< prev index next >
src/share/classes/javax/security/auth/Subject.java
Print this page
rev 1461 : 6987827: security/util/Resources.java needs improvement
Reviewed-by: valeriep
*** 1,7 ****
/*
! * Copyright (c) 1998, 2006, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
* under the terms of the GNU General Public License version 2 only, as
* published by the Free Software Foundation. Oracle designates this
--- 1,7 ----
/*
! * Copyright (c) 1998, 2010, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
* under the terms of the GNU General Public License version 2 only, as
* published by the Free Software Foundation. Oracle designates this
*** 203,213 ****
if (principals == null ||
pubCredentials == null ||
privCredentials == null)
throw new NullPointerException
! (ResourcesMgr.getString("invalid null input(s)"));
this.principals = Collections.synchronizedSet(new SecureSet<Principal>
(this, PRINCIPAL_SET, principals));
this.pubCredentials = Collections.synchronizedSet(new SecureSet<Object>
(this, PUB_CREDENTIAL_SET, pubCredentials));
--- 203,213 ----
if (principals == null ||
pubCredentials == null ||
privCredentials == null)
throw new NullPointerException
! (ResourcesMgr.getString("invalid.null.input.s."));
this.principals = Collections.synchronizedSet(new SecureSet<Principal>
(this, PRINCIPAL_SET, principals));
this.pubCredentials = Collections.synchronizedSet(new SecureSet<Object>
(this, PUB_CREDENTIAL_SET, pubCredentials));
*** 288,298 ****
sm.checkPermission(new AuthPermission("getSubject"));
}
if (acc == null) {
throw new NullPointerException(ResourcesMgr.getString
! ("invalid null AccessControlContext provided"));
}
// return the Subject from the DomainCombiner of the provided context
return AccessController.doPrivileged
(new java.security.PrivilegedAction<Subject>() {
--- 288,298 ----
sm.checkPermission(new AuthPermission("getSubject"));
}
if (acc == null) {
throw new NullPointerException(ResourcesMgr.getString
! ("invalid.null.AccessControlContext.provided"));
}
// return the Subject from the DomainCombiner of the provided context
return AccessController.doPrivileged
(new java.security.PrivilegedAction<Subject>() {
*** 345,355 ****
if (sm != null) {
sm.checkPermission(SecurityConstants.DO_AS_PERMISSION);
}
if (action == null)
throw new NullPointerException
! (ResourcesMgr.getString("invalid null action provided"));
// set up the new Subject-based AccessControlContext
// for doPrivileged
final AccessControlContext currentAcc = AccessController.getContext();
--- 345,355 ----
if (sm != null) {
sm.checkPermission(SecurityConstants.DO_AS_PERMISSION);
}
if (action == null)
throw new NullPointerException
! (ResourcesMgr.getString("invalid.null.action.provided"));
// set up the new Subject-based AccessControlContext
// for doPrivileged
final AccessControlContext currentAcc = AccessController.getContext();
*** 405,415 ****
sm.checkPermission(SecurityConstants.DO_AS_PERMISSION);
}
if (action == null)
throw new NullPointerException
! (ResourcesMgr.getString("invalid null action provided"));
// set up the new Subject-based AccessControlContext for doPrivileged
final AccessControlContext currentAcc = AccessController.getContext();
// call doPrivileged and push this new context on the stack
--- 405,415 ----
sm.checkPermission(SecurityConstants.DO_AS_PERMISSION);
}
if (action == null)
throw new NullPointerException
! (ResourcesMgr.getString("invalid.null.action.provided"));
// set up the new Subject-based AccessControlContext for doPrivileged
final AccessControlContext currentAcc = AccessController.getContext();
// call doPrivileged and push this new context on the stack
*** 459,469 ****
sm.checkPermission(SecurityConstants.DO_AS_PRIVILEGED_PERMISSION);
}
if (action == null)
throw new NullPointerException
! (ResourcesMgr.getString("invalid null action provided"));
// set up the new Subject-based AccessControlContext
// for doPrivileged
final AccessControlContext callerAcc =
(acc == null ?
--- 459,469 ----
sm.checkPermission(SecurityConstants.DO_AS_PRIVILEGED_PERMISSION);
}
if (action == null)
throw new NullPointerException
! (ResourcesMgr.getString("invalid.null.action.provided"));
// set up the new Subject-based AccessControlContext
// for doPrivileged
final AccessControlContext callerAcc =
(acc == null ?
*** 523,533 ****
sm.checkPermission(SecurityConstants.DO_AS_PRIVILEGED_PERMISSION);
}
if (action == null)
throw new NullPointerException
! (ResourcesMgr.getString("invalid null action provided"));
// set up the new Subject-based AccessControlContext for doPrivileged
final AccessControlContext callerAcc =
(acc == null ?
new AccessControlContext(NULL_PD_ARRAY) :
--- 523,533 ----
sm.checkPermission(SecurityConstants.DO_AS_PRIVILEGED_PERMISSION);
}
if (action == null)
throw new NullPointerException
! (ResourcesMgr.getString("invalid.null.action.provided"));
// set up the new Subject-based AccessControlContext for doPrivileged
final AccessControlContext callerAcc =
(acc == null ?
new AccessControlContext(NULL_PD_ARRAY) :
*** 602,612 ****
*/
public <T extends Principal> Set<T> getPrincipals(Class<T> c) {
if (c == null)
throw new NullPointerException
! (ResourcesMgr.getString("invalid null Class provided"));
// always return an empty Set instead of null
// so LoginModules can add to the Set if necessary
return new ClassSet<T>(PRINCIPAL_SET, c);
}
--- 602,612 ----
*/
public <T extends Principal> Set<T> getPrincipals(Class<T> c) {
if (c == null)
throw new NullPointerException
! (ResourcesMgr.getString("invalid.null.Class.provided"));
// always return an empty Set instead of null
// so LoginModules can add to the Set if necessary
return new ClassSet<T>(PRINCIPAL_SET, c);
}
*** 696,706 ****
*/
public <T> Set<T> getPublicCredentials(Class<T> c) {
if (c == null)
throw new NullPointerException
! (ResourcesMgr.getString("invalid null Class provided"));
// always return an empty Set instead of null
// so LoginModules can add to the Set if necessary
return new ClassSet<T>(PUB_CREDENTIAL_SET, c);
}
--- 696,706 ----
*/
public <T> Set<T> getPublicCredentials(Class<T> c) {
if (c == null)
throw new NullPointerException
! (ResourcesMgr.getString("invalid.null.Class.provided"));
// always return an empty Set instead of null
// so LoginModules can add to the Set if necessary
return new ClassSet<T>(PUB_CREDENTIAL_SET, c);
}
*** 741,751 ****
// would do is protect the set operations themselves
// (like size()), which don't seem security-sensitive.
if (c == null)
throw new NullPointerException
! (ResourcesMgr.getString("invalid null Class provided"));
// always return an empty Set instead of null
// so LoginModules can add to the Set if necessary
return new ClassSet<T>(PRIV_CREDENTIAL_SET, c);
}
--- 741,751 ----
// would do is protect the set operations themselves
// (like size()), which don't seem security-sensitive.
if (c == null)
throw new NullPointerException
! (ResourcesMgr.getString("invalid.null.Class.provided"));
// always return an empty Set instead of null
// so LoginModules can add to the Set if necessary
return new ClassSet<T>(PRIV_CREDENTIAL_SET, c);
}
*** 831,875 ****
* without firing off a security check when trying to access
* the Private Credentials
*/
String toString(boolean includePrivateCredentials) {
! String s = ResourcesMgr.getString("Subject:\n");
String suffix = "";
synchronized(principals) {
Iterator<Principal> pI = principals.iterator();
while (pI.hasNext()) {
Principal p = pI.next();
! suffix = suffix + ResourcesMgr.getString("\tPrincipal: ") +
! p.toString() + ResourcesMgr.getString("\n");
}
}
synchronized(pubCredentials) {
Iterator<Object> pI = pubCredentials.iterator();
while (pI.hasNext()) {
Object o = pI.next();
suffix = suffix +
! ResourcesMgr.getString("\tPublic Credential: ") +
! o.toString() + ResourcesMgr.getString("\n");
}
}
if (includePrivateCredentials) {
synchronized(privCredentials) {
Iterator<Object> pI = privCredentials.iterator();
while (pI.hasNext()) {
try {
Object o = pI.next();
suffix += ResourcesMgr.getString
! ("\tPrivate Credential: ") +
o.toString() +
! ResourcesMgr.getString("\n");
} catch (SecurityException se) {
suffix += ResourcesMgr.getString
! ("\tPrivate Credential inaccessible\n");
break;
}
}
}
}
--- 831,875 ----
* without firing off a security check when trying to access
* the Private Credentials
*/
String toString(boolean includePrivateCredentials) {
! String s = ResourcesMgr.getString("Subject.");
String suffix = "";
synchronized(principals) {
Iterator<Principal> pI = principals.iterator();
while (pI.hasNext()) {
Principal p = pI.next();
! suffix = suffix + ResourcesMgr.getString(".Principal.") +
! p.toString() + ResourcesMgr.getString("NEWLINE");
}
}
synchronized(pubCredentials) {
Iterator<Object> pI = pubCredentials.iterator();
while (pI.hasNext()) {
Object o = pI.next();
suffix = suffix +
! ResourcesMgr.getString(".Public.Credential.") +
! o.toString() + ResourcesMgr.getString("NEWLINE");
}
}
if (includePrivateCredentials) {
synchronized(privCredentials) {
Iterator<Object> pI = privCredentials.iterator();
while (pI.hasNext()) {
try {
Object o = pI.next();
suffix += ResourcesMgr.getString
! (".Private.Credential.") +
o.toString() +
! ResourcesMgr.getString("NEWLINE");
} catch (SecurityException se) {
suffix += ResourcesMgr.getString
! (".Private.Credential.inaccessible.");
break;
}
}
}
}
*** 1039,1049 ****
public void remove() {
if (subject.isReadOnly()) {
throw new IllegalStateException(ResourcesMgr.getString
! ("Subject is read-only"));
}
java.lang.SecurityManager sm = System.getSecurityManager();
if (sm != null) {
switch (which) {
--- 1039,1049 ----
public void remove() {
if (subject.isReadOnly()) {
throw new IllegalStateException(ResourcesMgr.getString
! ("Subject.is.read.only"));
}
java.lang.SecurityManager sm = System.getSecurityManager();
if (sm != null) {
switch (which) {
*** 1068,1078 ****
public boolean add(E o) {
if (subject.isReadOnly()) {
throw new IllegalStateException
! (ResourcesMgr.getString("Subject is read-only"));
}
java.lang.SecurityManager sm = System.getSecurityManager();
if (sm != null) {
switch (which) {
--- 1068,1078 ----
public boolean add(E o) {
if (subject.isReadOnly()) {
throw new IllegalStateException
! (ResourcesMgr.getString("Subject.is.read.only"));
}
java.lang.SecurityManager sm = System.getSecurityManager();
if (sm != null) {
switch (which) {
*** 1093,1105 ****
switch (which) {
case Subject.PRINCIPAL_SET:
if (!(o instanceof Principal)) {
throw new SecurityException(ResourcesMgr.getString
! ("attempting to add an object which is not an " +
! "instance of java.security.Principal to a " +
! "Subject's Principal Set"));
}
break;
default:
// ok to add Objects of any kind to credential sets
break;
--- 1093,1103 ----
switch (which) {
case Subject.PRINCIPAL_SET:
if (!(o instanceof Principal)) {
throw new SecurityException(ResourcesMgr.getString
! ("attempting.to.add.an.object.which.is.not.an.instance.of.java.security.Principal.to.a.Subject.s.Principal.Set"));
}
break;
default:
// ok to add Objects of any kind to credential sets
break;
*** 1404,1415 ****
public boolean add(T o) {
if (!o.getClass().isAssignableFrom(c)) {
MessageFormat form = new MessageFormat(ResourcesMgr.getString
! ("attempting to add an object which is not an " +
! "instance of class"));
Object[] source = {c.toString()};
throw new SecurityException(form.format(source));
}
return set.add(o);
--- 1402,1412 ----
public boolean add(T o) {
if (!o.getClass().isAssignableFrom(c)) {
MessageFormat form = new MessageFormat(ResourcesMgr.getString
! ("attempting.to.add.an.object.which.is.not.an.instance.of.class"));
Object[] source = {c.toString()};
throw new SecurityException(form.format(source));
}
return set.add(o);
< prev index next >