public final class JpsSubject
extends java.lang.Object
Constructor and Description |
---|
JpsSubject() |
Modifier and Type | Method and Description |
---|---|
static <T> T |
doAs(javax.security.auth.Subject subject, java.security.PrivilegedAction<T> action)
Perform work as a particular
Subject . |
static <T> T |
doAs(javax.security.auth.Subject subject, java.security.PrivilegedExceptionAction<T> action)
Perform work as a particular
Subject . |
static <T> T |
doAsPrivileged(javax.security.auth.Subject subject, java.security.PrivilegedAction<T> action, java.security.AccessControlContext acc)
Perform privileged work as a particular
Subject . |
static <T> T |
doAsPrivileged(javax.security.auth.Subject subject, java.security.PrivilegedExceptionAction<T> action, java.security.AccessControlContext acc)
Perform privileged work as a particular
Subject . |
static javax.security.auth.Subject |
getSubject(java.security.AccessControlContext acc)
Get the
Subject associated with the provided AccessControlContext . |
static <T> T |
invokeAs(javax.security.auth.Subject subject, java.security.PrivilegedAction<T> action)
Perform privileged action as a particular
Subject . |
static <T> T |
invokeAs(javax.security.auth.Subject subject, java.security.PrivilegedExceptionAction<T> action)
Perform privileged action as a particular
Subject . |
public static javax.security.auth.Subject getSubject(java.security.AccessControlContext acc)
Subject
associated with the provided AccessControlContext
.
The AccessControlContext
may contain many Subjects (from nested doAs
calls). In this situation, the most recent Subject
associated with the AccessControlContext
is returned.
acc
- the AccessControlContext
from which to retrieve the Subject
.Subject
associated with the provided AccessControlContext
, or null
if no Subject
is associated with the provided AccessControlContext
.java.lang.SecurityException
- if the caller does not have permission to get the Subject
.java.lang.NullPointerException
- if the provided AccessControlContext
is null
.public static <T> T doAs(javax.security.auth.Subject subject, java.security.PrivilegedAction<T> action)
Subject
.
This method first retrieves the current Thread's AccessControlContext
via AccessController.getContext
, and then instantiates a new AccessControlContext
using the retrieved context along with a new JpsSubjectDomainCombiner
(constructed using the provided Subject
). Finally, this method invokes AccessController.doPrivileged
, passing it the provided PrivilegedAction
, as well as the newly constructed AccessControlContext
.
subject
- the Subject
that the specified action
will run as. This parameter may be null
.action
- the code to be run as the specified Subject
.Object
returned by the PrivilegedAction's run
method.java.lang.NullPointerException
- if the PrivilegedAction
is null
.java.lang.SecurityException
- if the caller does not have permission to invoke this method.public static <T> T doAs(javax.security.auth.Subject subject, java.security.PrivilegedExceptionAction<T> action) throws java.security.PrivilegedActionException
Subject
.
This method first retrieves the current Thread's AccessControlContext
via AccessController.getContext
, and then instantiates a new AccessControlContext
using the retrieved context along with a new JpsSubjectDomainCombiner
(constructed using the provided Subject
). Finally, this method invokes AccessController.doPrivileged
, passing it the provided PrivilegedExceptionAction
, as well as the newly constructed AccessControlContext
.
subject
- the Subject
that the specified action
will run as. This parameter may be null
.action
- the code to be run as the specified Subject
.Object
returned by the PrivilegedExceptionAction's run
method.java.security.PrivilegedActionException
- if the PrivilegedExceptionAction.run
method throws a checked exception.java.lang.NullPointerException
- if the specified PrivilegedExceptionAction
is null
.java.lang.SecurityException
- if the caller does not have permission to invoke this method.public static <T> T doAsPrivileged(javax.security.auth.Subject subject, java.security.PrivilegedAction<T> action, java.security.AccessControlContext acc)
Subject
.
This method behaves exactly as Subject.doAs
, except that instead of retrieving the current Thread's AccessControlContext
, it uses the provided AccessControlContext
. If the provided AccessControlContext
is null
, this method instantiates a new AccessControlContext
with an empty collection of ProtectionDomains.
subject
- the Subject
that the specified action
will run as. This parameter may be null
.action
- the code to be run as the specified Subject
.acc
- the AccessControlContext
to be tied to the specified subject and action.Object
returned by the PrivilegedAction's run
method.java.lang.NullPointerException
- if the PrivilegedAction
is null
.java.lang.SecurityException
- if the caller does not have permission to invoke this method.public static <T> T doAsPrivileged(javax.security.auth.Subject subject, java.security.PrivilegedExceptionAction<T> action, java.security.AccessControlContext acc) throws java.security.PrivilegedActionException
Subject
.
This method behaves exactly as Subject.doAs
, except that instead of retrieving the current Thread's AccessControlContext
, it uses the provided AccessControlContext
. If the provided AccessControlContext
is null
, this method instantiates a new AccessControlContext
with an empty collection of ProtectionDomains.
subject
- the Subject
that the specified action
will run as. This parameter may be null
.action
- the code to be run as the specified Subject
.acc
- the AccessControlContext
to be tied to the specified subject and action.Object
returned by the PrivilegedExceptionAction's run
method.java.security.PrivilegedActionException
- if the PrivilegedExceptionAction.run
method throws a checked exception.java.lang.NullPointerException
- if the specified PrivilegedExceptionAction
is null
.java.lang.SecurityException
- if the caller does not have permission to invoke this method.public static <T> T invokeAs(javax.security.auth.Subject subject, java.security.PrivilegedAction<T> action)
Subject
.
This method behaves similarly as Subject.doAsPrivileged
, except that the action will be invoked under the context of the Subject
only (i.e. code-based security is not taken into consideration)
The net effect is that any call to AccessController.checkPermission
within the scope of the PrivilegedAction
will be conducted without regard to code-based security -- only the Subject
's security context will be considered.
Calling invokeAs
is appropriate when code-based security is not a concern within the scope of the specified PrivilegedAction
.
subject
- the Subject
that the specified action
will run as. This parameter may be null
.action
- the code to be run as the specified Subject
.Object
returned by the PrivilegedExceptionAction's run
method.java.lang.NullPointerException
- if the specified PrivilegedExceptionAction
is null
.java.lang.SecurityException
- if the caller does not have permission to invoke this method.public static <T> T invokeAs(javax.security.auth.Subject subject, java.security.PrivilegedExceptionAction<T> action) throws java.security.PrivilegedActionException
Subject
.
This method behaves similarly as Subject.doAsPrivileged
, except that the action will be invoked under the context of the Subject
only (i.e. code-based security is not taken into consideration)
The net effect is that any call to AccessController.checkPermission
within the scope of the PrivilegedAction
will be conducted without regard to code-based security -- only the Subject
's security context will be considered.
Calling invokeAs
is appropriate when code-based security is not a concern within the scope of the specified PrivilegedAction
.
subject
- the Subject
that the specified action
will run as. This parameter may be null
.action
- the code to be run as the specified Subject
.Object
returned by the PrivilegedExceptionAction's run
method.java.security.PrivilegedActionException
- if the PrivilegedExceptionAction.run
method throws a checked exception.java.lang.NullPointerException
- if the specified PrivilegedExceptionAction
is null
.java.lang.SecurityException
- if the caller does not have permission to invoke this method.