diff options
Diffstat (limited to 'libjava/classpath/java/security/AccessControlContext.java')
-rw-r--r-- | libjava/classpath/java/security/AccessControlContext.java | 34 |
1 files changed, 29 insertions, 5 deletions
diff --git a/libjava/classpath/java/security/AccessControlContext.java b/libjava/classpath/java/security/AccessControlContext.java index 9a6ad208144..3b51e94125b 100644 --- a/libjava/classpath/java/security/AccessControlContext.java +++ b/libjava/classpath/java/security/AccessControlContext.java @@ -77,14 +77,23 @@ public final class AccessControlContext /** * Construct a new AccessControlContext with the specified - * ProtectionDomains and DomainCombiner + * {@link ProtectionDomain}s and {@link DomainCombiner}. * + * <p>Code calling this constructor must have a {@link + * SecurityPermission} of <i>createAccessControlContext</i>.</p> + * + * @throws SecurityException If the caller does not have permission + * to create an access control context. * @since 1.3 */ public AccessControlContext(AccessControlContext acc, DomainCombiner combiner) { - // XXX check permission to call this. + SecurityManager sm = System.getSecurityManager (); + if (sm != null) + { + sm.checkPermission (new SecurityPermission ("createAccessControlContext")); + } AccessControlContext acc2 = AccessController.getContext(); protectionDomains = combiner.combine (acc2.protectionDomains, acc.protectionDomains); @@ -119,10 +128,20 @@ public final class AccessControlContext public void checkPermission(Permission perm) throws AccessControlException { if (protectionDomains.length == 0) - throw new AccessControlException ("permission not granted"); + throw new AccessControlException ("permission " + + perm + + " not granted: no protection domains"); + for (int i = 0; i < protectionDomains.length; i++) - if (!protectionDomains[i].implies(perm)) - throw new AccessControlException ("permission not granted"); + { + final ProtectionDomain domain = protectionDomains[i]; + if (!domain.implies(perm)) + throw new AccessControlException ("permission " + + perm + + " not granted: " + + domain + + " does not imply it."); + } } /** @@ -173,4 +192,9 @@ public final class AccessControlContext return h; } + + ProtectionDomain[] getProtectionDomains () + { + return protectionDomains; + } } |