader is ModuleJarClassLoader
final Set<ProtectionDomain> cleanProtectionDomainSet = new LinkedHashSet<ProtectionDomain>();
if (ArrayUtils.isNotEmpty(protectionDomainArray)) {
for (final ProtectionDomain protectionDomain : protectionDomainArray) {
if (protectionDomain.getClassLoader() == null
|| !StringUtils.equals(ModuleJarClassLoader.class.getName(), protectionDomain.getClassLoader().getClass().getName())) {
cleanProtectionDomainSet.add(protectionDomain);
}
}
}
// rewrite acc
final AccessControlContext newAcc = new AccessControlContext(cleanProtectionDomainSet.toArray(new ProtectionDomain[]{}));
unCaughtSetClassDeclaredJavaFieldValue(URLClassLoader.class, "acc", this, newAcc);
}
public static Scanner newScanner(ProtectionDomain protectionDomain, ClassLoader classLoader) {
final URL codeLocation = CodeSourceUtils.getCodeLocation(protectionDomain);
if (codeLocation == null) {
return new ClassLoaderScanner(classLoader);
}
final Scanner scanner = newURLScanner(codeLocation);
if (scanner != null) {
return scanner;
}
// workaround for scanning for classes in nested jars - see newURLScanner(URL) below.
if (FORCE_CLASS_LOADER_SCANNER || isNestedJar(codeLocation.getPath())) {
ClassLoader protectionDomainClassLoader = protectionDomain.getClassLoader();
if (protectionDomainClassLoader != null) {
return new ClassLoaderScanner(protectionDomainClassLoader);
}
}
throw new IllegalArgumentException("unknown scanner type classLoader:" + classLoader + " protectionDomain:" + protectionDomain);
}
public PermissionCollection getPermissions(ProtectionDomain domain) {
ClassLoader cl = domain.getClassLoader();
PermissionCollection toApply = classLoaderToPermissions.get(cl);
if(null == toApply) {
toApply = defaultPermissions;
}
return toApply;
}
/**
* Loads specified JAR.
*
* @param jarFileInfo
* @throws IOException
*/
private void loadJar(JarFileInfo jarFileInfo) throws IOException {
lstJarFile.add(jarFileInfo);
try {
Enumeration<JarEntry> en = jarFileInfo.jarFile.entries();
final String EXT_JAR = ".jar";
while (en.hasMoreElements()) {
JarEntry je = en.nextElement();
if (je.isDirectory()) {
continue;
}
String s = je.getName().toLowerCase(); // JarEntry name
if (s.lastIndexOf(EXT_JAR) == s.length() - EXT_JAR.length()) {
JarEntryInfo inf = new JarEntryInfo(jarFileInfo, je);
File fileTemp = createTempFile(inf);
logInfo(LogArea.JAR, "Loading inner JAR %s from temp file %s",
inf.jarEntry, getFilename4Log(fileTemp));
// Construct ProtectionDomain for this inner JAR:
URL url = fileTemp.toURI().toURL();
ProtectionDomain pdParent = jarFileInfo.pd;
// 'csParent' is never null: top JAR has it, JCL creates it for child JAR:
CodeSource csParent = pdParent.getCodeSource();
Certificate[] certParent = csParent.getCertificates();
CodeSource csChild = (certParent == null ? new CodeSource(url, csParent.getCodeSigners())
: new CodeSource(url, certParent));
ProtectionDomain pdChild = new ProtectionDomain(csChild,
pdParent.getPermissions(), pdParent.getClassLoader(), pdParent.getPrincipals());
loadJar(new JarFileInfo(
new JarFile(fileTemp), inf.getName(), jarFileInfo, pdChild, fileTemp));
}
}
} catch (JarClassLoaderException e) {
throw new RuntimeException(
"ERROR on loading inner JAR: " + e.getMessageAll());
}
}
/**
* {@link DomainCombiner} that filters any {@link ProtectionDomain}s loaded by our classloader
*/
private DomainCombiner createDomainCombiner() {
return new DomainCombiner() {
/** Flag to detected recursive calls */
private final ThreadLocal<Boolean> isExecuting = new ThreadLocal<Boolean>();
@Override
public ProtectionDomain[] combine(ProtectionDomain[] currentDomains, ProtectionDomain[] assignedDomains) {
if (assignedDomains != null && assignedDomains.length > 0) {
log.error("Unexpected assignedDomains - please report to developer of this library!");
}
if (Boolean.TRUE.equals(isExecuting.get()))
throw new RuntimeException();
try {
isExecuting.set(Boolean.TRUE); // Throw NestedProtectionDomainCombinerException on nested calls
// Keep all ProtectionDomain not involving the web app classloader
final List<ProtectionDomain> output = new ArrayList<ProtectionDomain>();
for (ProtectionDomain protectionDomain : currentDomains) {
if (protectionDomain.getClassLoader() == null ||
!isClassLoaderOrChild(protectionDomain.getClassLoader())) {
output.add(protectionDomain);
}
}
return output.toArray(new ProtectionDomain[output.size()]);
} finally {
isExecuting.remove();
}
}
};
}
/**
* 获取<code>clazz</code>的所在路径
*
* @param clazz 要获取的类
* @return <code>clazz</code>的所在路径
*/
public static String classLocation(Class<?> clazz) {
if (clazz == null) {
return null;
}
ProtectionDomain domain = clazz.getProtectionDomain();
return (domain.getClassLoader() != null) ? domain.getCodeSource().getLocation().getPath() : clazz.getName();
}
/**
* Checks whether the given domain belongs to a special internal extension or not.
*
* @param domain
* the domain in question, never {@code null}
* @return {@code true} if the domain belongs to a special internal extension; {@code false}
* otherwise
*
*/
private static boolean isInternalPlugin(ProtectionDomain domain) {
// everything not loaded by the internal plugin classloader is not a special internal plugin
return domain.getClassLoader() instanceof InternalPluginClassLoader;
}