Package org.htmlunit.corejs.javascript.tools.shell

Class JavaPolicySecurity

java.lang.Object

org.htmlunit.corejs.javascript.SecurityController

org.htmlunit.corejs.javascript.tools.shell.SecurityProxy

org.htmlunit.corejs.javascript.tools.shell.JavaPolicySecurity

public class JavaPolicySecurity
extends SecurityProxy

Nested Class Summary

Nested Classes

Modifier and Type	Class	Description
private static class	JavaPolicySecurity.ContextPermissions
private static class	JavaPolicySecurity.Loader

Constructor Summary

Constructors

Constructor	Description
JavaPolicySecurity()

Method Summary

Modifier and Type	Method	Description
protected void	callProcessFileSecure(Context cx, Scriptable scope, java.lang.String filename)
java.lang.Object	callWithDomain(java.lang.Object securityDomain, Context cx, Callable callable, Scriptable scope, Scriptable thisObj, java.lang.Object[] args)	Call Callable.call(Context cx, Scriptable scope, Scriptable thisObj, Object[] args) of callable under restricted security domain where an action is allowed only if it is allowed according to the Java stack on the moment of the execWithDomain call and securityDomain.
GeneratedClassLoader	createClassLoader(java.lang.ClassLoader parentLoader, java.lang.Object securityDomain)	Get class loader-like object that can be used to define classes with the given security context.
private java.security.ProtectionDomain	getDynamicDomain(java.security.ProtectionDomain staticDomain)
java.lang.Object	getDynamicSecurityDomain(java.lang.Object securityDomain)	Get dynamic security domain that allows an action only if it is allowed by the current Java stack and securityDomain.
java.lang.Class<?>	getStaticSecurityDomainClassInternal()
private java.security.ProtectionDomain	getUrlDomain(java.net.URL url)
private java.net.URL	getUrlObj(java.lang.String url)

Methods inherited from class org.htmlunit.corejs.javascript.SecurityController

createLoader, execWithDomain, getStaticSecurityDomainClass, hasGlobal, initGlobal

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Constructor Detail

JavaPolicySecurity

public JavaPolicySecurity()

Method Detail

getStaticSecurityDomainClassInternal

public java.lang.Class<?> getStaticSecurityDomainClassInternal()

Overrides:

getStaticSecurityDomainClassInternal in class SecurityController

callProcessFileSecure

protected void callProcessFileSecure(Context cx,
                                     Scriptable scope,
                                     java.lang.String filename)

Specified by:

callProcessFileSecure in class SecurityProxy

getUrlObj

private java.net.URL getUrlObj(java.lang.String url)

getUrlDomain

private java.security.ProtectionDomain getUrlDomain(java.net.URL url)

createClassLoader

public GeneratedClassLoader createClassLoader(java.lang.ClassLoader parentLoader,
                                              java.lang.Object securityDomain)

Description copied from class: SecurityController

Get class loader-like object that can be used to define classes with the given security context.

Specified by:

createClassLoader in class SecurityController

Parameters:

parentLoader - parent class loader to delegate search for classes not defined by the class loader itself

securityDomain - some object specifying the security context of the code that is defined by the returned class loader.

getDynamicSecurityDomain

public java.lang.Object getDynamicSecurityDomain(java.lang.Object securityDomain)

Description copied from class: SecurityController

Get dynamic security domain that allows an action only if it is allowed by the current Java stack and securityDomain. If securityDomain is null, return domain representing permissions allowed by the current stack.

Specified by:

getDynamicSecurityDomain in class SecurityController

getDynamicDomain

private java.security.ProtectionDomain getDynamicDomain(java.security.ProtectionDomain staticDomain)

callWithDomain

public java.lang.Object callWithDomain(java.lang.Object securityDomain,
                                       Context cx,
                                       Callable callable,
                                       Scriptable scope,
                                       Scriptable thisObj,
                                       java.lang.Object[] args)

Description copied from class: SecurityController

Call Callable.call(Context cx, Scriptable scope, Scriptable thisObj, Object[] args) of callable under restricted security domain where an action is allowed only if it is allowed according to the Java stack on the moment of the execWithDomain call and securityDomain. Any call to SecurityController.getDynamicSecurityDomain(Object) during execution of callable.call(cx, scope, thisObj, args) should return a domain incorporate restrictions imposed by securityDomain and Java stack on the moment of callWithDomain invocation.

The method should always be overridden, it is not declared abstract for compatibility reasons.

Overrides:

callWithDomain in class SecurityController