public interface SecurityContext
getContext
method of the Security
class, which in turn may obtain them from a security manager or
policy provider implementing the
SecurityContextSource
interface.
Each SecurityContext
contains an AccessControlContext
instance representing the access control context in place when the security
context was snapshotted; this instance can be passed to one of the
doPrivileged
methods of the AccessController
class to restore the
AccessControlContext
portion of the overall security context.
Additional state (if any) carried by the security context can be restored
for the duration of a PrivilegedAction
or PrivilegedExceptionAction
by passing that action to the appropriate wrap
method of the SecurityContext
instance, and then executing the
returned "wrapper" action. These two operations--restoring the access
control context, and restoring any additional context encapsulated by the
SecurityContext
instance--should be performed in conjunction
with a single AccessController.doPrivileged
call, as
illustrated below:
// snapshot context SecurityContext ctx = Security.getContext(); // restore context AccessController.doPrivileged( ctx.wrap(action), ctx.getAccessControlContext());
Modifier and Type | Method and Description |
---|---|
AccessControlContext |
getAccessControlContext()
Returns access control context portion of snapshotted security context.
|
<T> PrivilegedAction<T> |
wrap(PrivilegedAction<T> action)
Returns a security context-restoring
PrivilegedAction that
wraps the given action, or returns the action itself if the security
context does not include any non-AccessControlContext state
to restore. |
<T> PrivilegedExceptionAction<T> |
wrap(PrivilegedExceptionAction<T> action)
Returns a security context-restoring
PrivilegedExceptionAction that wraps the given action, or
returns the action itself if the security context does not include any
non-AccessControlContext state to restore. |
<T> PrivilegedAction<T> wrap(PrivilegedAction<T> action)
PrivilegedAction
that
wraps the given action, or returns the action itself if the security
context does not include any non-AccessControlContext
state
to restore. The run
method of the "wrapper" action (if
any) restores the non-AccessControlContext
state of the
security context before invoking the run
method of the
wrapped action, and unrestores that state after the wrapped action's
run
method has completed (normally or otherwise). The
value returned or exception thrown by the wrapped action's
run
method is propagated through the run
method of the wrapper action.T
- return type of PrivilegedActionaction
- the action to be wrappedaction
,
or action
if no wrapping is necessaryNullPointerException
- if action
is null
<T> PrivilegedExceptionAction<T> wrap(PrivilegedExceptionAction<T> action)
PrivilegedExceptionAction
that wraps the given action, or
returns the action itself if the security context does not include any
non-AccessControlContext
state to restore. The
run
method of the "wrapper" action (if any) restores the
non-AccessControlContext
state of the security context
before invoking the run
method of the wrapped action, and
unrestores that state after the wrapped action's run
method
has completed (normally or otherwise). The value returned or exception
thrown by the wrapped action's run
method is propagated
through the run
method of the wrapper action.T
- return type of PrivilegedExceptionActionaction
- the action to be wrappedaction
,
or action
if no wrapping is necessaryNullPointerException
- if action
is null
AccessControlContext getAccessControlContext()