Class SecureClassLoader
java.lang.Object
java.lang.ClassLoader
java.security.SecureClassLoader
- Direct Known Subclasses:
URLClassLoader
This class extends
ClassLoader
with additional support for defining
classes with an associated code source and permissions.- API Note:
- Permissions cannot be used for controlling access to resources as the Security Manager is no longer supported.
- Since:
- 1.2
-
Constructor Summary
ConstructorsModifierConstructorDescriptionprotected
Creates a newSecureClassLoader
using the system class loader as the parent.protected
SecureClassLoader
(ClassLoader parent) Creates a newSecureClassLoader
using the specified parent class loader for delegation.protected
SecureClassLoader
(String name, ClassLoader parent) Creates a newSecureClassLoader
of the specified name and using the specified parent class loader for delegation. -
Method Summary
Modifier and TypeMethodDescriptionprotected final Class
<?> defineClass
(String name, byte[] b, int off, int len, CodeSource cs) Converts an array of bytes into an instance of classClass
, with an optional CodeSource.protected final Class
<?> defineClass
(String name, ByteBuffer b, CodeSource cs) Converts aByteBuffer
into an instance of classClass
, with an optional CodeSource.protected PermissionCollection
getPermissions
(CodeSource codesource) Returns the permissions for the given CodeSource object.Methods declared in class ClassLoader
clearAssertionStatus, defineClass, defineClass, defineClass, defineClass, definePackage, findClass, findClass, findLibrary, findLoadedClass, findResource, findResource, findResources, findSystemClass, getClassLoadingLock, getDefinedPackage, getDefinedPackages, getName, getPackage, getPackages, getParent, getPlatformClassLoader, getResource, getResourceAsStream, getResources, getSystemClassLoader, getSystemResource, getSystemResourceAsStream, getSystemResources, getUnnamedModule, isRegisteredAsParallelCapable, loadClass, loadClass, registerAsParallelCapable, resolveClass, resources, setClassAssertionStatus, setDefaultAssertionStatus, setPackageAssertionStatus, setSigners
-
Constructor Details
-
SecureClassLoader
Creates a newSecureClassLoader
using the specified parent class loader for delegation.- API Note:
- If
parent
is specified asnull
(for the bootstrap class loader) then there is no guarantee that all platform classes are visible. See Run-time Built-in Class Loaders for information on the bootstrap class loader and other built-in class loaders. - Parameters:
parent
- the parent ClassLoader, can benull
for the bootstrap class loader
-
SecureClassLoader
protected SecureClassLoader()Creates a newSecureClassLoader
using the system class loader as the parent. -
SecureClassLoader
Creates a newSecureClassLoader
of the specified name and using the specified parent class loader for delegation.- API Note:
- If
parent
is specified asnull
(for the bootstrap class loader) then there is no guarantee that all platform classes are visible. See Run-time Built-in Class Loaders for information on the bootstrap class loader and other built-in class loaders. - Parameters:
name
- class loader name; ornull
if not namedparent
- the parent class loader, can benull
for the bootstrap class loader- Throws:
IllegalArgumentException
- if the given name is empty.- Since:
- 9
-
-
Method Details
-
defineClass
Converts an array of bytes into an instance of classClass
, with an optional CodeSource. Before the class can be used it must be resolved.If a non-null CodeSource is supplied a ProtectionDomain is constructed and associated with the class being defined.
- Parameters:
name
- the expected name of the class, ornull
if not known, using '.' and not '/' as the separator and without a trailing ".class" suffix.b
- the bytes that make up the class data. The bytes in positionsoff
throughoff+len-1
should have the format of a valid class file as defined by The Java Virtual Machine Specification.off
- the start offset inb
of the class datalen
- the length of the class datacs
- the associated CodeSource, ornull
if none- Returns:
- the
Class
object created from the data, and optional CodeSource. - Throws:
ClassFormatError
- if the data did not contain a valid classIndexOutOfBoundsException
- if eitheroff
orlen
is negative, or ifoff+len
is greater thanb.length
.SecurityException
- if an attempt is made to add this class to a package that contains classes that were signed by a different set of certificates than this class, or if the class name begins with "java.".
-
defineClass
Converts aByteBuffer
into an instance of classClass
, with an optional CodeSource. Before the class can be used it must be resolved.If a non-null CodeSource is supplied a ProtectionDomain is constructed and associated with the class being defined.
- Parameters:
name
- the expected name of the class, ornull
if not known, using '.' and not '/' as the separator and without a trailing ".class" suffix.b
- the bytes that make up the class data. The bytes from positionsb.position()
throughb.position() + b.limit() -1
should have the format of a valid class file as defined by The Java Virtual Machine Specification.cs
- the associated CodeSource, ornull
if none- Returns:
- the
Class
object created from the data, and optional CodeSource. - Throws:
ClassFormatError
- if the data did not contain a valid classSecurityException
- if an attempt is made to add this class to a package that contains classes that were signed by a different set of certificates than this class, or if the class name begins with "java.".- Since:
- 1.5
-
getPermissions
Returns the permissions for the given CodeSource object.This method is invoked by the defineClass method which takes a CodeSource as an argument when it is constructing the ProtectionDomain for the class being defined.
- Parameters:
codesource
- the codesource.- Returns:
- the permissions for the codesource.
-