public class PolicySecurityController extends SecurityController
Policy
in effect. When you use
this security controller, your securityDomain objects must be instances of
CodeSource
representing the location from where you load your
scripts. Any Java policy "grant" statements matching the URL and certificate
in code sources will apply to the scripts. If you specify any certificates
within your CodeSource
objects, it is your responsibility to verify
(or not) that the script source files are signed in whatever
implementation-specific way you're using.Modifier and Type | Class and Description |
---|---|
static class |
PolicySecurityController.SecureCaller |
Constructor and Description |
---|
PolicySecurityController() |
Modifier and Type | Method and Description |
---|---|
java.lang.Object |
callWithDomain(java.lang.Object securityDomain,
Context cx,
Callable callable,
Scriptable scope,
Scriptable thisObj,
java.lang.Object[] args)
Call
Callable.call(Context cx, Scriptable scope, Scriptable thisObj,
Object[] args)
of callable under restricted security domain where an action is
allowed only if it is allowed according to the Java stack on the
moment of the execWithDomain call and securityDomain. |
GeneratedClassLoader |
createClassLoader(java.lang.ClassLoader parent,
java.lang.Object securityDomain)
Get class loader-like object that can be used
to define classes with the given security context.
|
java.lang.Object |
getDynamicSecurityDomain(java.lang.Object securityDomain)
Get dynamic security domain that allows an action only if it is allowed
by the current Java stack and securityDomain.
|
java.lang.Class<?> |
getStaticSecurityDomainClassInternal() |
createLoader, execWithDomain, getStaticSecurityDomainClass, hasGlobal, initGlobal
public java.lang.Class<?> getStaticSecurityDomainClassInternal()
getStaticSecurityDomainClassInternal
in class SecurityController
public GeneratedClassLoader createClassLoader(java.lang.ClassLoader parent, java.lang.Object securityDomain)
SecurityController
createClassLoader
in class SecurityController
parent
- parent class loader to delegate search for classes
not defined by the class loader itselfsecurityDomain
- some object specifying the security
context of the code that is defined by the returned class loader.public java.lang.Object getDynamicSecurityDomain(java.lang.Object securityDomain)
SecurityController
getDynamicSecurityDomain
in class SecurityController
public java.lang.Object callWithDomain(java.lang.Object securityDomain, Context cx, Callable callable, Scriptable scope, Scriptable thisObj, java.lang.Object[] args)
SecurityController
Callable.call(Context cx, Scriptable scope, Scriptable thisObj,
Object[] args)
of callable under restricted security domain where an action is
allowed only if it is allowed according to the Java stack on the
moment of the execWithDomain call and securityDomain.
Any call to SecurityController.getDynamicSecurityDomain(Object)
during
execution of callable.call(cx, scope, thisObj, args)
should return a domain incorporate restrictions imposed by
securityDomain and Java stack on the moment of callWithDomain
invocation.
The method should always be overridden, it is not declared abstract for compatibility reasons.
callWithDomain
in class SecurityController
Copyright © 2010 - 2020 Adobe. All Rights Reserved