Class SecurityUtil


  • public final class SecurityUtil
    extends Object
    This utility class associates a Subject to the current AccessControlContext. When a SecurityManager is used, the container will always associate the called thread with an AccessControlContext containing only the principal of the requested Servlet/Filter. This class uses reflection to invoke the methods.
    • Constructor Detail

      • SecurityUtil

        public SecurityUtil()
    • Method Detail

      • doAsPrivilege

        public static void doAsPrivilege​(String methodName,
                                         Servlet targetObject)
                                  throws Exception
        Perform work as a particular Subject. Here the work will be granted to a null subject.
        Parameters:
        methodName - the method to apply the security restriction
        targetObject - the Servlet on which the method will be called.
        Throws:
        Exception - an execution error occurred
      • doAsPrivilege

        public static void doAsPrivilege​(String methodName,
                                         Servlet targetObject,
                                         Class<?>[] targetType,
                                         Object[] targetArguments)
                                  throws Exception
        Perform work as a particular Subject. Here the work will be granted to a null subject.
        Parameters:
        methodName - the method to apply the security restriction
        targetObject - the Servlet on which the method will be called.
        targetType - Class array used to instantiate a Method object.
        targetArguments - Object array contains the runtime parameters instance.
        Throws:
        Exception - an execution error occurred
      • doAsPrivilege

        public static void doAsPrivilege​(String methodName,
                                         Servlet targetObject,
                                         Class<?>[] targetParameterTypes,
                                         Object[] targetArguments,
                                         Principal principal)
                                  throws Exception
        Perform work as a particular Subject. Here the work will be granted to a null subject.
        Parameters:
        methodName - the method to apply the security restriction
        targetObject - the Servlet on which the method will be called.
        targetParameterTypes - Class array used to instantiate a Method object.
        targetArguments - Object array contains the runtime parameters instance.
        principal - the Principal to which the security privilege applies
        Throws:
        Exception - an execution error occurred
      • doAsPrivilege

        public static void doAsPrivilege​(String methodName,
                                         Filter targetObject)
                                  throws Exception
        Perform work as a particular Subject. Here the work will be granted to a null subject.
        Parameters:
        methodName - the method to apply the security restriction
        targetObject - the Filter on which the method will be called.
        Throws:
        Exception - an execution error occurred
      • doAsPrivilege

        public static void doAsPrivilege​(String methodName,
                                         Filter targetObject,
                                         Class<?>[] targetType,
                                         Object[] targetArguments)
                                  throws Exception
        Perform work as a particular Subject. Here the work will be granted to a null subject.
        Parameters:
        methodName - the method to apply the security restriction
        targetObject - the Filter on which the method will be called.
        targetType - Class array used to instantiate a Method object.
        targetArguments - Object array contains the runtime parameters instance.
        Throws:
        Exception - an execution error occurred
      • doAsPrivilege

        public static void doAsPrivilege​(String methodName,
                                         Filter targetObject,
                                         Class<?>[] targetParameterTypes,
                                         Object[] targetParameterValues,
                                         Principal principal)
                                  throws Exception
        Perform work as a particular Subject. Here the work will be granted to a null subject.
        Parameters:
        methodName - the method to apply the security restriction
        targetObject - the Filter on which the method will be called.
        targetParameterTypes - Class array used to instantiate a Method object.
        targetParameterValues - Object array contains the runtime parameters instance.
        principal - the Principal to which the security privilege applies
        Throws:
        Exception - an execution error occurred
      • remove

        public static void remove​(Object cachedObject)
        Remove the object from the cache.
        Parameters:
        cachedObject - The object to remove
      • isPackageProtectionEnabled

        public static boolean isPackageProtectionEnabled()
        Return the SecurityManager only if Security is enabled AND package protection mechanism is enabled.
        Returns:
        true if package level protection is enabled