Java Code Examples for java.security.PrivilegedAction

The following are top voted examples for showing how to use java.security.PrivilegedAction. These examples are extracted from open source projects. You can vote up the examples you like and your votes will be used in our system to generate more good examples.
Example 1
Project: jdk8u-jdk   File: JDK13Services.java   View source code 7 votes vote down vote up
/** Obtain the value of a default provider property.
    @param typeClass The type of the default provider property. This
    should be one of Receiver.class, Transmitter.class, Sequencer.class,
    Synthesizer.class, SourceDataLine.class, TargetDataLine.class,
    Clip.class or Port.class.
    @return The complete value of the property, if available.
    If the property is not set, null is returned.
 */
private static synchronized String getDefaultProvider(Class typeClass) {
    if (!SourceDataLine.class.equals(typeClass)
            && !TargetDataLine.class.equals(typeClass)
            && !Clip.class.equals(typeClass)
            && !Port.class.equals(typeClass)
            && !Receiver.class.equals(typeClass)
            && !Transmitter.class.equals(typeClass)
            && !Synthesizer.class.equals(typeClass)
            && !Sequencer.class.equals(typeClass)) {
        return null;
    }
    String name = typeClass.getName();
    String value = AccessController.doPrivileged(
            (PrivilegedAction<String>) () -> System.getProperty(name));
    if (value == null) {
        value = getProperties().getProperty(name);
    }
    if ("".equals(value)) {
        value = null;
    }
    return value;
}
 
Example 2
Project: openjdk-jdk10   File: CertChainUnclosed.java   View source code 6 votes vote down vote up
public static void main(String[] args) throws Exception {
    String os = AccessController.doPrivileged(
                (PrivilegedAction<String>)() -> System.getProperty("os.name"));
    if (!os.toUpperCase(Locale.US).contains("WINDOWS")) {
        System.out.println("Not Windows. Skip test.");
        return;
    }

    kt("-genkeypair -alias a -dname CN=A");
    kt("-exportcert -file a.crt -alias a");
    Files.copy(Paths.get(System.getProperty("test.src"), "AlgOptions.jar"),
            Paths.get("test.jar"));
    sun.security.tools.jarsigner.Main.main(
            "-storepass changeit -keystore jks -certchain a.crt test.jar a"
                    .split(" "));

    // On Windows, if the file is still opened (or not if GC was
    // performed) and the next line would fail
    Files.delete(Paths.get("a.crt"));
}
 
Example 3
Project: dev-courses   File: RefCapablePropertyResourceBundle.java   View source code 6 votes vote down vote up
/**
 * Recursive
 */
private InputStream getMostSpecificStream(
        String key, String l, String c, String v) {
    final String filePath = baseName.replace('.', '/') + '/' + key
            + ((l == null) ? "" : ("_" + l))
            + ((c == null) ? "" : ("_" + c))
            + ((v == null) ? "" : ("_" + v))
            + ".text";
    // System.err.println("Seeking " + filePath);
    InputStream is = (InputStream) AccessController.doPrivileged(
        new PrivilegedAction() {

        public InputStream run() {
            return loader.getResourceAsStream(filePath);
        }
    });
    // N.b.  If were using Class.getRes... instead of ClassLoader.getRes...
    // we would need to prefix the path with "/".
    return (is == null && l != null)
        ? getMostSpecificStream(key, ((c == null) ? null : l),
                ((v == null) ? null : c), null)
        : is;
}
 
Example 4
Project: holon-core   File: AbstractDatastore.java   View source code 6 votes vote down vote up
/**
 * Load default {@link ExpressionResolver}s using Java {@link ServiceLoader} extensions only if
 * {@link #getExpressionResolverType()} is not null.
 * @param classLoader The ClassLoader to use. If <code>null</code>, this class ClassLoader or the default
 *        ClassLoader will be used.
 */
@SuppressWarnings({ "rawtypes", "unchecked" })
protected synchronized void loadExpressionResolvers(ClassLoader classLoader) {
	final Class<? extends ExpressionResolver> expressionResolverType = getExpressionResolverType();
	if (expressionResolverType != null) {
		final ClassLoader cl = (classLoader != null) ? classLoader
				: (this.getClass().getClassLoader() != null) ? this.getClass().getClassLoader()
						: ClassUtils.getDefaultClassLoader();

		LOGGER.debug(() -> "Load ExpressionResolvers for classloader [" + cl
				+ "] using ServiceLoader with service name: " + expressionResolverType.getName());

		// load from META-INF/services
		Iterable<? extends ExpressionResolver> loaded = AccessController
				.doPrivileged(new PrivilegedAction<Iterable<? extends ExpressionResolver>>() {
					@Override
					public Iterable<? extends ExpressionResolver> run() {
						return ServiceLoader.load(expressionResolverType, classLoader);
					}
				});
		loaded.forEach(er -> {
			addExpressionResolver(er);
			LOGGER.debug(() -> "Registered ExpressionResolver [" + er.getClass().getName() + "]");
		});
	}
}
 
Example 5
Project: OpenJSharp   File: XMLDecoder.java   View source code 6 votes vote down vote up
private boolean parsingComplete() {
    if (this.input == null) {
        return false;
    }
    if (this.array == null) {
        if ((this.acc == null) && (null != System.getSecurityManager())) {
            throw new SecurityException("AccessControlContext is not set");
        }
        AccessController.doPrivileged(new PrivilegedAction<Void>() {
            public Void run() {
                XMLDecoder.this.handler.parse(XMLDecoder.this.input);
                return null;
            }
        }, this.acc);
        this.array = this.handler.getObjects();
    }
    return true;
}
 
Example 6
Project: jdk8u-jdk   File: RowSetProvider.java   View source code 6 votes vote down vote up
/**
 * Returns the requested System Property.  If a {@code SecurityException}
 * occurs, just return NULL
 * @param propName - System property to retrieve
 * @return The System property value or NULL if the property does not exist
 * or a {@code SecurityException} occurs.
 */
static private String getSystemProperty(final String propName) {
    String property = null;
    try {
        property = AccessController.doPrivileged(new PrivilegedAction<String>() {

            public String run() {
                return System.getProperty(propName);
            }
        }, null, new PropertyPermission(propName, "read"));
    } catch (SecurityException se) {
        trace("error getting " + propName + ":  "+ se);
        if (debug) {
            se.printStackTrace();
        }
    }
    return property;
}
 
Example 7
Project: jdk8u-jdk   File: Cleaner.java   View source code 6 votes vote down vote up
/**
 * Runs this cleaner, if it has not been run before.
 */
public void clean() {
    if (!remove(this))
        return;
    try {
        thunk.run();
    } catch (final Throwable x) {
        AccessController.doPrivileged(new PrivilegedAction<Void>() {
                public Void run() {
                    if (System.err != null)
                        new Error("Cleaner terminated abnormally", x)
                            .printStackTrace();
                    System.exit(1);
                    return null;
                }});
    }
}
 
Example 8
Project: Progetto-C   File: Log.java   View source code 6 votes vote down vote up
/**
 * Check if the system property org.newdawn.slick.verboseLog is set to true.
 * If this is the case we activate the verbose logging mode
 */
public static void checkVerboseLogSetting() {
	try {
		AccessController.doPrivileged(new PrivilegedAction() {
            public Object run() {
				String val = System.getProperty(Log.forceVerboseProperty);
				if ((val != null) && (val.equalsIgnoreCase(Log.forceVerbosePropertyOnValue))) {
					Log.setForcedVerboseOn();
				}
				
				return null;
            }
		});
	} catch (Throwable e) {
		// ignore, security failure - probably an applet
	}
}
 
Example 9
Project: jdk8u-jdk   File: AquaLookAndFeel.java   View source code 6 votes vote down vote up
/**
 * UIManager.setLookAndFeel calls this method before the first
 * call (and typically the only call) to getDefaults().  Subclasses
 * should do any one-time setup they need here, rather than
 * in a static initializer, because look and feel class objects
 * may be loaded just to discover that isSupportedLookAndFeel()
 * returns false.
 *
 * @see #uninitialize
 * @see UIManager#setLookAndFeel
 */
public void initialize() {
    java.security.AccessController.doPrivileged(new PrivilegedAction<Void>() {
            public Void run() {
                System.loadLibrary("osxui");
                return null;
            }
        });

    java.security.AccessController.doPrivileged(new PrivilegedAction<Void>(){
        @Override
        public Void run() {
            JRSUIControl.initJRSUI();
            return null;
        }
    });

    super.initialize();
    final ScreenPopupFactory spf = new ScreenPopupFactory();
    spf.setActive(true);
    PopupFactory.setSharedInstance(spf);

    KeyboardFocusManager.getCurrentKeyboardFocusManager().addKeyEventPostProcessor(AquaMnemonicHandler.getInstance());
}
 
Example 10
Project: lams   File: PageContextImpl.java   View source code 6 votes vote down vote up
public int getAttributesScope(final String name) {

		if (name == null) {
			throw new NullPointerException(Localizer
					.getMessage("jsp.error.attribute.null_name"));
		}

		if (SecurityUtil.isPackageProtectionEnabled()) {
			return ((Integer) AccessController
					.doPrivileged(new PrivilegedAction() {
						public Object run() {
							return new Integer(doGetAttributeScope(name));
						}
					})).intValue();
		} else {
			return doGetAttributeScope(name);
		}
	}
 
Example 11
Project: dice   File: JDKThreadedEntropySource.java   View source code 6 votes vote down vote up
/**
 * The constructor is only called once to construct the one
 * instance we actually use. It instantiates the message digest
 * and starts the thread going.
 */

ThreadedSeedGenerator() {
    pool = new byte[20];
    start = end = 0;

    final ThreadGroup[] finalsg = new ThreadGroup[1];
    Thread t = java.security.AccessController.doPrivileged
            ((PrivilegedAction<Thread>) () -> {
                ThreadGroup parent, group =
                        Thread.currentThread().getThreadGroup();
                while ((parent = group.getParent()) != null)
                    group = parent;
                finalsg[0] = new ThreadGroup
                        (group, "Dice SeedGenerator ThreadGroup");
                Thread newT = new Thread(finalsg[0],
                        ThreadedSeedGenerator.this,
                        "Dice SeedGenerator Thread");
                newT.setPriority(Thread.MIN_PRIORITY);
                newT.setDaemon(true);
                return newT;
            });
    seedGroup = finalsg[0];
    t.start();
}
 
Example 12
Project: rosette-elasticsearch-plugin   File: NameTranslationProcessor.java   View source code 6 votes vote down vote up
@Override
public void processDocument(String inputText, IngestDocument ingestDocument) throws Exception {
    // call /name-translation endpoint and set the result in the field
    NameTranslationRequest request = new NameTranslationRequest.Builder(inputText, targetLanguage)
            .entityType(entityType)
            .targetScript(targetScript)
            .sourceLanguageOfUse(sourceLanguage)
            .sourceLanguageOfOrigin(sourceOrigin)
            .sourceScript(sourceScript).build();

    NameTranslationResponse response;
    try {
        // RosApi client binding's Jackson needs elevated privilege
        response = AccessController.doPrivileged((PrivilegedAction<NameTranslationResponse>) () ->
                rosAPI.getHttpRosetteAPI().perform(AbstractRosetteAPI.NAME_TRANSLATION_SERVICE_PATH, request, NameTranslationResponse.class)
        );
    } catch (HttpRosetteAPIException ex) {
        LOGGER.error(ex.getErrorResponse().getMessage());
        throw new ElasticsearchException(ex.getErrorResponse().getMessage(), ex);
    }

    ingestDocument.setFieldValue(targetField, response.getTranslation());
}
 
Example 13
Project: OpenJSharp   File: Activation.java   View source code 6 votes vote down vote up
/**
 * Prints warning message if installed Policy is the default Policy
 * implementation and globally granted permissions do not include
 * AllPermission or any ExecPermissions/ExecOptionPermissions.
 */
static void checkConfiguration() {
    Policy policy =
        AccessController.doPrivileged(new PrivilegedAction<Policy>() {
            public Policy run() {
                return Policy.getPolicy();
            }
        });
    if (!(policy instanceof PolicyFile)) {
        return;
    }
    PermissionCollection perms = getExecPermissions();
    for (Enumeration<Permission> e = perms.elements();
         e.hasMoreElements();)
    {
        Permission p = e.nextElement();
        if (p instanceof AllPermission ||
            p instanceof ExecPermission ||
            p instanceof ExecOptionPermission)
        {
            return;
        }
    }
    System.err.println(getTextResource("rmid.exec.perms.inadequate"));
}
 
Example 14
Project: lams   File: ConstructorResolver.java   View source code 6 votes vote down vote up
/**
 * Retrieve all candidate methods for the given class, considering
 * the {@link RootBeanDefinition#isNonPublicAccessAllowed()} flag.
 * Called as the starting point for factory method determination.
 */
private Method[] getCandidateMethods(final Class<?> factoryClass, final RootBeanDefinition mbd) {
	if (System.getSecurityManager() != null) {
		return AccessController.doPrivileged(new PrivilegedAction<Method[]>() {
			@Override
			public Method[] run() {
				return (mbd.isNonPublicAccessAllowed() ?
						ReflectionUtils.getAllDeclaredMethods(factoryClass) : factoryClass.getMethods());
			}
		});
	}
	else {
		return (mbd.isNonPublicAccessAllowed() ?
				ReflectionUtils.getAllDeclaredMethods(factoryClass) : factoryClass.getMethods());
	}
}
 
Example 15
Project: jdk8u-jdk   File: UnicastServerRef.java   View source code 6 votes vote down vote up
/**
 * Sets a filter for invocation arguments, if a filter has been set.
 * Called by dispatch before the arguments are read.
 */
protected void unmarshalCustomCallData(ObjectInput in)
        throws IOException, ClassNotFoundException {
    if (filter != null &&
            in instanceof ObjectInputStream) {
        // Set the filter on the stream
        ObjectInputStream ois = (ObjectInputStream) in;

        AccessController.doPrivileged(new PrivilegedAction<Void>() {
            @Override
            public Void run() {
                ObjectInputFilter.Config.setObjectInputFilter(ois, filter);
                return null;
            }
        });
    }
}
 
Example 16
Project: OpenJSharp   File: Win32ShellFolderManager2.java   View source code 6 votes vote down vote up
private ComInvoker() {
    super(1, 1, 0, TimeUnit.DAYS, new LinkedBlockingQueue<Runnable>());
    allowCoreThreadTimeOut(false);
    setThreadFactory(this);
    final Runnable shutdownHook = new Runnable() {
        public void run() {
            AccessController.doPrivileged(new PrivilegedAction<Void>() {
                public Void run() {
                    shutdownNow();
                    return null;
                }
            });
        }
    };
    AccessController.doPrivileged(new PrivilegedAction<Void>() {
        public Void run() {
            Runtime.getRuntime().addShutdownHook(
                new Thread(shutdownHook)
            );
            return null;
        }
    });
}
 
Example 17
Project: tomcat7   File: Response.java   View source code 6 votes vote down vote up
public StringBuffer generateCookieString(final Cookie cookie) {
    final StringBuffer sb = new StringBuffer();
    //web application code can receive a IllegalArgumentException
    //from the appendCookieValue invocation
    if (SecurityUtil.isPackageProtectionEnabled()) {
        AccessController.doPrivileged(new PrivilegedAction<Void>() {
            @Override
            public Void run(){
                ServerCookie.appendCookieValue
                    (sb, cookie.getVersion(), cookie.getName(),
                     cookie.getValue(), cookie.getPath(),
                     cookie.getDomain(), cookie.getComment(),
                     cookie.getMaxAge(), cookie.getSecure(),
                     cookie.isHttpOnly());
                return null;
            }
        });
    } else {
        ServerCookie.appendCookieValue
            (sb, cookie.getVersion(), cookie.getName(), cookie.getValue(),
                 cookie.getPath(), cookie.getDomain(), cookie.getComment(),
                 cookie.getMaxAge(), cookie.getSecure(),
                 cookie.isHttpOnly());
    }
    return sb;
}
 
Example 18
Project: OpenJSharp   File: AppContext.java   View source code 6 votes vote down vote up
/**
 * Constructor for AppContext.  This method is <i>not</i> public,
 * nor should it ever be used as such.  The proper way to construct
 * an AppContext is through the use of SunToolkit.createNewAppContext.
 * A ThreadGroup is created for the new AppContext, a Thread is
 * created within that ThreadGroup, and that Thread calls
 * SunToolkit.createNewAppContext before calling anything else.
 * That creates both the new AppContext and its EventQueue.
 *
 * @param   threadGroup     The ThreadGroup for the new AppContext
 * @see     sun.awt.SunToolkit
 * @since   1.2
 */
AppContext(ThreadGroup threadGroup) {
    numAppContexts.incrementAndGet();

    this.threadGroup = threadGroup;
    threadGroup2appContext.put(threadGroup, this);

    this.contextClassLoader =
         AccessController.doPrivileged(new PrivilegedAction<ClassLoader>() {
                public ClassLoader run() {
                    return Thread.currentThread().getContextClassLoader();
                }
            });

    // Initialize push/pop lock and its condition to be used by all the
    // EventQueues within this AppContext
    Lock eventQueuePushPopLock = new ReentrantLock();
    put(EVENT_QUEUE_LOCK_KEY, eventQueuePushPopLock);
    Condition eventQueuePushPopCond = eventQueuePushPopLock.newCondition();
    put(EVENT_QUEUE_COND_KEY, eventQueuePushPopCond);
}
 
Example 19
Project: openjdk-jdk10   File: DefaultMBeanServerInterceptor.java   View source code 6 votes vote down vote up
private static void checkMBeanTrustPermission(final Class<?> theClass)
    throws SecurityException {
    SecurityManager sm = System.getSecurityManager();
    if (sm != null) {
        Permission perm = new MBeanTrustPermission("register");
        PrivilegedAction<ProtectionDomain> act =
            new PrivilegedAction<ProtectionDomain>() {
                public ProtectionDomain run() {
                    return theClass.getProtectionDomain();
                }
            };
        ProtectionDomain pd = AccessController.doPrivileged(act);
        AccessControlContext acc =
            new AccessControlContext(new ProtectionDomain[] { pd });
        sm.checkPermission(perm, acc);
    }
}
 
Example 20
Project: openjdk-jdk10   File: ServiceRegistry.java   View source code 6 votes vote down vote up
public synchronized void clear() {
    Iterator<Object> iter = map.values().iterator();
    while (iter.hasNext()) {
        Object provider = iter.next();
        iter.remove();

        if (provider instanceof RegisterableService) {
            RegisterableService rs = (RegisterableService)provider;
            AccessControlContext acc = accMap.get(provider.getClass());
            if (acc != null || System.getSecurityManager() == null) {
                AccessController.doPrivileged((PrivilegedAction<Void>) () -> {
                rs.onDeregistration(registry, category);
                    return null;
                }, acc);
            }
        }
    }
    poset.clear();
    accMap.clear();
}
 
Example 21
Project: tomcat7   File: Introspection.java   View source code 6 votes vote down vote up
/**
 * Obtain the declared fields for a class taking account of any security
 * manager that may be configured.
 */
public static Field[] getDeclaredFields(final Class<?> clazz) {
    Field[] fields = null;
    if (Globals.IS_SECURITY_ENABLED) {
        fields = AccessController.doPrivileged(
                new PrivilegedAction<Field[]>(){
            @Override
            public Field[] run(){
                return clazz.getDeclaredFields();
            }
        });
    } else {
        fields = clazz.getDeclaredFields();
    }
    return fields;
}
 
Example 22
Project: jdk8u-jdk   File: PollingWatchService.java   View source code 6 votes vote down vote up
@Override
void implClose() throws IOException {
    synchronized (map) {
        for (Map.Entry<Object,PollingWatchKey> entry: map.entrySet()) {
            PollingWatchKey watchKey = entry.getValue();
            watchKey.disable();
            watchKey.invalidate();
        }
        map.clear();
    }
    AccessController.doPrivileged(new PrivilegedAction<Void>() {
        @Override
        public Void run() {
            scheduledExecutor.shutdown();
            return null;
        }
     });
}
 
Example 23
Project: OpenJSharp   File: PollingWatchService.java   View source code 6 votes vote down vote up
@Override
void implClose() throws IOException {
    synchronized (map) {
        for (Map.Entry<Object,PollingWatchKey> entry: map.entrySet()) {
            PollingWatchKey watchKey = entry.getValue();
            watchKey.disable();
            watchKey.invalidate();
        }
        map.clear();
    }
    AccessController.doPrivileged(new PrivilegedAction<Void>() {
        @Override
        public Void run() {
            scheduledExecutor.shutdown();
            return null;
        }
     });
}
 
Example 24
Project: openjdk-jdk10   File: TypeConverterFactory.java   View source code 5 votes vote down vote up
private static ClassLoader getClassLoader(final Class<?> clazz) {
    return AccessController.doPrivileged(new PrivilegedAction<ClassLoader>() {
        @Override
        public ClassLoader run() {
            return clazz.getClassLoader();
        }
    }, GET_CLASS_LOADER_CONTEXT);
}
 
Example 25
Project: lams   File: SecurityActions.java   View source code 5 votes vote down vote up
static void setCurrentRequestContext(final ServletRequestContext servletRequestContext) {
    if (System.getSecurityManager() == null) {
        ServletRequestContext.setCurrentRequestContext(servletRequestContext);
    } else {
        AccessController.doPrivileged(new PrivilegedAction<Object>() {
            @Override
            public Object run() {
                ServletRequestContext.setCurrentRequestContext(servletRequestContext);
                return null;
            }
        });
    }
}
 
Example 26
Project: openjdk-jdk10   File: ContextClassloaderLocal.java   View source code 5 votes vote down vote up
private static ClassLoader getContextClassLoader() {
    return AccessController.doPrivileged(new PrivilegedAction<ClassLoader>() {
        @Override
        public ClassLoader run() {
            ClassLoader cl = null;
            try {
                cl = Thread.currentThread().getContextClassLoader();
            } catch (SecurityException ex) {
            }
            return cl;
        }
    });
}
 
Example 27
Project: NotifyTools   File: Beans.java   View source code 5 votes vote down vote up
private static void setStub(Applet applet, final ClassLoader loader,
        boolean serialized, String beanName) throws ClassNotFoundException {
    // Get path to the resource representing the applet.
    String pathName = beanName.replace('.', '/');
    final String resourceName = serialized ? pathName.concat(".ser") : pathName.concat(".class"); //$NON-NLS-1$ //$NON-NLS-2$
    URL objectUrl = AccessController
            .doPrivileged(new PrivilegedAction<URL>() {
                public URL run() {
                    if (loader == null) {
                        return ClassLoader.getSystemResource(resourceName);
                    }
                    return loader.getResource(resourceName);
                }
            });

    // If we can't get to the applet itself, the codebase and doc base are
    // left as null.
    if (objectUrl == null) {
        applet.setStub(getAppletStub(getStubAppletContext(applet),
                null, null));
        return;
    }

    // Try to decompose the resource URL to get to the doc/code URL
    String urlString = objectUrl.toExternalForm();

    // This is the URL of the directory that contains the applet.
    int codeURLlength = urlString.length() - resourceName.length();
    URL codeBase = safeURL(urlString.substring(0, codeURLlength));

    // URL of the document containing the applet.
    int docURLlength = urlString.lastIndexOf('/');
    URL docBase = safeURL(urlString.substring(0, docURLlength + 1));

    applet.setStub(getAppletStub(getStubAppletContext(applet),
            codeBase, docBase));
}
 
Example 28
Project: NotifyTools   File: EventHandler.java   View source code 5 votes vote down vote up
public Object invoke(final Object proxy, final Method method, final Object[] arguments) {
    return AccessController.doPrivileged(new PrivilegedAction<Object>() {
        public Object run() {
            return invokeImpl(proxy, method, arguments);
        }
    }, context);
}
 
Example 29
Project: gemini.blueprint   File: PrivilegedUtils.java   View source code 5 votes vote down vote up
/**
 * Temporarily changes the TCCL to the given one for the duration of the given execution. All actions except the
 * execution are executed with privileged access.
 * 
 * Consider checking if there is a security manager in place before calling this method.
 * 
 * @param customClassLoader
 * @param execution
 * @return
 */
public static <T> T executeWithCustomTCCL(final ClassLoader customClassLoader,
		final UnprivilegedExecution<T> execution) {
	final Thread currentThread = Thread.currentThread();
	final ClassLoader oldTCCL = getTCCLAction.getTCCL();

	boolean hasSecurity = System.getSecurityManager() != null;

	try {
		if (hasSecurity) {
			AccessController.doPrivileged(new PrivilegedAction<Object>() {

				public Object run() {
					currentThread.setContextClassLoader(customClassLoader);
					return null;
				}
			});
		} else {
			currentThread.setContextClassLoader(customClassLoader);
		}
		return execution.run();
	} finally {
		if (hasSecurity) {
			AccessController.doPrivileged(new PrivilegedAction<Object>() {
				public Object run() {
					currentThread.setContextClassLoader(oldTCCL);
					return null;
				}
			});
		} else {
			currentThread.setContextClassLoader(oldTCCL);
		}
	}
}
 
Example 30
Project: openjdk-jdk10   File: ReflectionNavigator.java   View source code 5 votes vote down vote up
public Collection<? extends Method> getDeclaredMethods(final Class clazz) {
    Method[] methods =
        AccessController.doPrivileged(new PrivilegedAction<Method[]>() {
            @Override
            public Method[] run() {
                return clazz.getDeclaredMethods();
            }
        });
    return Arrays.asList(methods);
}
 
Example 31
Project: jdk8u-jdk   File: RMIConnector.java   View source code 5 votes vote down vote up
private ClassLoader pushDefaultClassLoader() {
    final Thread t = Thread.currentThread();
    final ClassLoader old =  t.getContextClassLoader();
    if (defaultClassLoader != null)
        AccessController.doPrivileged(new PrivilegedAction<Void>() {
            public Void run() {
                t.setContextClassLoader(defaultClassLoader);
                return null;
            }
        });
        return old;
}
 
Example 32
Project: openjdk-jdk10   File: OutputStreamFactory.java   View source code 5 votes vote down vote up
public static EncapsOutputStream newEncapsOutputStream(
        final ORB orb) {
    return AccessController.doPrivileged(
        new PrivilegedAction<EncapsOutputStream>() {
            @Override
            public EncapsOutputStream run() {
                return new EncapsOutputStream(
                    (com.sun.corba.se.spi.orb.ORB)orb);
            }
    });
}
 
Example 33
Project: openjdk-jdk10   File: RegistryImpl.java   View source code 5 votes vote down vote up
/**
 * Generates an AccessControlContext with minimal permissions.
 * The approach used here is taken from the similar method
 * getAccessControlContext() in the sun.applet.AppletPanel class.
 */
private static AccessControlContext getAccessControlContext(int port) {
    // begin with permissions granted to all code in current policy
    PermissionCollection perms = AccessController.doPrivileged(
        new java.security.PrivilegedAction<PermissionCollection>() {
            public PermissionCollection run() {
                CodeSource codesource = new CodeSource(null,
                    (java.security.cert.Certificate[]) null);
                Policy p = java.security.Policy.getPolicy();
                if (p != null) {
                    return p.getPermissions(codesource);
                } else {
                    return new Permissions();
                }
            }
        });

    /*
     * Anyone can connect to the registry and the registry can connect
     * to and possibly download stubs from anywhere. Downloaded stubs and
     * related classes themselves are more tightly limited by RMI.
     */
    perms.add(new SocketPermission("*", "connect,accept"));
    perms.add(new SocketPermission("localhost:"+port, "listen,accept"));

    perms.add(new RuntimePermission("accessClassInPackage.sun.jvmstat.*"));
    perms.add(new RuntimePermission("accessClassInPackage.sun.jvm.hotspot.*"));

    perms.add(new FilePermission("<<ALL FILES>>", "read"));

    /*
     * Create an AccessControlContext that consists of a single
     * protection domain with only the permissions calculated above.
     */
    ProtectionDomain pd = new ProtectionDomain(
        new CodeSource(null,
            (java.security.cert.Certificate[]) null), perms);
    return new AccessControlContext(new ProtectionDomain[] { pd });
}
 
Example 34
Project: openjdk-jdk10   File: AnyImpl.java   View source code 5 votes vote down vote up
public org.omg.CORBA.portable.InputStream create_input_stream() {
    final org.omg.CORBA.portable.InputStream is = super
            .create_input_stream();
    AnyInputStream aIS = AccessController
            .doPrivileged(new PrivilegedAction<AnyInputStream>() {
                @Override
                public AnyInputStream run() {
                    return new AnyInputStream(
                            (com.sun.corba.se.impl.encoding.EncapsInputStream) is);
                }
            });
    return aIS;
}
 
Example 35
Project: jdk8u-jdk   File: MLet.java   View source code 5 votes vote down vote up
private synchronized void setMBeanServer(final MBeanServer server) {
    this.server = server;
    PrivilegedAction<ClassLoaderRepository> act =
        new PrivilegedAction<ClassLoaderRepository>() {
            public ClassLoaderRepository run() {
                return server.getClassLoaderRepository();
            }
        };
    currentClr = AccessController.doPrivileged(act);
}
 
Example 36
Project: jdk8u-jdk   File: FontManagerFactory.java   View source code 5 votes vote down vote up
/**
 * Get a valid FontManager implementation for the current platform.
 *
 * @return a valid FontManager instance for the current platform
 */
public static synchronized FontManager getInstance() {

    if (instance != null) {
        return instance;
    }

    AccessController.doPrivileged(new PrivilegedAction() {

        public Object run() {
            try {
                String fmClassName =
                        System.getProperty("sun.font.fontmanager",
                                           DEFAULT_CLASS);
                ClassLoader cl = ClassLoader.getSystemClassLoader();
                Class fmClass = Class.forName(fmClassName, true, cl);
                instance = (FontManager) fmClass.newInstance();
            } catch (ClassNotFoundException |
                     InstantiationException |
                     IllegalAccessException ex) {
                throw new InternalError(ex);

            }
            return null;
        }
    });

    return instance;
}
 
Example 37
Project: holon-core   File: ContextManager.java   View source code 5 votes vote down vote up
/**
 * Ensure scopes registry inited using {@link ServiceLoader}
 * @param classLoader ClassLoader
 */
private void ensureInited(final ClassLoader classLoader) {

	LinkedHashMap<String, ContextScope> contextScopes = scopes.get(classLoader);

	if (contextScopes == null) {
		// load using ServiceLoader
		contextScopes = AccessController
				.doPrivileged(new PrivilegedAction<LinkedHashMap<String, ContextScope>>() {
					@Override
					public LinkedHashMap<String, ContextScope> run() {
						LinkedHashMap<String, ContextScope> result = new LinkedHashMap<>();
						LOGGER.debug(() -> "Load scopes for classloader [" + classLoader
								+ "] using ServiceLoader with service name: " + ContextScope.class.getName());
						ServiceLoader<ContextScope> serviceLoader = ServiceLoader.load(ContextScope.class,
								classLoader);
						for (final ContextScope provider : serviceLoader) {
							if (provider.getName() == null) {
								throw new IllegalStateException("Invalid ContextScope, missing scope name: "
										+ provider.getClass().getName());
							}
							result.put(provider.getName(), provider);
							LOGGER.debug(() -> "Loaded and registered scope with name [" + provider.getName()
									+ "] for classloader [" + classLoader + "]");
						}
						sortScopes(result);
						return result;
					}
				});
		scopes.put(classLoader, contextScopes);
	}
}
 
Example 38
Project: openjdk-jdk10   File: XPathFactoryFinder.java   View source code 5 votes vote down vote up
private boolean isObjectModelSupportedBy(final XPathFactory factory,
        final String objectModel,
        AccessControlContext acc) {
    return AccessController.doPrivileged(new PrivilegedAction<Boolean>() {
                public Boolean run() {
                    return factory.isObjectModelSupported(objectModel);
                }
            }, acc);
}
 
Example 39
Project: openjdk-jdk10   File: FactoryFinder.java   View source code 5 votes vote down vote up
private static <T> T findServiceProvider(final Class<T> type) {
    try {
        return AccessController.doPrivileged(new PrivilegedAction<T>() {
            public T run() {
                final ServiceLoader<T> serviceLoader = ServiceLoader.load(type);
                final Iterator<T> iterator = serviceLoader.iterator();
                if (iterator.hasNext()) {
                    return iterator.next();
                } else {
                    return null;
                }
             }
        });
    } catch(ServiceConfigurationError e) {
        // It is not possible to wrap an error directly in
        // FactoryConfigurationError - so we need to wrap the
        // ServiceConfigurationError in a RuntimeException.
        // The alternative would be to modify the logic in
        // FactoryConfigurationError to allow setting a
        // Throwable as the cause, but that could cause
        // compatibility issues down the road.
        final RuntimeException x = new RuntimeException(
                "Provider for " + type + " cannot be created", e);
        final FactoryConfigurationError error =
                new FactoryConfigurationError(x, x.getMessage());
        throw error;
    }
}
 
Example 40
Project: hadoop-oss   File: UserGroupInformation.java   View source code 5 votes vote down vote up
/**
 * Run the given action as the user.
 * @param <T> the return type of the run method
 * @param action the method to execute
 * @return the value from the run method
 */
@InterfaceAudience.Public
@InterfaceStability.Evolving
public <T> T doAs(PrivilegedAction<T> action) {
  logPrivilegedAction(subject, action);
  return Subject.doAs(subject, action);
}