|
JavaTM 2 Platform Std. Ed. v1.4.0 |
||||||||||
$BA0$N%/%i%9(J $B | $B%U%l!<%`$"$j(J $B%U%l!<%`$J$7(J | ||||||||||
$B35MW(J: $BF~$l;R(J | $B%U%#!<%k%I(J | $B%3%s%9%H%i%/%?(J | $B%a%=%C%I(J | $B>\:Y(J: $B%U%#!<%k%I(J | $B%3%s%9%H%i%/%?(J | $B%a%=%C%I(J |
java.lang.Object | +--java.security.AccessController
AccessController $B%/%i%9$O!"%"%/%;%9@)8f$NA`:n$H7hDj$K;HMQ$5$l$^$9!#(J
$B6qBNE*$K$O!"(JAccessController $B%/%i%9$r
checkPermission
$B%a%=%C%I$O!";XDj$7$?%"%/%;%98"$K$h$C$F<($5$l$k%"%/%;%9MW5a$,5v2D$5$l$k$+!"5qH]$5$l$k$+$r7hDj$7$^$9!#0J2<$K!"8F$S=P$7$NNc$r<($7$^$9!#$3$NNc$G$O!"(JcheckPermission
$B$O!"(J/temp $B%G%#%l%/%H%j$N(J testFile $B$H$$$&%U%!%$%k$X$NFI$_9~$_8"$r5v2D$9$k$+$I$&$+$r7hDj$7$^$9!#(J
FilePermission perm = new FilePermission("/temp/testFile", "read"); AccessController.checkPermission(perm);
$BMW5a$7$?%"%/%;%9$,5v2D$5$l$k>l9g$K$O!"(JcheckPermission
$B$O2?$b$7$J$$$GI|5"$7$^$9!#5qH]$5$l$k>l9g$K$O!"(JAccessControlException $B$,%9%m!<$5$l$^$9!#MW5a%"%/%;%98"$,ITE,@Z$G$"$C$?$j!"L58z$JCM$r4^$s$G$$$?>l9g$K$b!"(JAccessControlException $B$O%9%m!<$5$l$k$3$H$,$"$j$^$9!#$=$&$7$?>pJs$O!"2DG=$J>l9g$K$OI,$:Ds6!$5$l$^$9!#(J
$B8=:_$N%9%l%C%I$,!"(Jm $B8D$N8F$S=P$7B&$r(J 1$B!"(J2 (I% (I% (I% m $B$N=gHV$G=hM}$7!"8F$S=P$7B&(J m $B$,(J checkPermission
$B%a%=%C%I$r8F$S=P$7$?$H$7$^$9!#(JcheckPermission
$B%a%=%C%I$O
i = m;
while (i > 0) {
if ($B8F$S=P$7B&$N%I%a%$%s$K%"%/%;%98"$,$J$$(J)
throw AccessControlException
else if ($B8F$S=P$785(J i $B$,FC8"%3!<%I$H$7$F%^!<%/$5$l$F$$$k(J) {
if ($B%3%s%F%-%9%H$,(J doPrivileged $B$N8F$S=P$7$G;XDj$5$l$?(J)
context.checkPermission(permission)
return;
}
i = i - 1;
};
// Next, check the context inherited when
// the thread was created. Whenever a new thread is created, the
// AccessControlContext at that time is
// stored and associated with the new thread, as the "inherited"
// context.
inheritedContext.checkPermission(permission);
$B8F$S=P$7B&$O!"FC8"%3!<%I$H$7$F%^!<%/$G$-$^$9(J (doPrivileged
$B$*$h$S0J2<$N@bL@$r;2>H(J)$B!#%"%/%;%9@)8f$r7hDj$9$k>l9g!"(JcheckPermission
$B%a%=%C%I$O!"%3%s%F%-%9%H0z?t$N$J$$(J doPrivileged
$B$N8F$S=P$7$K$h$C$FFC8"%3!<%I$H$7$F%^!<%/$5$l$?8F$S=P$7B&$KFO$$$?$H$-$K!"8!::$rCf;_$7$^$9(J ($B%3%s%F%-%9%H0z?t$K$D$$$F$O!"0J2<$N@bL@$r;2>H(J)$B!#$=$N8F$S=P$7B&$NNN0h$K;XDj$5$l$?%"%/%;%98"$,$"$k>l9g!"0J8e$N8!::$O9T$o$l$:!"(JcheckPermission
$B$O2?$b$7$J$$$GI|5"$7$F!"MW5a$7$?%"%/%;%9$,5v2D$5$l$?$3$H$r<($7$^$9!#$=$NNN0h$K;XDj$5$l$?%"%/%;%98"$,$J$$>l9g$K$O!"DL>o$I$*$jNc30$,%9%m!<$5$l$^$9!#(J
$B0J2<$K!"FC8"5!G=$NDL>o$N;H$$J}$r@bL@$7$^$9!#FC8"%V%m%C%/Fb$+$iCM$rJV$9I,MW$,$J$$>l9g$K$O!" somemethod() { ...normal code here... AccessController.doPrivileged(new PrivilegedAction() { public Object run() { // privileged code goes here, for example: System.loadLibrary("awt"); return null; // nothing to return } }); ...normal code here... }
PrivilegedAction $B$O!"(JObject $B$rJV$9(J $BCM$rJV$9I,MW$,$"$k>l9g$K$O!"
somemethod() {
...normal code here...
String user = (String) AccessController.doPrivileged(
new PrivilegedAction() {
public Object run() {
return System.getProperty("user.name");
}
}
);
...normal code here...
}
$BFC8"9=B$$N;HMQ$K$O:Y?4$NCm0U$rJ'$C$F!"FC8"%3!<%I%;%/%7%g%s$r$G$-$k$@$1>.$5$/$7$F$/$@$5$$!#(J
AccessControlContext $B$K$O!"8=:_ $B$^$?!"%3%s%F%-%9%H$r$I$N%"%/%;%98"$G8!::$9$k$+$,!";vA0$K$OITL@$J>l9g$,$"$j$^$9!#$3$&$7$?>l9g$K$O!"%3%s%F%-%9%H$rCM$H$7$F$H$k(J doPrivileged $B%a%=%C%I$r;HMQ$G$-$^$9!#(J
run
$B$H$$$&%a%=%C%I$r;}$D%$%s%?%U%'!<%9$G$9!#>e5-$NNc$O!"$=$N%$%s%?%U%'!<%9$NdoPrivileged
$B$K(J PrivilegedAction $B$Nrun
$B%a%=%C%I$NLa$jCM$r(J doPrivileged
$B$NLa$jCM(J ($B>e5-$NNc$G$OL5;k$5$l$F$$$k(J) $B$H$7$FJV$7$^$9!#(J
run
$B%a%=%C%I$GPrivilegedAction
$B%$%s%?%U%'!<%9$NBe$o$j$K(J PrivilegedExceptionAction
$B%$%s%?%U%'!<%9$r;HMQ$9$kI,MW$,$"$j$^$9!#(J
somemethod() throws FileNotFoundException {
...normal code here...
try {
FileInputStream fis = (FileInputStream) AccessController.doPrivileged(
new PrivilegedExceptionAction() {
public Object run() throws FileNotFoundException {
return new FileInputStream("someFile");
}
}
);
} catch (PrivilegedActionException e) {
// e.getException() should be an instance of FileNotFoundException,
// as only "checked" exceptions will be "wrapped" in a
//
PrivilegedActionException
.
throw (FileNotFoundException) e.getException();
}
...normal code here...
}
checkPermission
$B$O!">o$K8=:_getContext
$B%a%=%C%I$H(J AccessControlContext $B%/%i%9$,Ds6!$5$l$F$$$^$9!#(JgetContext
$B%a%=%C%I$O!"8=:_$N8F$S=P$7B&%3%s%F%-%9%H$N!V%9%J%C%W%7%g%C%H!W$rcheckPermission
$B%a%=%C%I$r8F$S=P$9$3$H$,$G$-$^$9!#0J2<$K!"8F$S=P$7$NNc$r<($7$^$9!#(J
acc.checkPermission(permission)
somemethod() {
AccessController.doPrivileged(new PrivilegedAction() {
public Object run() {
// Code goes here. Any permission checks within this
// run method will require that the intersection of the
// callers protection domain and the snapshot's
// context have the desired permission.
}
}, acc);
...normal code here...
}
AccessControlContext
$B%a%=%C%I$N35MW(J
static void
checkPermission(Permission perm)
$B8=:_M-8z$J%;%-%e%j%F%#%]%j%7!<$K4p$E$$$F!";XDj$5$l$?%"%/%;%98"$K$h$C$F<($5$l$k%"%/%;%9MW5a$,5v2D$5$l$k$+!"5qH]$5$l$k$+$r7hDj$7$^$9!#(J
static Object
doPrivileged(PrivilegedAction action)
$BM-8z$K$J$C$?FC8"$r;H$C$F!";XDj$5$l$?(J PrivilegedAction
$B$r
static Object
doPrivileged(PrivilegedAction action,
AccessControlContext context)
$B;XDj$5$l$?(J AccessControlContext
$B$K$h$C$FM-8z$K$J$j!"$+$D@)8B$5$l$kFC8"$r;H$C$F!";XDj$5$l$?(J PrivilegedAction
$B$r
static Object
doPrivileged(PrivilegedExceptionAction action)
$BM-8z$K$J$C$?FC8"$r;H$C$F!";XDj$5$l$?(J PrivilegedExceptionAction
$B$r
static Object
doPrivileged(PrivilegedExceptionAction action,
AccessControlContext context)
$B;XDj$5$l$?(J AccessControlContext
$B$K$h$C$FM-8z$K$J$j!"$+$D@)8B$5$l$kFC8"$r;H$C$F!";XDj$5$l$?(J PrivilegedExceptionAction
$B$r
static AccessControlContext
getContext()
$B8=:_$N%9%l%C%I$N7Q>5$5$l$?(J AccessControlContext $B$r4^$`!"8=:_$N8F$S=P$7B&%3%s%F%-%9%H$N!V%9%J%C%W%7%g%C%H!W$r
$B%/%i%9(J java.lang.Object $B$+$i7Q>5$7$?%a%=%C%I(J
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
$B%a%=%C%I$N>\:Y(J
doPrivileged
public static Object doPrivileged(PrivilegedAction action)
PrivilegedAction
$B$rrun
$B%a%=%C%I$,L$3NG'$NNc30$r%9%m!<$9$k$H!"Nc30$O$3$N%a%=%C%I$r;H$C$FAw$i$l$^$9!#(J
action
- $Brun
$B%a%=%C%I$K$h$C$FJV$5$l$kCM(JdoPrivileged(PrivilegedAction,AccessControlContext)
,
doPrivileged(PrivilegedExceptionAction)
doPrivileged
public static Object doPrivileged(PrivilegedAction action,
AccessControlContext context)
AccessControlContext
$B$K$h$C$FM-8z$K$J$j!"$+$D@)8B$5$l$kFC8"$r;H$C$F!";XDj$5$l$?(J PrivilegedAction
$B$rrun
$B%a%=%C%I$,L$3NG'$NNc30$r%9%m!<$9$k$H!"Nc30$O$3$N%a%=%C%I$r;H$C$FAw$i$l$^$9!#(J
action
- $Bcontext
- $B;XDj$5$l$?%"%/%7%g%s$Nrun
$B%a%=%C%I$K$h$C$FJV$5$l$kCM(JdoPrivileged(PrivilegedAction)
,
doPrivileged(PrivilegedExceptionAction,AccessControlContext)
doPrivileged
public static Object doPrivileged(PrivilegedExceptionAction action)
throws PrivilegedActionException
PrivilegedExceptionAction
$B$rrun
$B%a%=%C%I$,!VL$3NG'!W$NNc30$r%9%m!<$9$k$H!"Nc30$O$3$N%a%=%C%I$r;H$C$FAw$i$l$^$9!#(J
action
- $Brun
$B%a%=%C%I$K$h$C$FJV$5$l$kCM(J
PrivilegedActionException
- $B;XDj$5$l$?%"%/%7%g%s$N(J run
$B%a%=%C%I$,!V3NG':Q!W$NNc30$r%9%m!<$7$?>l9g(JdoPrivileged(PrivilegedAction)
,
doPrivileged(PrivilegedExceptionAction,AccessControlContext)
doPrivileged
public static Object doPrivileged(PrivilegedExceptionAction action,
AccessControlContext context)
throws PrivilegedActionException
AccessControlContext
$B$K$h$C$FM-8z$K$J$j!"$+$D@)8B$5$l$kFC8"$r;H$C$F!";XDj$5$l$?(J PrivilegedExceptionAction
$B$rrun
$B%a%=%C%I$,!VL$3NG'!W$NNc30$r%9%m!<$9$k$H!"Nc30$O$3$N%a%=%C%I$r;H$C$FAw$i$l$^$9!#(J
action
- $Bcontext
- $B;XDj$5$l$?%"%/%7%g%s$Nrun
$B%a%=%C%I$K$h$C$FJV$5$l$kCM(J
PrivilegedActionException
- $B;XDj$5$l$?%"%/%7%g%s$N(J run
$B%a%=%C%I$,!V3NG':Q!W$NNc30$r%9%m!<$7$?>l9g(JdoPrivileged(PrivilegedAction)
,
doPrivileged(PrivilegedExceptionAction,AccessControlContext)
getContext
public static AccessControlContext getContext()
AccessControlContext
checkPermission
public static void checkPermission(Permission perm)
throws AccessControlException
perm
- $BMW5a%"%/%;%98"(J
AccessControlException
- $B8=:_$N%;%-%e%j%F%#%]%j%7!<$K4p$E$$$F!";XDj$5$l$?%"%/%;%98"$,5v2D$5$l$J$$>l9g(J
$B35MW(J
$B%Q%C%1!<%8(J
$B%/%i%9(J
$B;HMQ(J
$B3,AX%D%j!<(J
$BHs?d>)(J API
$B:w0z(J
$B%X%k%W(J
JavaTM 2
Platform
Std. Ed. v1.4.0
$BA0$N%/%i%9(J
$B
$B%U%l!<%`$"$j(J
$B%U%l!<%`$J$7(J
$B35MW(J: $BF~$l;R(J | $B%U%#!<%k%I(J | $B%3%s%9%H%i%/%?(J | $B%a%=%C%I(J
$B>\:Y(J: $B%U%#!<%k%I(J | $B%3%s%9%H%i%/%?(J | $B%a%=%C%I(J
$B%P%0$NJs9p$H5!G=$N%j%/%(%9%H(J
$B$3$l0J30$N(J API $B%j%U%!%l%s%9$*$h$S3+H/
Copyright 1993-2002 Sun Microsystems, Inc. 901 San Antonio Road
Palo Alto, California, 94303, U.S.A. All Rights Reserved.