1.1 --- a/rt/emul/compact/src/main/java/java/security/AccessController.java Thu Oct 03 15:40:35 2013 +0200
1.2 +++ b/rt/emul/compact/src/main/java/java/security/AccessController.java Fri Oct 04 12:05:02 2013 +0200
1.3 @@ -25,8 +25,6 @@
1.4
1.5 package java.security;
1.6
1.7 -import sun.security.util.Debug;
1.8 -
1.9 /**
1.10 * <p> The AccessController class is used for access control operations
1.11 * and decisions.
1.12 @@ -264,7 +262,9 @@
1.13 * @see java.security.DomainCombiner
1.14 */
1.15
1.16 - public static native <T> T doPrivileged(PrivilegedAction<T> action);
1.17 + public static <T> T doPrivileged(PrivilegedAction<T> action) {
1.18 + return action.run();
1.19 + }
1.20
1.21 /**
1.22 * Performs the specified <code>PrivilegedAction</code> with privileges
1.23 @@ -289,13 +289,7 @@
1.24 * @since 1.6
1.25 */
1.26 public static <T> T doPrivilegedWithCombiner(PrivilegedAction<T> action) {
1.27 -
1.28 - DomainCombiner dc = null;
1.29 - AccessControlContext acc = getStackAccessControlContext();
1.30 - if (acc == null || (dc = acc.getAssignedCombiner()) == null) {
1.31 - return AccessController.doPrivileged(action);
1.32 - }
1.33 - return AccessController.doPrivileged(action, preserveCombiner(dc));
1.34 + return action.run();
1.35 }
1.36
1.37
1.38 @@ -326,8 +320,8 @@
1.39 * @see #doPrivileged(PrivilegedAction)
1.40 * @see #doPrivileged(PrivilegedExceptionAction,AccessControlContext)
1.41 */
1.42 - public static native <T> T doPrivileged(PrivilegedAction<T> action,
1.43 - AccessControlContext context);
1.44 +// public static native <T> T doPrivileged(PrivilegedAction<T> action,
1.45 +// AccessControlContext context);
1.46
1.47 /**
1.48 * Performs the specified <code>PrivilegedExceptionAction</code> with
1.49 @@ -353,9 +347,15 @@
1.50 * @see #doPrivilegedWithCombiner(PrivilegedExceptionAction)
1.51 * @see java.security.DomainCombiner
1.52 */
1.53 - public static native <T> T
1.54 + public static <T> T
1.55 doPrivileged(PrivilegedExceptionAction<T> action)
1.56 - throws PrivilegedActionException;
1.57 + throws PrivilegedActionException {
1.58 + try {
1.59 + return action.run();
1.60 + } catch (Exception ex) {
1.61 + throw new PrivilegedActionException(ex);
1.62 + }
1.63 + }
1.64
1.65
1.66 /**
1.67 @@ -385,43 +385,10 @@
1.68 */
1.69 public static <T> T doPrivilegedWithCombiner
1.70 (PrivilegedExceptionAction<T> action) throws PrivilegedActionException {
1.71 -
1.72 - DomainCombiner dc = null;
1.73 - AccessControlContext acc = getStackAccessControlContext();
1.74 - if (acc == null || (dc = acc.getAssignedCombiner()) == null) {
1.75 - return AccessController.doPrivileged(action);
1.76 - }
1.77 - return AccessController.doPrivileged(action, preserveCombiner(dc));
1.78 + return doPrivileged(action);
1.79 }
1.80
1.81 /**
1.82 - * preserve the combiner across the doPrivileged call
1.83 - */
1.84 - private static AccessControlContext preserveCombiner
1.85 - (DomainCombiner combiner) {
1.86 -
1.87 - /**
1.88 - * callerClass[0] = Reflection.getCallerClass
1.89 - * callerClass[1] = AccessController.preserveCombiner
1.90 - * callerClass[2] = AccessController.doPrivileged
1.91 - * callerClass[3] = caller
1.92 - */
1.93 - final Class callerClass = sun.reflect.Reflection.getCallerClass(3);
1.94 - ProtectionDomain callerPd = doPrivileged
1.95 - (new PrivilegedAction<ProtectionDomain>() {
1.96 - public ProtectionDomain run() {
1.97 - return callerClass.getProtectionDomain();
1.98 - }
1.99 - });
1.100 -
1.101 - // perform 'combine' on the caller of doPrivileged,
1.102 - // even if the caller is from the bootclasspath
1.103 - ProtectionDomain[] pds = new ProtectionDomain[] {callerPd};
1.104 - return new AccessControlContext(combiner.combine(pds, null), combiner);
1.105 - }
1.106 -
1.107 -
1.108 - /**
1.109 * Performs the specified <code>PrivilegedExceptionAction</code> with
1.110 * privileges enabled and restricted by the specified
1.111 * <code>AccessControlContext</code>. The action is performed with the
1.112 @@ -450,30 +417,10 @@
1.113 * @see #doPrivileged(PrivilegedAction)
1.114 * @see #doPrivileged(PrivilegedExceptionAction,AccessControlContext)
1.115 */
1.116 - public static native <T> T
1.117 - doPrivileged(PrivilegedExceptionAction<T> action,
1.118 - AccessControlContext context)
1.119 - throws PrivilegedActionException;
1.120 -
1.121 - /**
1.122 - * Returns the AccessControl context. i.e., it gets
1.123 - * the protection domains of all the callers on the stack,
1.124 - * starting at the first class with a non-null
1.125 - * ProtectionDomain.
1.126 - *
1.127 - * @return the access control context based on the current stack or
1.128 - * null if there was only privileged system code.
1.129 - */
1.130 -
1.131 - private static native AccessControlContext getStackAccessControlContext();
1.132 -
1.133 - /**
1.134 - * Returns the "inherited" AccessControl context. This is the context
1.135 - * that existed when the thread was created. Package private so
1.136 - * AccessControlContext can use it.
1.137 - */
1.138 -
1.139 - static native AccessControlContext getInheritedAccessControlContext();
1.140 +// public static native <T> T
1.141 +// doPrivileged(PrivilegedExceptionAction<T> action,
1.142 +// AccessControlContext context)
1.143 +// throws PrivilegedActionException;
1.144
1.145 /**
1.146 * This method takes a "snapshot" of the current calling context, which
1.147 @@ -486,17 +433,17 @@
1.148 * @return the AccessControlContext based on the current context.
1.149 */
1.150
1.151 - public static AccessControlContext getContext()
1.152 - {
1.153 - AccessControlContext acc = getStackAccessControlContext();
1.154 - if (acc == null) {
1.155 - // all we had was privileged system code. We don't want
1.156 - // to return null though, so we construct a real ACC.
1.157 - return new AccessControlContext(null, true);
1.158 - } else {
1.159 - return acc.optimize();
1.160 - }
1.161 - }
1.162 +// public static AccessControlContext getContext()
1.163 +// {
1.164 +// AccessControlContext acc = getStackAccessControlContext();
1.165 +// if (acc == null) {
1.166 +// // all we had was privileged system code. We don't want
1.167 +// // to return null though, so we construct a real ACC.
1.168 +// return new AccessControlContext(null, true);
1.169 +// } else {
1.170 +// return acc.optimize();
1.171 +// }
1.172 +// }
1.173
1.174 /**
1.175 * Determines whether the access request indicated by the
1.176 @@ -516,42 +463,42 @@
1.177 * security policy currently in effect.
1.178 */
1.179
1.180 - public static void checkPermission(Permission perm)
1.181 - throws AccessControlException
1.182 - {
1.183 - //System.err.println("checkPermission "+perm);
1.184 - //Thread.currentThread().dumpStack();
1.185 -
1.186 - if (perm == null) {
1.187 - throw new NullPointerException("permission can't be null");
1.188 - }
1.189 -
1.190 - AccessControlContext stack = getStackAccessControlContext();
1.191 - // if context is null, we had privileged system code on the stack.
1.192 - if (stack == null) {
1.193 - Debug debug = AccessControlContext.getDebug();
1.194 - boolean dumpDebug = false;
1.195 - if (debug != null) {
1.196 - dumpDebug = !Debug.isOn("codebase=");
1.197 - dumpDebug &= !Debug.isOn("permission=") ||
1.198 - Debug.isOn("permission=" + perm.getClass().getCanonicalName());
1.199 - }
1.200 -
1.201 - if (dumpDebug && Debug.isOn("stack")) {
1.202 - Thread.currentThread().dumpStack();
1.203 - }
1.204 -
1.205 - if (dumpDebug && Debug.isOn("domain")) {
1.206 - debug.println("domain (context is null)");
1.207 - }
1.208 -
1.209 - if (dumpDebug) {
1.210 - debug.println("access allowed "+perm);
1.211 - }
1.212 - return;
1.213 - }
1.214 -
1.215 - AccessControlContext acc = stack.optimize();
1.216 - acc.checkPermission(perm);
1.217 - }
1.218 +// public static void checkPermission(Permission perm)
1.219 +// throws AccessControlException
1.220 +// {
1.221 +// //System.err.println("checkPermission "+perm);
1.222 +// //Thread.currentThread().dumpStack();
1.223 +//
1.224 +// if (perm == null) {
1.225 +// throw new NullPointerException("permission can't be null");
1.226 +// }
1.227 +//
1.228 +// AccessControlContext stack = getStackAccessControlContext();
1.229 +// // if context is null, we had privileged system code on the stack.
1.230 +// if (stack == null) {
1.231 +// Debug debug = AccessControlContext.getDebug();
1.232 +// boolean dumpDebug = false;
1.233 +// if (debug != null) {
1.234 +// dumpDebug = !Debug.isOn("codebase=");
1.235 +// dumpDebug &= !Debug.isOn("permission=") ||
1.236 +// Debug.isOn("permission=" + perm.getClass().getCanonicalName());
1.237 +// }
1.238 +//
1.239 +// if (dumpDebug && Debug.isOn("stack")) {
1.240 +// Thread.currentThread().dumpStack();
1.241 +// }
1.242 +//
1.243 +// if (dumpDebug && Debug.isOn("domain")) {
1.244 +// debug.println("domain (context is null)");
1.245 +// }
1.246 +//
1.247 +// if (dumpDebug) {
1.248 +// debug.println("access allowed "+perm);
1.249 +// }
1.250 +// return;
1.251 +// }
1.252 +//
1.253 +// AccessControlContext acc = stack.optimize();
1.254 +// acc.checkPermission(perm);
1.255 +// }
1.256 }