JavaTM 2 Platform
Std. Ed. v1.3.1
Interface DomainCombiner

public interface DomainCombiner

A DomainCombiner provides a means to dynamically update the ProtectionDomains associated with the current AccessControlContext.

A DomainCombiner is passed as a parameter to the appropriate constructor for AccessControlContext. The newly constructed context is then passed to the AccessController.doPrivileged(..., context) method to bind the provided context (and associated DomainCombiner) with the current execution Thread. Subsequent calls to AccessController.getContext or AccessController.checkPermission cause the DomainCombiner.combine to get invoked.

The combine method takes two arguments. The ProtectionDomains on the current execution Thread, since the most recent call to AccessController.doPrivileged, get passed to the first argument in an array. If no call to doPrivileged was made, then all the ProtectionDomains from the current execution Thread get passed to the first argument. The ProtectionDomains inherited from the parent Thread get passed to the second argument, unless a call to doPrivileged(..., context) had occurred. In that case, the ProtectionDomains from the privileged context are passed to the second argument.

The combine method investigates the two input arrays of ProtectionDomains and returns a single array containing the updated ProtectionDomains. In the simplest case, the combine method merges the two stacks into one. In more complex cases, the combine method returns a modified stack of ProtectionDomains. The modification may have added new ProtectionDomains, removed certain ProtectionDomains, or simply updated existing ProtectionDomains. Re-ordering and other optimizations to the ProtectionDomains are also permitted. Typically the combine method bases its updates on the information encapsulated in the DomainCombiner.

After the AccessController.getContext method receives the combined stack of ProtectionDomains back from the DomainCombiner, it returns a new AccessControlContext that has both the combined ProtectionDomains as well as the DomainCombiner.

See Also:
AccessController, AccessControlContext

Method Summary
 ProtectionDomain[] combine(ProtectionDomain[] currentDomains, ProtectionDomain[] assignedDomains)
          Modify or update the provided ProtectionDomains.

Method Detail


public ProtectionDomain[] combine(ProtectionDomain[] currentDomains,
                                  ProtectionDomain[] assignedDomains)
Modify or update the provided ProtectionDomains. ProtectionDomains may be added to or removed from the given ProtectionDomains. The ProtectionDomains may be re-ordered. Individual ProtectionDomains may be may be modified (with a new set of Permissions, for example).

currentDomains - the ProtectionDomains associated with the current execution Thread, up to the most recent privileged ProtectionDomain. The ProtectionDomains are are listed in order of execution, with the most recently executing ProtectionDomain residing at the beginning of the array. This parameter may be null if the current execution Thread has no associated ProtectionDomains.

assignedDomains - the ProtectionDomains inherited from the parent Thread, or the ProtectionDomains from the privileged context, if a call to AccessController.doPrivileged(..., context) had occurred This parameter may be null if there were no ProtectionDomains inherited from the parent Thread, or from the privileged context.
a new array consisting of the updated ProtectionDomains, or null.

JavaTM 2 Platform
Std. Ed. v1.3.1

Submit a bug or feature
For further API reference and developer documentation, see Java 2 SDK SE Developer Documentation. That documentation contains more detailed, developer-targeted descriptions, with conceptual overviews, definitions of terms, workarounds, and working code examples.

Java, Java 2D, and JDBC are trademarks or registered trademarks of Oracle and/or its affiliates, in the US and other countries.
Copyright © 1995, 2010 Oracle and/or its affiliates. All rights reserved.