Java 2 Platform SE v1.3.1: Interface DomainCombiner

Overview

Package

Class

Use

Tree

Deprecated

Index

Help

Java^TM 2 Platform
Std. Ed. v1.3.1

PREV CLASS NEXT CLASS

FRAMES NO FRAMES

SUMMARY: INNER | FIELD | CONSTR | METHOD

DETAIL: FIELD | CONSTR | METHOD

java.security
Interface DomainCombiner

public interface DomainCombiner

A DomainCombiner provides a means to dynamically update the ProtectionDomains associated with the current AccessControlContext.

A DomainCombiner is passed as a parameter to the appropriate constructor for AccessControlContext. The newly constructed context is then passed to the AccessController.doPrivileged(..., context) method to bind the provided context (and associated DomainCombiner) with the current execution Thread. Subsequent calls to AccessController.getContext or AccessController.checkPermission cause the DomainCombiner.combine to get invoked.

The combine method takes two arguments. The ProtectionDomains on the current execution Thread, since the most recent call to AccessController.doPrivileged, get passed to the first argument in an array. If no call to doPrivileged was made, then all the ProtectionDomains from the current execution Thread get passed to the first argument. The ProtectionDomains inherited from the parent Thread get passed to the second argument, unless a call to doPrivileged(..., context) had occurred. In that case, the ProtectionDomains from the privileged context are passed to the second argument.

The combine method investigates the two input arrays of ProtectionDomains and returns a single array containing the updated ProtectionDomains. In the simplest case, the combine method merges the two stacks into one. In more complex cases, the combine method returns a modified stack of ProtectionDomains. The modification may have added new ProtectionDomains, removed certain ProtectionDomains, or simply updated existing ProtectionDomains. Re-ordering and other optimizations to the ProtectionDomains are also permitted. Typically the combine method bases its updates on the information encapsulated in the DomainCombiner.

After the AccessController.getContext method receives the combined stack of ProtectionDomains back from the DomainCombiner, it returns a new AccessControlContext that has both the combined ProtectionDomains as well as the DomainCombiner.

See Also:: AccessController, AccessControlContext

Method Summary

ProtectionDomain[] combine(ProtectionDomain[] currentDomains, ProtectionDomain[] assignedDomains)
Modify or update the provided ProtectionDomains.

Method Detail

combine

public ProtectionDomain[] combine(ProtectionDomain[] currentDomains,
                                  ProtectionDomain[] assignedDomains)

Modify or update the provided ProtectionDomains. ProtectionDomains may be added to or removed from the given ProtectionDomains. The ProtectionDomains may be re-ordered. Individual ProtectionDomains may be may be modified (with a new set of Permissions, for example).

Parameters:: currentDomains - the ProtectionDomains associated with the current execution Thread, up to the most recent privileged ProtectionDomain. The ProtectionDomains are are listed in order of execution, with the most recently executing ProtectionDomain residing at the beginning of the array. This parameter may be null if the current execution Thread has no associated ProtectionDomains.; assignedDomains - the ProtectionDomains inherited from the parent Thread, or the ProtectionDomains from the privileged context, if a call to AccessController.doPrivileged(..., context) had occurred This parameter may be null if there were no ProtectionDomains inherited from the parent Thread, or from the privileged context.
Returns:: a new array consisting of the updated ProtectionDomains, or null.