Categories:
Audio (13)
Biotech (29)
Bytecode (36)
Database (77)
Framework (7)
Game (7)
General (507)
Graphics (53)
I/O (35)
IDE (2)
JAR Tools (101)
JavaBeans (21)
JDBC (121)
JDK (426)
JSP (20)
Logging (108)
Mail (58)
Messaging (8)
Network (84)
PDF (97)
Report (7)
Scripting (84)
Security (32)
Server (121)
Servlet (26)
SOAP (24)
Testing (54)
Web (15)
XML (309)
Collections:
Other Resources:
JDK 11 java.base.jmod - Base Module
JDK 11 java.base.jmod is the JMOD file for JDK 11 Base module.
JDK 11 Base module compiled class files are stored in \fyicenter\jdk-11.0.1\jmods\java.base.jmod.
JDK 11 Base module compiled class files are also linked and stored in the \fyicenter\jdk-11.0.1\lib\modules JImage file.
JDK 11 Base module source code files are stored in \fyicenter\jdk-11.0.1\lib\src.zip\java.base.
You can click and view the content of each source code file in the list below.
✍: FYIcenter
⏎ java/security/ProtectionDomain.java
/* * Copyright (c) 1997, 2018, Oracle and/or its affiliates. All rights reserved. * ORACLE PROPRIETARY/CONFIDENTIAL. Use is subject to license terms. * * * * * * * * * * * * * * * * * * * * */ package java.security; import java.util.ArrayList; import java.util.Collections; import java.util.Enumeration; import java.util.List; import java.util.Map; import java.util.Objects; import java.util.WeakHashMap; import jdk.internal.misc.JavaSecurityAccess; import jdk.internal.misc.SharedSecrets; import sun.security.action.GetPropertyAction; import sun.security.provider.PolicyFile; import sun.security.util.Debug; import sun.security.util.FilePermCompat; import sun.security.util.SecurityConstants; /** * The ProtectionDomain class encapsulates the characteristics of a domain, * which encloses a set of classes whose instances are granted a set * of permissions when being executed on behalf of a given set of Principals. * <p> * A static set of permissions can be bound to a ProtectionDomain when it is * constructed; such permissions are granted to the domain regardless of the * Policy in force. However, to support dynamic security policies, a * ProtectionDomain can also be constructed such that it is dynamically * mapped to a set of permissions by the current Policy whenever a permission * is checked. * * @author Li Gong * @author Roland Schemers * @author Gary Ellison * @since 1.2 */ public class ProtectionDomain { /** * If true, {@link #impliesWithAltFilePerm} will try to be compatible on * FilePermission checking even if a 3rd-party Policy implementation is set. */ private static final boolean filePermCompatInPD = "true".equals(GetPropertyAction.privilegedGetProperty( "jdk.security.filePermCompat")); private static class JavaSecurityAccessImpl implements JavaSecurityAccess { private JavaSecurityAccessImpl() { } @Override public <T> T doIntersectionPrivilege( PrivilegedAction<T> action, final AccessControlContext stack, final AccessControlContext context) { if (action == null) { throw new NullPointerException(); } return AccessController.doPrivileged( action, getCombinedACC(context, stack) ); } @Override public <T> T doIntersectionPrivilege( PrivilegedAction<T> action, AccessControlContext context) { return doIntersectionPrivilege(action, AccessController.getContext(), context); } @Override public ProtectionDomain[] getProtectDomains(AccessControlContext context) { return context.getContext(); } private static AccessControlContext getCombinedACC( AccessControlContext context, AccessControlContext stack) { AccessControlContext acc = new AccessControlContext(context, stack.getCombiner(), true); return new AccessControlContext(stack.getContext(), acc).optimize(); } @Override public ProtectionDomainCache getProtectionDomainCache() { return new ProtectionDomainCache() { private final Map<Key, PermissionCollection> map = Collections.synchronizedMap(new WeakHashMap<>()); public void put(ProtectionDomain pd, PermissionCollection pc) { map.put((pd == null ? null : pd.key), pc); } public PermissionCollection get(ProtectionDomain pd) { return pd == null ? map.get(null) : map.get(pd.key); } }; } } static { // Set up JavaSecurityAccess in SharedSecrets SharedSecrets.setJavaSecurityAccess(new JavaSecurityAccessImpl()); } /* CodeSource */ private CodeSource codesource ; /* ClassLoader the protection domain was consed from */ private ClassLoader classloader; /* Principals running-as within this protection domain */ private Principal[] principals; /* the rights this protection domain is granted */ private PermissionCollection permissions; /* if the permissions object has AllPermission */ private boolean hasAllPerm = false; /* the PermissionCollection is static (pre 1.4 constructor) or dynamic (via a policy refresh) */ private final boolean staticPermissions; /* * An object used as a key when the ProtectionDomain is stored in a Map. */ final Key key = new Key(); /** * Creates a new ProtectionDomain with the given CodeSource and * Permissions. If the permissions object is not null, then * {@code setReadOnly()} will be called on the passed in * Permissions object. * <p> * The permissions granted to this domain are static, i.e. * invoking the {@link #staticPermissionsOnly()} method returns true. * They contain only the ones passed to this constructor and * the current Policy will not be consulted. * * @param codesource the codesource associated with this domain * @param permissions the permissions granted to this domain */ public ProtectionDomain(CodeSource codesource, PermissionCollection permissions) { this.codesource = codesource; if (permissions != null) { this.permissions = permissions; this.permissions.setReadOnly(); if (permissions instanceof Permissions && ((Permissions)permissions).allPermission != null) { hasAllPerm = true; } } this.classloader = null; this.principals = new Principal[0]; staticPermissions = true; } /** * Creates a new ProtectionDomain qualified by the given CodeSource, * Permissions, ClassLoader and array of Principals. If the * permissions object is not null, then {@code setReadOnly()} * will be called on the passed in Permissions object. * <p> * The permissions granted to this domain are dynamic, i.e. * invoking the {@link #staticPermissionsOnly()} method returns false. * They include both the static permissions passed to this constructor, * and any permissions granted to this domain by the current Policy at the * time a permission is checked. * <p> * This constructor is typically used by * {@link SecureClassLoader ClassLoaders} * and {@link DomainCombiner DomainCombiners} which delegate to * {@code Policy} to actively associate the permissions granted to * this domain. This constructor affords the * Policy provider the opportunity to augment the supplied * PermissionCollection to reflect policy changes. * * @param codesource the CodeSource associated with this domain * @param permissions the permissions granted to this domain * @param classloader the ClassLoader associated with this domain * @param principals the array of Principals associated with this * domain. The contents of the array are copied to protect against * subsequent modification. * @see Policy#refresh * @see Policy#getPermissions(ProtectionDomain) * @since 1.4 */ public ProtectionDomain(CodeSource codesource, PermissionCollection permissions, ClassLoader classloader, Principal[] principals) { this.codesource = codesource; if (permissions != null) { this.permissions = permissions; this.permissions.setReadOnly(); if (permissions instanceof Permissions && ((Permissions)permissions).allPermission != null) { hasAllPerm = true; } } this.classloader = classloader; this.principals = (principals != null ? principals.clone(): new Principal[0]); staticPermissions = false; } /** * Returns the CodeSource of this domain. * @return the CodeSource of this domain which may be null. * @since 1.2 */ public final CodeSource getCodeSource() { return this.codesource; } /** * Returns the ClassLoader of this domain. * @return the ClassLoader of this domain which may be null. * * @since 1.4 */ public final ClassLoader getClassLoader() { return this.classloader; } /** * Returns an array of principals for this domain. * @return a non-null array of principals for this domain. * Returns a new array each time this method is called. * * @since 1.4 */ public final Principal[] getPrincipals() { return this.principals.clone(); } /** * Returns the static permissions granted to this domain. * * @return the static set of permissions for this domain which may be null. * @see Policy#refresh * @see Policy#getPermissions(ProtectionDomain) */ public final PermissionCollection getPermissions() { return permissions; } /** * Returns true if this domain contains only static permissions * and does not check the current {@code Policy} at the time of * permission checking. * * @return true if this domain contains only static permissions. * * @since 9 */ public final boolean staticPermissionsOnly() { return this.staticPermissions; } /** * Check and see if this ProtectionDomain implies the permissions * expressed in the Permission object. * <p> * The set of permissions evaluated is a function of whether the * ProtectionDomain was constructed with a static set of permissions * or it was bound to a dynamically mapped set of permissions. * <p> * If the {@link #staticPermissionsOnly()} method returns * true, then the permission will only be checked against the * PermissionCollection supplied at construction. * <p> * Otherwise, the permission will be checked against the combination * of the PermissionCollection supplied at construction and * the current Policy binding. * * @param perm the Permission object to check. * * @return true if {@code perm} is implied by this ProtectionDomain. */ public boolean implies(Permission perm) { if (hasAllPerm) { // internal permission collection already has AllPermission - // no need to go to policy return true; } if (!staticPermissions && Policy.getPolicyNoCheck().implies(this, perm)) { return true; } if (permissions != null) { return permissions.implies(perm); } return false; } /** * This method has almost the same logic flow as {@link #implies} but * it ensures some level of FilePermission compatibility after JDK-8164705. * * This method is called by {@link AccessControlContext#checkPermission} * and not intended to be called by an application. */ boolean impliesWithAltFilePerm(Permission perm) { // If FilePermCompat.compat is set (default value), FilePermission // checking compatibility should be considered. // If filePermCompatInPD is set, this method checks for alternative // FilePermission to keep compatibility for any Policy implementation. // When set to false (default value), implies() is called since // the PolicyFile implementation already supports compatibility. // If this is a subclass of ProtectionDomain, call implies() // because most likely user has overridden it. if (!filePermCompatInPD || !FilePermCompat.compat || getClass() != ProtectionDomain.class) { return implies(perm); } if (hasAllPerm) { // internal permission collection already has AllPermission - // no need to go to policy return true; } Permission p2 = null; boolean p2Calculated = false; if (!staticPermissions) { Policy policy = Policy.getPolicyNoCheck(); if (policy instanceof PolicyFile) { // The PolicyFile implementation supports compatibility // inside and it also covers the static permissions. return policy.implies(this, perm); } else { if (policy.implies(this, perm)) { return true; } p2 = FilePermCompat.newPermUsingAltPath(perm); p2Calculated = true; if (p2 != null && policy.implies(this, p2)) { return true; } } } if (permissions != null) { if (permissions.implies(perm)) { return true; } else { if (!p2Calculated) { p2 = FilePermCompat.newPermUsingAltPath(perm); } if (p2 != null) { return permissions.implies(p2); } } } return false; } // called by the VM -- do not remove boolean impliesCreateAccessControlContext() { return implies(SecurityConstants.CREATE_ACC_PERMISSION); } /** * Convert a ProtectionDomain to a String. */ @Override public String toString() { String pals = "<no principals>"; if (principals != null && principals.length > 0) { StringBuilder palBuf = new StringBuilder("(principals "); for (int i = 0; i < principals.length; i++) { palBuf.append(principals[i].getClass().getName() + " \"" + principals[i].getName() + "\""); if (i < principals.length-1) palBuf.append(",\n"); else palBuf.append(")\n"); } pals = palBuf.toString(); } // Check if policy is set; we don't want to load // the policy prematurely here PermissionCollection pc = Policy.isSet() && seeAllp() ? mergePermissions(): getPermissions(); return "ProtectionDomain "+ " "+codesource+"\n"+ " "+classloader+"\n"+ " "+pals+"\n"+ " "+pc+"\n"; } /* * holder class for the static field "debug" to delay its initialization */ private static class DebugHolder { private static final Debug debug = Debug.getInstance("domain"); } /** * Return true (merge policy permissions) in the following cases: * * . SecurityManager is null * * . SecurityManager is not null, * debug is not null, * SecurityManager impelmentation is in bootclasspath, * Policy implementation is in bootclasspath * (the bootclasspath restrictions avoid recursion) * * . SecurityManager is not null, * debug is null, * caller has Policy.getPolicy permission */ private static boolean seeAllp() { SecurityManager sm = System.getSecurityManager(); if (sm == null) { return true; } else { if (DebugHolder.debug != null) { if (sm.getClass().getClassLoader() == null && Policy.getPolicyNoCheck().getClass().getClassLoader() == null) { return true; } } else { try { sm.checkPermission(SecurityConstants.GET_POLICY_PERMISSION); return true; } catch (SecurityException se) { // fall thru and return false } } } return false; } private PermissionCollection mergePermissions() { if (staticPermissions) return permissions; PermissionCollection perms = java.security.AccessController.doPrivileged (new java.security.PrivilegedAction<>() { public PermissionCollection run() { Policy p = Policy.getPolicyNoCheck(); return p.getPermissions(ProtectionDomain.this); } }); Permissions mergedPerms = new Permissions(); int swag = 32; int vcap = 8; Enumeration<Permission> e; List<Permission> pdVector = new ArrayList<>(vcap); List<Permission> plVector = new ArrayList<>(swag); // // Build a vector of domain permissions for subsequent merge if (permissions != null) { synchronized (permissions) { e = permissions.elements(); while (e.hasMoreElements()) { pdVector.add(e.nextElement()); } } } // // Build a vector of Policy permissions for subsequent merge if (perms != null) { synchronized (perms) { e = perms.elements(); while (e.hasMoreElements()) { plVector.add(e.nextElement()); vcap++; } } } if (perms != null && permissions != null) { // // Weed out the duplicates from the policy. Unless a refresh // has occurred since the pd was consed this should result in // an empty vector. synchronized (permissions) { e = permissions.elements(); // domain vs policy while (e.hasMoreElements()) { Permission pdp = e.nextElement(); Class<?> pdpClass = pdp.getClass(); String pdpActions = pdp.getActions(); String pdpName = pdp.getName(); for (int i = 0; i < plVector.size(); i++) { Permission pp = plVector.get(i); if (pdpClass.isInstance(pp)) { // The equals() method on some permissions // have some side effects so this manual // comparison is sufficient. if (pdpName.equals(pp.getName()) && Objects.equals(pdpActions, pp.getActions())) { plVector.remove(i); break; } } } } } } if (perms !=null) { // the order of adding to merged perms and permissions // needs to preserve the bugfix 4301064 for (int i = plVector.size()-1; i >= 0; i--) { mergedPerms.add(plVector.get(i)); } } if (permissions != null) { for (int i = pdVector.size()-1; i >= 0; i--) { mergedPerms.add(pdVector.get(i)); } } return mergedPerms; } /** * Used for storing ProtectionDomains as keys in a Map. */ final class Key {} }
⏎ java/security/ProtectionDomain.java
Or download all of them as a single archive file:
File name: java.base-11.0.1-src.zip File size: 8740354 bytes Release date: 2018-11-04 Download
2020-05-29, 243144👍, 0💬
Popular Posts:
JSP(tm) Standard Tag Library 1.0 implementation - Jakarta Taglibs hosts the Standard Taglib 1.0, an ...
What Is mail.jar of JavaMail 1.4? I got the JAR file from javamail-1_4.zip. mail.jar in javamail-1_4...
Apache Ant is a Java-based build tool. In theory, it is kind of like make, without make's wrinkles. ...
Apache Commons Codec library provides implementations of common encoders and decoders such as Base64...
What is jxl.jar 2.6.12? jxl.jar 2.6.12 is the JAR file for Java Excel API 2.6.12, which is a Java li...