java.rmi.server
Class BasicCallController
java.lang.Object
|
+--java.rmi.server.BasicCallController
- All Implemented Interfaces:
- RemoteCallControl
- public class BasicCallController
- extends java.lang.Object
- implements RemoteCallControl
A basic remote call controller that allows an incoming secure remote call
to proceed if the server did not require client authentication, or if the
server did require client authentication and the client subject has been
granted permission to call that specific method. This class exercises no
control over parameter unmarshalling and result marshalling, but subclasses
can impose their own control as desired.
- Since:
- 1.4
Constructor Summary |
BasicCallController(java.rmi.Remote obj,
SecureExportDesc desc,
java.lang.Class permClass)
Creates a controller for the specified secure remote object, using the
specified export descriptor and permission class. |
Method Summary |
protected void |
checkAccess(java.lang.reflect.Method method)
Checks for permission to call the specified method. |
static void |
checkClientPermission(java.security.Permission perm)
Checks that the client subject for the current secure remote call (as
given by SecureRemoteServer.getClientSubject ) has the specified permission. |
protected void |
checkPermission(java.security.Permission perm)
Checks that the calling thread has the specified permission. |
void |
controlRemoteCall(java.lang.reflect.Method method,
java.security.PrivilegedExceptionAction action)
Checks for permission to call the specified method by calling
checkAccess with the specified method. |
void |
controlRemoteResult(java.lang.reflect.Method method,
java.security.PrivilegedExceptionAction action)
This method does nothing (it does not execute the specified action),
but subclasses can impose their own control as desired. |
Methods inherited from class java.lang.Object |
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait |
BasicCallController
public BasicCallController(java.rmi.Remote obj,
SecureExportDesc desc,
java.lang.Class permClass)
throws java.rmi.server.ExportException
- Creates a controller for the specified secure remote object, using the
specified export descriptor and permission class.
- Parameters:
obj
- the secure remote objectdesc
- the export descriptorpermClass
- the permission class- Throws:
java.rmi.server.ExportException
- if the specified descriptor has method-specific
constraints for a method that is neither a method from a remote
interface of the specified secure remote object nor the
RemoteSecurity.getServerSubject
methodjava.lang.IllegalArgumentException
- if the specified class is abstract, is
not a subclass of java.security.Permission
, or does not
have a public constructor that takes two String
parameters and has no declared exceptionsNullPointerException
- if any parameter is null
checkAccess
protected void checkAccess(java.lang.reflect.Method method)
- Checks for permission to call the specified method. If the server
constraints for the specified method (as determined by the export
descriptor that was specified when this controller was constructed)
contain
ClientAuthentication.YES
as a requirement, then a permission check is
made by calling checkPermission
with a permission
constructed from the permission class that was specified when this
controller was constructed. The permission is constructed by passing
the name of the specified method as the first constructor parameter
(the name) and null
as the second constructor parameter
(the actions) to the constructor. If the server constraints for the
specified method do not require client authentication, this method
does nothing.
- Parameters:
method
- the method- Throws:
java.security.AccessControlException
- if permission to call the specified
method has not been grantedNullPointerException
- if the parameter is null
checkPermission
protected void checkPermission(java.security.Permission perm)
- Checks that the calling thread has the specified permission. This
method calls
checkClientPermission
with the specified
permission, but subclasses can impose their own semantics as desired.
- Parameters:
perm
- the requested permission- Throws:
java.security.AccessControlException
- if the specified permission has not been
granted
checkClientPermission
public static void checkClientPermission(java.security.Permission perm)
- Checks that the client subject for the current secure remote call (as
given by
SecureRemoteServer.getClientSubject
) has the specified permission. If
the client subject is null
, only the standard policy
(java.security.Policy
) is consulted, otherwise both the
JAAS policy (javax.security.auth.Policy
) and the standard
policy are consulted. In both cases, an empty
java.security.CodeSource
(null
location and
certificates) is used when obtaining permissions from the policy.
- Parameters:
perm
- the requested permission- Throws:
java.security.AccessControlException
- if the current client subject has not
been granted the specified permissionjava.lang.RuntimeException
- if the current thread is not executing an
incoming remote method for a secure remote object
controlRemoteCall
public void controlRemoteCall(java.lang.reflect.Method method,
java.security.PrivilegedExceptionAction action)
- Checks for permission to call the specified method by calling
checkAccess
with the specified method. This method does
not execute the specified action, but subclasses can impose their own
control over parameter unmarshalling as desired.
- Specified by:
controlRemoteCall
in interface RemoteCallControl
- Following copied from interface:
java.rmi.server.RemoteCallControl
- Parameters:
method
- the remote method that will be invokedaction
- the action that can be executed in the desired context
to cause the parameters of the remote call to be unmarshalled in that
context- Throws:
java.lang.RuntimeException
- if the call should not be performed. This
exception will be propagated back to the caller. Normally a
SecurityException
should be thrown.NullPointerException
- if any parameter is null
controlRemoteResult
public void controlRemoteResult(java.lang.reflect.Method method,
java.security.PrivilegedExceptionAction action)
- This method does nothing (it does not execute the specified action),
but subclasses can impose their own control as desired.
- Specified by:
controlRemoteResult
in interface RemoteCallControl
- Following copied from interface:
java.rmi.server.RemoteCallControl
- Parameters:
method
- the remote method that was invokedaction
- the action that can be executed in the desired context
to cause the result of the remote call to be marshalled in that
context- Throws:
NullPointerException
- if any parameter is null
Copyright © 2000 Sun Microsystems, Inc. All rights reserved