123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121 |
- /*
- * Licensed to the Apache Software Foundation (ASF) under one or more
- * contributor license agreements. See the NOTICE file distributed with
- * this work for additional information regarding copyright ownership.
- * The ASF licenses this file to You under the Apache License, Version 2.0
- * (the "License"); you may not use this file except in compliance with
- * the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
- package javax.security.auth;
- import java.security.DomainCombiner;
- import java.security.Principal;
- import java.security.ProtectionDomain;
- import java.util.Set;
- /**
- * Merges permissions based on code source and code signers with permissions
- * granted to the specified {@link Subject}.
- */
- public class SubjectDomainCombiner implements DomainCombiner {
- // subject to be associated
- private Subject subject;
- // permission required to get a subject object
- private static final AuthPermission _GET = new AuthPermission(
- "getSubjectFromDomainCombiner"); //$NON-NLS-1$
- /**
- * Creates a domain combiner for the entity provided in {@code subject}.
- *
- * @param subject
- * the entity to which this domain combiner is associated.
- */
- public SubjectDomainCombiner(Subject subject) {
- super();
- if (subject == null) {
- throw new NullPointerException();
- }
- this.subject = subject;
- }
- /**
- * Returns the entity to which this domain combiner is associated.
- *
- * @return the entity to which this domain combiner is associated.
- */
- public Subject getSubject() {
- SecurityManager sm = System.getSecurityManager();
- if (sm != null) {
- sm.checkPermission(_GET);
- }
- return subject;
- }
- /**
- * Merges the {@code ProtectionDomain} with the {@code Principal}s
- * associated with the subject of this {@code SubjectDomainCombiner}.
- *
- * @param currentDomains
- * the {@code ProtectionDomain}s associated with the context of
- * the current thread. The domains must be sorted according to
- * the execution order, the most recent residing at the
- * beginning.
- * @param assignedDomains
- * the {@code ProtectionDomain}s from the parent thread based on
- * code source and signers.
- * @return a single {@code ProtectionDomain} array computed from the two
- * provided arrays, or {@code null}.
- * @see ProtectionDomain
- */
- public ProtectionDomain[] combine(ProtectionDomain[] currentDomains,
- ProtectionDomain[] assignedDomains) {
- // get array length for combining protection domains
- int len = 0;
- if (currentDomains != null) {
- len += currentDomains.length;
- }
- if (assignedDomains != null) {
- len += assignedDomains.length;
- }
- if (len == 0) {
- return null;
- }
- ProtectionDomain[] pd = new ProtectionDomain[len];
- // for each current domain substitute set of principal with subject's
- int cur = 0;
- if (currentDomains != null) {
- Set<Principal> s = subject.getPrincipals();
- Principal[] p = s.toArray(new Principal[s.size()]);
- for (cur = 0; cur < currentDomains.length; cur++) {
- ProtectionDomain newPD;
- newPD = new ProtectionDomain(currentDomains[cur].getCodeSource(),
- currentDomains[cur].getPermissions(), currentDomains[cur]
- .getClassLoader(), p);
- pd[cur] = newPD;
- }
- }
- // copy assigned domains
- if (assignedDomains != null) {
- System.arraycopy(assignedDomains, 0, pd, cur, assignedDomains.length);
- }
- return pd;
- }
- }
|