List of usage examples for java.security ProtectionDomain ProtectionDomain
public ProtectionDomain(CodeSource codesource, PermissionCollection permissions, ClassLoader classloader,
Principal[] principals)
From source file:net.datenwerke.sandbox.SandboxLoader.java
@Override protected Class<?> loadClass(final String name, boolean resolve) throws ClassNotFoundException { Class clazz = null;//from w w w .jav a 2 s . c om if (debug) logger.log(Level.INFO, getName() + "(" + System.identityHashCode(this) + ")" + " about to load class: " + name); if (null != enhancer) enhancer.classtoBeLoaded(this, name, resolve); boolean trustedSource = false; if (name.startsWith("java.") || bypassClazz(name)) { clazz = super.loadClass(name, resolve); /* check if it comes from an available jar */ if (!name.startsWith("java.") && null != whitelistedUcp) { String path = name.replace('.', '/').concat(".class"); Resource res = whitelistedUcp.getResource(path, false); if (res != null) trustedSource = true; } } else { /* check subcontext */ if (hasSubloaders) { SandboxLoader subLoader = doGetSubLoaderByClassContext(name); if (null != subLoader) return subLoader.loadClass(name, resolve); } /* check if we have already handeled this class */ clazz = findLoadedClass(name); if (clazz != null) { if (null != whitelistedUcp) { String path = name.replace('.', '/').concat(".class"); Resource res = whitelistedUcp.getResource(path, false); if (res != null) trustedSource = true; } } else { try { String basePath = name.replace('.', '/'); String path = basePath.concat(".class"); ProtectionDomain domain = null; try { CodeSource codeSource = new CodeSource(new URL("file", "", codesource.concat(basePath)), (java.security.cert.Certificate[]) null); domain = new ProtectionDomain(codeSource, new Permissions(), this, null); } catch (MalformedURLException e) { throw new RuntimeException("Could not create protection domain."); } /* define package */ int i = name.lastIndexOf('.'); if (i != -1) { String pkgName = name.substring(0, i); java.lang.Package pkg = getPackage(pkgName); if (pkg == null) { definePackage(pkgName, null, null, null, null, null, null, null); } } /* first strategy .. check jars */ if (null != whitelistedUcp) { Resource res = whitelistedUcp.getResource(path, false); if (res != null) { byte[] cBytes = enhance(name, res.getBytes()); clazz = defineClass(name, cBytes, 0, cBytes.length, domain); trustedSource = true; } } /* load class */ if (clazz == null) { InputStream in = null; try { /* we only load from local sources */ in = parent.getResourceAsStream(path); byte[] cBytes = null; if (in != null) cBytes = IOUtils.toByteArray(in); if (null == cBytes && null != enhancer) cBytes = enhancer.loadClass(this, name); if (null == cBytes) throw new ClassNotFoundException("Could not find " + name); /* load and define class */ cBytes = enhance(name, cBytes); clazz = defineClass(name, cBytes, 0, cBytes.length, domain); } finally { if (null != in) { try { in.close(); } catch (IOException e) { e.printStackTrace(); } } } } /* do we need to resolve */ if (resolve) resolveClass(clazz); } catch (IOException e) { throw new ClassNotFoundException("Could not load " + name, e); } catch (Exception e) { throw new ClassNotFoundException("Could not load " + name, e); } } } if (!trustedSource && null != clazz && null != securityManager) securityManager.checkClassAccess(name); if (null != enhancer) enhancer.classLoaded(this, name, clazz); return clazz; }
From source file:net.datenwerke.sandbox.SandboxLoader.java
public Class<?> defineClass(String name, byte[] classBytes, boolean enhanceClass) { securityManager.checkPermission(new SandboxRuntimePermission("defineClass")); Class<?> clazz = findLoadedClass(name); if (null != clazz) return clazz; if (enhanceClass) { try {/*from w w w . j ava 2 s. co m*/ classBytes = enhance(name, classBytes); } catch (Exception e) { throw new RuntimeException(e); } } ProtectionDomain domain = null; try { CodeSource codeSource = new CodeSource(new URL("file", "", codesource), (java.security.cert.Certificate[]) null); domain = new ProtectionDomain(codeSource, new Permissions(), this, null); } catch (MalformedURLException e) { throw new RuntimeException("Could not create protection domain."); } return defineClass(name, classBytes, 0, classBytes.length, domain); }