FilePermission perm = new FilePermission("/temp/testFile", "read");
AccessController.checkPermission(perm);
$BMW5a$7$?%"%/%;%9$,5v2D$5$l$k>l9g$K$O!"(BcheckPermission
$B$O2?$b$7$J$$$GI|5"$7$^$9!#5qH]$5$l$k>l9g$K$O!"(BAccessControlException $B$,%9%m!<$5$l$^$9!#MW5a%"%/%;%98"$,ITE,@Z$G$"$C$?$j!"L58z$JCM$r4^$s$G$$$?>l9g$K$b!"(BAccessControlException $B$O%9%m!<$5$l$k$3$H$,$"$j$^$9!#$=$&$7$?>pJs$O!"2DG=$J>l9g$K$OI,$:Ds6!$5$l$^$9!#(B
$B8=:_$N%9%l%C%I$,!"(Bm $B8D$N8F$S=P$7B&$r(B 1$B!"(B2 (I%(B (I%(B (I%(B m $B$N=gHV$G=hM}$7!"8F$S=P$7B&(B m $B$,(B checkPermission
$B%a%=%C%I$r8F$S=P$7$?$H$7$^$9!#(BcheckPermission
$B%a%=%C%I$O
i = m;
while (i > 0) {
if (caller i's domain does not have the permission)
throw AccessControlException
else if (caller i is marked as privileged) {
if (a context was specified in the call to doPrivileged)
context.checkPermission(permission)
return;
}
i = i - 1;
};
// Next, check the context inherited when
// the thread was created. Whenever a new thread is created, the
// AccessControlContext at that time is
// stored and associated with the new thread, as the "inherited"
// context.
inheritedContext.checkPermission(permission);
$B8F$S=P$7B&$O!"FC8"%3!<%I$H$7$F%^!<%/$G$-$^$9(B (doPrivileged
$B$*$h$S0J2<$N@bL@$r;2>H(B)$B!#%"%/%;%9@)8f$r7hDj$9$k>l9g!"(BcheckPermission
$B%a%=%C%I$O!"%3%s%F%-%9%H0z?t$N$J$$(B doPrivileged
$B$N8F$S=P$7$K$h$C$FFC8"%3!<%I$H$7$F%^!<%/$5$l$?8F$S=P$7B&$KFO$$$?$H$-$K!"8!::$rCf;_$7$^$9(B ($B%3%s%F%-%9%H0z?t$K$D$$$F$O!"0J2<$N@bL@$r;2>H(B)$B!#$=$N8F$S=P$7B&$NNN0h$K;XDj$5$l$?%"%/%;%98"$,$"$k>l9g!"0J8e$N8!::$O9T$o$l$:!"(BcheckPermission
$B$O2?$b$7$J$$$GI|5"$7$F!"MW5a$7$?%"%/%;%9$,5v2D$5$l$?$3$H$r<($7$^$9!#$=$NNN0h$K;XDj$5$l$?%"%/%;%98"$,$J$$>l9g$K$O!"DL>o$I$*$jNc30$,%9%m!<$5$l$^$9!#(B
$B0J2<$K!"FC8"5!G=$NDL>o$N;H$$J}$r@bL@$7$^$9!#FC8"%V%m%C%/Fb$+$iCM$rJV$9I,MW$,$J$$>l9g$K$O!"
somemethod() {
...normal code here...
AccessController.doPrivileged(new PrivilegedAction() {
public Object run() {
// privileged code goes here, for example:
System.loadLibrary("awt");
return null; // nothing to return
}
});
...normal code here...
}
PrivilegedAction $B$O!"(BObject $B$rJV$9(B run
$B$H$$$&%a%=%C%I$r;}$D%$%s%?%U%'!<%9$G$9!#>e5-$NNc$O!"$=$N%$%s%?%U%'!<%9$Nrun $B%a%=%C%I$N8GDjdoPrivileged $B$,8F$S=P$5$l$k$H!"$=$N(B doPrivileged
$B$K(B PrivilegedAction $B$NdoPrivileged $B%a%=%C%I$O!"FC8"$rM-8z$K$7$?$"$H$G(B PrivilegedAction $B$Nrun $B%a%=%C%I$r8F$S=P$7!"(Brun
$B%a%=%C%I$NLa$jCM$r(B doPrivileged
$B$NLa$jCM(B ($B>e5-$NNc$G$OL5;k$5$l$F$$$k(B) $B$H$7$FJV$7$^$9!#(B
$BCM$rJV$9I,MW$,$"$k>l9g$K$O!"
somemethod() {
...normal code here...
String user = (String) AccessController.doPrivileged(
new PrivilegedAction() {
public Object run() {
return System.getProperty("user.name");
}
}
);
...normal code here...
}
run
$B%a%=%C%I$Gthrows $B@a$KI=<($5$l$F$$$kNc30(B) $B$r%9%m!<$9$k2DG=@-$,$"$k>l9g$K$O!"(BPrivilegedAction
$B%$%s%?%U%'!<%9$NBe$o$j$K(B PrivilegedExceptionAction
$B%$%s%?%U%'!<%9$r;HMQ$9$kI,MW$,$"$j$^$9!#(B
somemethod() throws FileNotFoundException {
...normal code here...
try {
FileInputStream fis = (FileInputStream) AccessController.doPrivileged(
new PrivilegedExceptionAction() {
public Object run() throws FileNotFoundException {
return new FileInputStream("someFile");
}
}
);
} catch (PrivilegedActionException e) {
// e.getException() should be an instance of FileNotFoundException,
// as only "checked" exceptions will be "wrapped" in a
// PrivilegedActionException
.
throw (FileNotFoundException) e.getException();
}
...normal code here...
}
$BFC8"9=B$$N;HMQ$K$O:Y?4$NCm0U$rJ'$C$F!"FC8"%3!<%I%;%/%7%g%s$r$G$-$k$@$1>.$5$/$7$F$/$@$5$$!#(B
checkPermission
$B$O!">o$K8=:_l9g$b$"$j$^$9!#$3$N>u67$KBP1~$9$k$?$a$K!"(BgetContext
$B%a%=%C%I$H(B AccessControlContext $B%/%i%9$,Ds6!$5$l$F$$$^$9!#(BgetContext
$B%a%=%C%I$O!"8=:_$N8F$S=P$7B&%3%s%F%-%9%H$N!V%9%J%C%W%7%g%C%H!W$r
AccessControlContext acc = AccessController.getContext()
AccessControlContext $B$K$O!"8=:_checkPermission $B%a%=%C%I$,$"$j$^$9!#$7$?$,$C$F!"JL$N%3%s%F%-%9%HFb$N%3!<%I$O!"0JA0$KJ]B8$7$?(B AccessControlContext $B%*%V%8%'%/%H$N(B checkPermission
$B%a%=%C%I$r8F$S=P$9$3$H$,$G$-$^$9!#0J2<$K!"8F$S=P$7$NNc$r<($7$^$9!#(B
acc.checkPermission(permission)
$B$^$?!"%3%s%F%-%9%H$r$I$N%"%/%;%98"$G8!::$9$k$+$,!";vA0$K$OITL@$J>l9g$,$"$j$^$9!#$3$&$7$?>l9g$K$O!"%3%s%F%-%9%H$rCM$H$7$F$H$k(B doPrivileged $B%a%=%C%I$r;HMQ$G$-$^$9!#(B
somemethod() {
AccessController.doPrivileged(new PrivilegedAction() {
public Object run() {
// Code goes here. Any permission checks from this
// point forward require both the current context and
// the snapshot's context to have the desired permission.
}
}, acc);
...normal code here...
}
- $B4XO"9`L\(B:
AccessControlContext
$B%/%i%9(B java.lang.Object $B$+$i7Q>5$7$?%a%=%C%I(B |
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait |
doPrivileged
public static Object doPrivileged(PrivilegedAction action)
- $BM-8z$K$J$C$?FC8"$r;H$C$F!";XDj$5$l$?(B
PrivilegedAction
$B$r
$B%"%/%7%g%s$N(B run
$B%a%=%C%I$,L$3NG'$NNc30$r%9%m!<$9$k$H!"Nc30$O$3$N%a%=%C%I$r;H$C$FAw$i$l$^$9!#(B
- $B%Q%i%a!<%?(B:
action
- $B$BLa$jCM(B: - $B%"%/%7%g%s$N(B
run
$B%a%=%C%I$K$h$C$FJV$5$l$kCM(B - $B4XO"9`L\(B:
doPrivileged(PrivilegedAction,AccessControlContext)
,
doPrivileged(PrivilegedExceptionAction)
doPrivileged
public static Object doPrivileged(PrivilegedAction action,
AccessControlContext context)
- $B;XDj$5$l$?(B
AccessControlContext
$B$K$h$C$FM-8z$K$J$j!"$+$D@)8B$5$l$kFC8"$r;H$C$F!";XDj$5$l$?(B PrivilegedAction
$B$rAccessControlContext $B$K$h$C$FI=$5$l$kNN0h$G=jM-$7$F$$$k%"%/%;%98"$N6&DLItJ,$r;H$C$F
$B%"%/%7%g%s$N(B run
$B%a%=%C%I$,L$3NG'$NNc30$r%9%m!<$9$k$H!"Nc30$O$3$N%a%=%C%I$r;H$C$FAw$i$l$^$9!#(B
- $B%Q%i%a!<%?(B:
action
- $Bcontext
- $B;XDj$5$l$?%"%/%7%g%s$N$BLa$jCM(B: - $B%"%/%7%g%s$N(B
run
$B%a%=%C%I$K$h$C$FJV$5$l$kCM(B - $B4XO"9`L\(B:
doPrivileged(PrivilegedAction)
,
doPrivileged(PrivilegedExceptionAction,AccessControlContext)
doPrivileged
public static Object doPrivileged(PrivilegedExceptionAction action)
throws PrivilegedActionException
- $BM-8z$K$J$C$?FC8"$r;H$C$F!";XDj$5$l$?(B
PrivilegedExceptionAction
$B$r
$B%"%/%7%g%s$N(B run
$B%a%=%C%I$,!VL$3NG'!W$NNc30$r%9%m!<$9$k$H!"Nc30$O$3$N%a%=%C%I$r;H$C$FAw$i$l$^$9!#(B
- $B%Q%i%a!<%?(B:
action
- $B$BLa$jCM(B: - $B%"%/%7%g%s$N(B
run
$B%a%=%C%I$K$h$C$FJV$5$l$kCM(B - $BNc30(B:
PrivilgedActionException
- $B;XDj$5$l$?%"%/%7%g%s$N(B run
$B%a%=%C%I$,!V3NG':Q!W$NNc30$r%9%m!<$7$?>l9g(B- $B4XO"9`L\(B:
doPrivileged(PrivilegedExceptionAction,AccessControlContext)
,
doPrivileged(PrivilegedAction)
doPrivileged
public static Object doPrivileged(PrivilegedExceptionAction action,
AccessControlContext context)
throws PrivilegedActionException
- $B;XDj$5$l$?(B
AccessControlContext
$B$K$h$C$FM-8z$K$J$j!"$+$D@)8B$5$l$kFC8"$r;H$C$F!";XDj$5$l$?(B PrivilegedExceptionAction
$B$rAccessControlContext $B$K$h$C$FI=$5$l$kNN0h$G=jM-$7$F$$$k%"%/%;%98"$N6&DLItJ,$r;H$C$F
$B%"%/%7%g%s$N(B run
$B%a%=%C%I$,!VL$3NG'!W$NNc30$r%9%m!<$9$k$H!"Nc30$O$3$N%a%=%C%I$r;H$C$FAw$i$l$^$9!#(B
- $B%Q%i%a!<%?(B:
action
- $Bcontext
- $B;XDj$5$l$?%"%/%7%g%s$N$BLa$jCM(B: - $B%"%/%7%g%s$N(B
run
$B%a%=%C%I$K$h$C$FJV$5$l$kCM(B - $BNc30(B:
PrivilegedActionException
- $B;XDj$5$l$?%"%/%7%g%s$N(B run
$B%a%=%C%I$,!V3NG':Q!W$NNc30$r%9%m!<$7$?>l9g(B- $B4XO"9`L\(B:
doPrivileged(PrivilegedAction)
,
doPrivileged(PrivilegedExceptionAction,AccessControlContext)
getContext
public static AccessControlContext getContext()
- $B8=:_$N%9%l%C%I$N7Q>5$5$l$?(B AccessControlContext $B$r4^$`!"8=:_$N8F$S=P$7B&%3%s%F%-%9%H$N!V%9%J%C%W%7%g%C%H!W$rl9g$,$"$j$^$9!#(B
- $BLa$jCM(B:
- $B8=:_$N%3%s%F%-%9%H$K4p$E$/(B AccessControlContext
- $B4XO"9`L\(B:
AccessControlContext
checkPermission
public static void checkPermission(Permission perm)
throws AccessControlException
- $B8=:_M-8z$J%;%-%e%j%F%#%]%j%7!<$K4p$E$$$F!";XDj$5$l$?%"%/%;%98"$K$h$C$F<($5$l$k%"%/%;%9MW5a$,5v2D$5$l$k$+!"5qH]$5$l$k$+$r7hDj$7$^$9!#$3$N%a%=%C%I$O!"%"%/%;%9MW5a$,5v2D$5$l$k>l9g$K$O2?$b$7$J$$$GI|5"$7!"$=$&$G$J$$>l9g$K$OE,@Z$J(B AccessControlException $B$r%9%m!<$7$^$9!#(B
- $B%Q%i%a!<%?(B:
perm
- $BMW5a%"%/%;%98"(B- $BNc30(B:
AccessControlException
- $B8=:_$N%;%-%e%j%F%#%]%j%7!<$K4p$E$$$F!";XDj$5$l$?%"%/%;%98"$,5v2D$5$l$J$$>l9g(B
$B%P%0$d5!G=MW5a$NJs9p(B
$B$5$i$K>\$7$$(B API $B%j%U%!%l%s%9$*$h$S3+H/ Java 2 SDK SE Developer Documentation $B$r;2>H$7$F$/$@$5$$!#$3$N%I%-%e%a%s%H$K$O!"35G0!"MQ8l$NDj5A!"2sHr:v!"(B $B]$K$7$?>\:Y$J2r@b$,7G:\$5$l$F$$$^$9!#(B Java$B!"(BJava 2D$B!"(BJDBC $B$O!"JF9q$*$h$S$=$NB>$N9q$K$*$1$kJF9q(B Sun Microsystems, Inc. $B$N>&I8$b$7$/$OEPO?>&I8$G$9!#(B
Copyright 1993-2000 Sun Microsystems, Inc. 901 San Antonio Road,
Palo Alto, California, 94303, U.S.A. All Rights Reserved.