< prev index next >

src/java.base/share/classes/java/security/SecureClassLoader.java

Print this page 
 12  * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
 13  * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
 14  * version 2 for more details (a copy is included in the LICENSE file that
 15  * accompanied this code).
 16  *
 17  * You should have received a copy of the GNU General Public License version
 18  * 2 along with this work; if not, write to the Free Software Foundation,
 19  * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
 20  *
 21  * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
 22  * or visit www.oracle.com if you need additional information or have any
 23  * questions.
 24  */
 25 
 26 package java.security;
 27 
 28 import java.util.Map;
 29 import java.util.Objects;
 30 import java.util.concurrent.ConcurrentHashMap;
 31 import java.util.function.Function;

 32 
 33 /**
 34  * This class extends {@code ClassLoader} with additional support for defining
 35  * classes with an associated code source and permissions.
 36  *
 37  * @apiNote
 38  * Permissions cannot be used for controlling access to resources
 39  * as the Security Manager is no longer supported.
 40  *
 41  * @author  Li Gong
 42  * @author  Roland Schemers
 43  * @since 1.2
 44  */
 45 public class SecureClassLoader extends ClassLoader {
 46 
 47     /*
 48      * Map that maps the CodeSource to a ProtectionDomain. The key is a
 49      * CodeSourceKey class that uses a {@code String} instead of a URL to avoid
 50      * potential expensive name service lookups. This does mean that URLs that
 51      * are equivalent after nameservice lookup will be placed in separate

226             return Objects.hashCode(cs.getLocationNoFragString());
227         }
228 
229         @Override
230         public boolean equals(Object obj) {
231             if (obj == this) {
232                 return true;
233             }
234 
235             return obj instanceof CodeSourceKey other
236                     && Objects.equals(cs.getLocationNoFragString(),
237                                 other.cs.getLocationNoFragString())
238                     && cs.matchCerts(other.cs, true);
239         }
240     }
241 
242     /**
243      * Called by the VM, during -Xshare:dump
244      */
245     private void resetArchivedStates() {
246         pdcache.clear();














247     }
248 }

 12  * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
 13  * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
 14  * version 2 for more details (a copy is included in the LICENSE file that
 15  * accompanied this code).
 16  *
 17  * You should have received a copy of the GNU General Public License version
 18  * 2 along with this work; if not, write to the Free Software Foundation,
 19  * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
 20  *
 21  * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
 22  * or visit www.oracle.com if you need additional information or have any
 23  * questions.
 24  */
 25 
 26 package java.security;
 27 
 28 import java.util.Map;
 29 import java.util.Objects;
 30 import java.util.concurrent.ConcurrentHashMap;
 31 import java.util.function.Function;
 32 import jdk.internal.misc.CDS;
 33 
 34 /**
 35  * This class extends {@code ClassLoader} with additional support for defining
 36  * classes with an associated code source and permissions.
 37  *
 38  * @apiNote
 39  * Permissions cannot be used for controlling access to resources
 40  * as the Security Manager is no longer supported.
 41  *
 42  * @author  Li Gong
 43  * @author  Roland Schemers
 44  * @since 1.2
 45  */
 46 public class SecureClassLoader extends ClassLoader {
 47 
 48     /*
 49      * Map that maps the CodeSource to a ProtectionDomain. The key is a
 50      * CodeSourceKey class that uses a {@code String} instead of a URL to avoid
 51      * potential expensive name service lookups. This does mean that URLs that
 52      * are equivalent after nameservice lookup will be placed in separate

227             return Objects.hashCode(cs.getLocationNoFragString());
228         }
229 
230         @Override
231         public boolean equals(Object obj) {
232             if (obj == this) {
233                 return true;
234             }
235 
236             return obj instanceof CodeSourceKey other
237                     && Objects.equals(cs.getLocationNoFragString(),
238                                 other.cs.getLocationNoFragString())
239                     && cs.matchCerts(other.cs, true);
240         }
241     }
242 
243     /**
244      * Called by the VM, during -Xshare:dump
245      */
246     private void resetArchivedStates() {
247         if (CDS.isDumpingProtectionDomains()) {
248             for (CodeSourceKey key : pdcache.keySet()) {
249                 if (key.cs.getCodeSigners() != null) {
250                     // We don't archive any signed classes, so we don't need to cache their ProtectionDomains.
251                     pdcache.remove(key);
252                 }
253             }
254             if (System.getProperty("cds.debug.archived.protection.domains") != null) {
255                 for (CodeSourceKey key : pdcache.keySet()) {
256                     System.out.println("Archiving ProtectionDomain " + key.cs + " for " + this);
257                 }
258             }
259         } else {
260             pdcache.clear();
261         }
262     }
263 }
< prev index next >