Skip navigation links

Oracle Fusion Middleware Java API Reference for Oracle Platform Security Services
11g Release 1 (11.1.1)

E14650-03


oracle.security.jps.util
Class JpsSubject

java.lang.Object
  extended by oracle.security.jps.util.JpsSubject


public final class JpsSubject
extends java.lang.Object

Constructor Summary
JpsSubject()
           

 

Method Summary
static java.lang.Object doAs(javax.security.auth.Subject subject, java.security.PrivilegedAction action)
          Perform work as a particular Subject.
static java.lang.Object doAs(javax.security.auth.Subject subject, java.security.PrivilegedExceptionAction action)
          Perform work as a particular Subject.
static java.lang.Object doAsPrivileged(javax.security.auth.Subject subject, java.security.PrivilegedAction action, java.security.AccessControlContext acc)
          Perform privileged work as a particular Subject.
static java.lang.Object doAsPrivileged(javax.security.auth.Subject subject, java.security.PrivilegedExceptionAction action, java.security.AccessControlContext acc)
          Perform privileged work as a particular Subject.
static javax.security.auth.Subject getSubject(java.security.AccessControlContext acc)
          Get the Subject associated with the provided AccessControlContext.
static java.lang.Object invokeAs(javax.security.auth.Subject subject, java.security.PrivilegedAction action)
          Perform privileged action as a particular Subject.
static java.lang.Object invokeAs(javax.security.auth.Subject subject, java.security.PrivilegedExceptionAction action)
          Perform privileged action as a particular Subject.

 

Methods inherited from class java.lang.Object
equals, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

 

Constructor Detail

JpsSubject

public JpsSubject()

Method Detail

getSubject

public static javax.security.auth.Subject getSubject(java.security.AccessControlContext acc)
Get the Subject associated with the provided AccessControlContext. <p/>

The AccessControlContext may contain many Subjects (from nested doAs calls). In this situation, the most recent Subject associated with the AccessControlContext is returned. <p/> <p/>

Parameters:
acc - the AccessControlContext from which to retrieve the Subject.
Returns:
the Subject associated with the provided AccessControlContext, or null if no Subject is associated with the provided AccessControlContext.
Throws:
java.lang.SecurityException - if the caller does not have permission to get the Subject.
java.lang.NullPointerException - if the provided AccessControlContext is null.

doAs

public static java.lang.Object doAs(javax.security.auth.Subject subject,
                                    java.security.PrivilegedAction action)
Perform work as a particular Subject. <p/>

This method first retrieves the current Thread's AccessControlContext via AccessController.getContext, and then instantiates a new AccessControlContext using the retrieved context along with a new JpsSubjectDomainCombiner (constructed using the provided Subject). Finally, this method invokes AccessController.doPrivileged, passing it the provided PrivilegedAction, as well as the newly constructed AccessControlContext. <p/> <p/>

Parameters:
subject - the Subject that the specified action will run as. This parameter may be null.
action - the code to be run as the specified Subject.
Returns:
the Object returned by the PrivilegedAction's run method.
Throws:
java.lang.NullPointerException - if the PrivilegedAction is null.
java.lang.SecurityException - if the caller does not have permission to invoke this method.

doAs

public static java.lang.Object doAs(javax.security.auth.Subject subject,
                                    java.security.PrivilegedExceptionAction action)
                             throws java.security.PrivilegedActionException
Perform work as a particular Subject. <p/>

This method first retrieves the current Thread's AccessControlContext via AccessController.getContext, and then instantiates a new AccessControlContext using the retrieved context along with a new JpsSubjectDomainCombiner (constructed using the provided Subject). Finally, this method invokes AccessController.doPrivileged, passing it the provided PrivilegedExceptionAction, as well as the newly constructed AccessControlContext. <p/> <p/>

Parameters:
subject - the Subject that the specified action will run as. This parameter may be null.
action - the code to be run as the specified Subject.
Returns:
the Object returned by the PrivilegedExceptionAction's run method.
Throws:
java.security.PrivilegedActionException - if the PrivilegedExceptionAction.run method throws a checked exception.
java.lang.NullPointerException - if the specified PrivilegedExceptionAction is null.
java.lang.SecurityException - if the caller does not have permission to invoke this method.

doAsPrivileged

public static java.lang.Object doAsPrivileged(javax.security.auth.Subject subject,
                                              java.security.PrivilegedAction action,
                                              java.security.AccessControlContext acc)
Perform privileged work as a particular Subject. <p/>

This method behaves exactly as Subject.doAs, except that instead of retrieving the current Thread's AccessControlContext, it uses the provided AccessControlContext. If the provided AccessControlContext is null, this method instantiates a new AccessControlContext with an empty collection of ProtectionDomains. <p/> <p/>

Parameters:
subject - the Subject that the specified action will run as. This parameter may be null.
action - the code to be run as the specified Subject.
acc - the AccessControlContext to be tied to the specified subject and action.
Returns:
the Object returned by the PrivilegedAction's run method.
Throws:
java.lang.NullPointerException - if the PrivilegedAction is null.
java.lang.SecurityException - if the caller does not have permission to invoke this method.

doAsPrivileged

public static java.lang.Object doAsPrivileged(javax.security.auth.Subject subject,
                                              java.security.PrivilegedExceptionAction action,
                                              java.security.AccessControlContext acc)
                                       throws java.security.PrivilegedActionException
Perform privileged work as a particular Subject. <p/>

This method behaves exactly as Subject.doAs, except that instead of retrieving the current Thread's AccessControlContext, it uses the provided AccessControlContext. If the provided AccessControlContext is null, this method instantiates a new AccessControlContext with an empty collection of ProtectionDomains. <p/> <p/>

Parameters:
subject - the Subject that the specified action will run as. This parameter may be null.
action - the code to be run as the specified Subject.
acc - the AccessControlContext to be tied to the specified subject and action.
Returns:
the Object returned by the PrivilegedExceptionAction's run method.
Throws:
java.security.PrivilegedActionException - if the PrivilegedExceptionAction.run method throws a checked exception.
java.lang.NullPointerException - if the specified PrivilegedExceptionAction is null.
java.lang.SecurityException - if the caller does not have permission to invoke this method.

invokeAs

public static java.lang.Object invokeAs(javax.security.auth.Subject subject,
                                        java.security.PrivilegedAction action)
Perform privileged action as a particular Subject. <p/>

This method behaves similarly as Subject.doAsPrivileged, except that the action will be invoked under the context of the Subject only (i.e. code-based security is not taken into consideration) <p/> The net effect is that any call to AccessController.checkPermission within the scope of the PrivilegedAction will be conducted without regard to code-based security -- only the Subject's security context will be considered. <p/> Calling invokeAs is appropriate when code-based security is not a concern within the scope of the specified PrivilegedAction. <p/>

Parameters:
subject - the Subject that the specified action will run as. This parameter may be null.
action - the code to be run as the specified Subject.
Returns:
the Object returned by the PrivilegedExceptionAction's run method.
Throws:
java.lang.NullPointerException - if the specified PrivilegedExceptionAction is null.
java.lang.SecurityException - if the caller does not have permission to invoke this method.

invokeAs

public static java.lang.Object invokeAs(javax.security.auth.Subject subject,
                                        java.security.PrivilegedExceptionAction action)
                                 throws java.security.PrivilegedActionException
Perform privileged action as a particular Subject. <p/>

This method behaves similarly as Subject.doAsPrivileged, except that the action will be invoked under the context of the Subject only (i.e. code-based security is not taken into consideration) <p/> The net effect is that any call to AccessController.checkPermission within the scope of the PrivilegedAction will be conducted without regard to code-based security -- only the Subject's security context will be considered. <p/> Calling invokeAs is appropriate when code-based security is not a concern within the scope of the specified PrivilegedAction. <p/>

Parameters:
subject - the Subject that the specified action will run as. This parameter may be null.
action - the code to be run as the specified Subject.
Returns:
the Object returned by the PrivilegedExceptionAction's run method.
Throws:
java.security.PrivilegedActionException - if the PrivilegedExceptionAction.run method throws a checked exception.
java.lang.NullPointerException - if the specified PrivilegedExceptionAction is null.
java.lang.SecurityException - if the caller does not have permission to invoke this method.

Skip navigation links

Oracle Fusion Middleware Java API Reference for Oracle Platform Security Services
11g Release 1 (11.1.1)

E14650-03


Copyright © 2010, Oracle. All rights reserved.