Versions Compared

Old Version 1

changes.mady.by.user Daniel Becker

Saved on

compared with

New Version 2

changes.mady.by.user Daniel Becker

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

Code Block
titleAccessController doPrivileged block - Input Parameters
borderStylesolid
   URL constructedURL = protocol;
   constructedURL += pathName;
   constructedURL += parameters;

   final URL xsdURL = constructedURL;        
   URL definitionsFileUrl = AccessController.doPrivileged(new PrivilegedAction<URL>() {
       public URL run() {
           return getClass().getClassLoader().getResource(definitionsFile);
        }
   });

Finally, if If your checked Java API throws an exception, such as the IOException shown here, you need to catch it and cast it to match any checked exceptions on your method, or you need to add the PrivilegedActionException to the throws signature of your method.you have two choices: you may catch the security exception (PrivilegedActionException) and recast it to a more domain specific exception, or you may incorporate the security exception into the signature of your method.

This example shows a recasting from the security exception (PrivilegedActionException) to a local exception such as the IOException shown here:

Code Block
titleAccessController doPrivileged block - With ExceptionsRecast Exception
borderStylesolid
   InputStream is;
   try {       	
   is = AccessController.doPrivileged(new PrivilegedExceptionAction<InputStream>() {
       public InputStream run() throws IOException {
          return url.openStream();
      }
   });
   } catch ( PrivilegedActionException e ) {
      throw (IOException) e.getException();
   }

This example shows incorporating the security exception into an existing signature of a local method. Note that the security exception (PrivilegedActionException) is not recast, but it will just be thrown along with any other exception from this method under the guise of general java.lang.Exception. If your method already has a number of more explicit exceptions, you may simply add the PrivilegedActionException to the list.

Code Block
titleAccessController doPrivileged block - Exception thrown by method
borderStylesolid

    public void startBroker( Broker jmsBroker ) throws Exception {
        AccessController.doPrivileged(new PrivilegedExceptionAction<Object>() {
            public Object run() throws Exception {
                jmsBroker.start();
                return null;
            }
        });
   }

This article shows just a few techniques that cover many of the security issues that arise in the Tuscany code base. If you are aware of the Java security architecture and how to control access to guarded resources, you can guard against malicious users who might use the Tuscany code base for no good.