public interface SecurityContext
getContext method of the Security class, which in turn may obtain them from a security manager or
policy provider implementing the
SecurityContextSource interface.
Each SecurityContext contains an AccessControlContext
instance representing the access control context in place when the security
context was snapshotted; this instance can be passed to one of the
doPrivileged methods of the AccessController class to restore the
AccessControlContext portion of the overall security context.
Additional state (if any) carried by the security context can be restored
for the duration of a PrivilegedAction or PrivilegedExceptionAction by passing that action to the appropriate wrap
method of the SecurityContext instance, and then executing the
returned "wrapper" action. These two operations--restoring the access
control context, and restoring any additional context encapsulated by the
SecurityContext instance--should be performed in conjunction
with a single AccessController.doPrivileged call, as
illustrated below:
// snapshot context
SecurityContext ctx = Security.getContext();
// restore context
AccessController.doPrivileged(
ctx.wrap(action), ctx.getAccessControlContext());
| Modifier and Type | Method and Description |
|---|---|
AccessControlContext |
getAccessControlContext()
Returns access control context portion of snapshotted security context.
|
<T> PrivilegedAction<T> |
wrap(PrivilegedAction<T> action)
Returns a security context-restoring
PrivilegedAction that
wraps the given action, or returns the action itself if the security
context does not include any non-AccessControlContext state
to restore. |
<T> PrivilegedExceptionAction<T> |
wrap(PrivilegedExceptionAction<T> action)
Returns a security context-restoring
PrivilegedExceptionAction that wraps the given action, or
returns the action itself if the security context does not include any
non-AccessControlContext state to restore. |
<T> PrivilegedAction<T> wrap(PrivilegedAction<T> action)
PrivilegedAction that
wraps the given action, or returns the action itself if the security
context does not include any non-AccessControlContext state
to restore. The run method of the "wrapper" action (if
any) restores the non-AccessControlContext state of the
security context before invoking the run method of the
wrapped action, and unrestores that state after the wrapped action's
run method has completed (normally or otherwise). The
value returned or exception thrown by the wrapped action's
run method is propagated through the run
method of the wrapper action.T - return type of PrivilegedActionaction - the action to be wrappedaction,
or action if no wrapping is necessaryNullPointerException - if action is null<T> PrivilegedExceptionAction<T> wrap(PrivilegedExceptionAction<T> action)
PrivilegedExceptionAction that wraps the given action, or
returns the action itself if the security context does not include any
non-AccessControlContext state to restore. The
run method of the "wrapper" action (if any) restores the
non-AccessControlContext state of the security context
before invoking the run method of the wrapped action, and
unrestores that state after the wrapped action's run method
has completed (normally or otherwise). The value returned or exception
thrown by the wrapped action's run method is propagated
through the run method of the wrapper action.T - return type of PrivilegedExceptionActionaction - the action to be wrappedaction,
or action if no wrapping is necessaryNullPointerException - if action is nullAccessControlContext getAccessControlContext()