public final class VerifyingProxyPreparer extends Object implements ProxyPreparer
ProxyPreparer
for verifying that proxies are trusted,
dynamically granting permissions to trusted proxies, and optionally
setting the client constraints on trusted proxies.
Determining permissions granted to verified and trusted proxies may be
either passed explicitly via a constructor or if null may be advised by the
proxy using AdvisoryDynamicPermissions
Constructor and Description |
---|
VerifyingProxyPreparer(boolean addProxyConstraints,
ClassLoader loader,
Object[] contextElements,
Principal[] principals,
Permission[] permissions)
Creates a proxy preparer that verifies proxies using the specified
class loader and trust verifier context elements (optionally with
the proxy's client constraints as an additional context element),
dynamically grants the specified permissions to trusted proxies for the
specified principals, and returns trusted proxies with their original
client constraints intact.
|
VerifyingProxyPreparer(ClassLoader loader,
Object[] contextElements,
Principal[] principals,
Permission[] permissions)
Creates a proxy preparer that verifies proxies using the specified
class loader and trust verifier context elements, dynamically grants
the specified permissions to trusted proxies for the specified
principals, and returns trusted proxies with their client constraints
set to the constraints specified as a trust verifier context element.
|
VerifyingProxyPreparer(Object[] contextElements,
Permission[] permissions)
Creates a proxy preparer that verifies proxies using the context
class loader and specified trust verifier context elements, dynamically
grants the specified permissions to trusted proxies for the principals
of the preparing thread's subject, and returns trusted proxies with
their client constraints set to the constraints specified as a trust
verifier context element.
|
Modifier and Type | Method and Description |
---|---|
boolean |
equals(Object obj)
Returns
true if the specified object and this object
are both instances of this class that were constructed with equivalent
arguments. |
int |
hashCode()
Returns a hash code value for this object.
|
Object |
prepareProxy(Object proxy)
Performs operations on a proxy to prepare it for use, returning the
prepared proxy, which may or may not be the argument itself.
|
String |
toString()
Returns a string representation of this object.
|
public VerifyingProxyPreparer(Object[] contextElements, Permission[] permissions)
contextElements
- the trust verifier context elementspermissions
- the permissions to dynamically grant, or
null
if no permissions should be grantedNullPointerException
- if contextElements
is
null
or any element of permissions
is
null
IllegalArgumentException
- if no element of
contextElements
is an instance of MethodConstraints
public VerifyingProxyPreparer(ClassLoader loader, Object[] contextElements, Principal[] principals, Permission[] permissions)
loader
- the class loader for finding trust verifiers, or
null
to use the context class loadercontextElements
- the trust verifier context elementsprincipals
- minimum set of principals to which grants apply, or
null
to use the principals of the preparing thread's
subjectpermissions
- the permissions to dynamically grant, or
null
if no permissions should be grantedNullPointerException
- if contextElements
is
null
or any element of principals
or
permissions
is null
IllegalArgumentException
- if no element of
contextElements
is an instance of MethodConstraints
public VerifyingProxyPreparer(boolean addProxyConstraints, ClassLoader loader, Object[] contextElements, Principal[] principals, Permission[] permissions)
addProxyConstraints
- true
if the proxy's client
constraints should be included as a trust verifier context element,
false
otherwiseloader
- the class loader for finding trust verifiers, or
null
to use the context class loadercontextElements
- the trust verifier context elements, or
null
if no elements need to be suppliedprincipals
- minimum set of principals to which grants apply, or
null
to use the principals of the preparing thread's
subjectpermissions
- the permissions to dynamically grant, or
null
if no permissions should be grantedNullPointerException
- if any element of principals
or permissions
is null
public Object prepareProxy(Object proxy) throws RemoteException
If this preparer was created using the two-argument or four-argument
constructor, or using the five-argument constructor
with addProxyConstraints
set to true
, and if
the specified proxy is not an instance of RemoteMethodControl
,
then a SecurityException
is thrown. Otherwise,
Security.verifyObjectTrust
is
invoked with the specified proxy, the class loader that was passed to
the constructor of this preparer (or null
if the
two-argument constructor was used), and a trust verifier context
collection containing all of the context elements that were passed to
the constructor of this preparer. If this preparer was created using
the five-arguent constructor with addProxyConstraints
set to true
, then the proxy's client constraints (obtained
by calling getConstraints
on
the proxy) are included as an additional context element. Any exception
thrown by verifyObjectTrust
is thrown by this method. If
this preparer was created with a non-null
array of
principals and one or more permissions, then
Security.grant
is invoked with the proxy's class and those principals and permissions.
If this preparer was created with no array of principals (either
null
was specified or the two-argument constructor was
used) but one or more permissions, then
Security.grant
is invoked
with the proxy's class and those permissions. In either case, if
grant
throws an UnsupportedOperationException
, this method throws
a SecurityException
. Finally, if this preparer was
created using the five-argument constructor, then the original proxy
is returned, otherwise what is returned is the result of calling
RemoteMethodControl.setConstraints
on the proxy, passing the first
trust verifier context element that is an instance of
MethodConstraints
.
prepareProxy
in interface ProxyPreparer
proxy
- the proxy to prepareNullPointerException
- if proxy
is null
RemoteException
- if a communication-related exception occursSecurityException
- if a security exception occurspublic String toString()
public boolean equals(Object obj)
true
if the specified object and this object
are both instances of this class that were constructed with equivalent
arguments. The order of trust verifier context elements, principals,
and permissions in the arrays that were passed to the constructor is
not significant.Copyright © 2016–2018 The Apache Software Foundation. All rights reserved.