|
Agent System POND 1.2 (28.2.2002) | ||||||||
PREV CLASS NEXT CLASS | FRAMES NO FRAMES | ||||||||
SUMMARY: INNER | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD |
java.lang.Object | +--java.lang.ClassLoader | +--java.security.SecureClassLoader | +--PkgAgentSystem.AgentClassLoader
ClassLoader to enforce the dynamic security for the agent system. Each AgentClassLoader is associated with exactly one agent and loads all classes for this agent except the java system and the agent-system classes.
ResourcePackage
Inner classes inherited from class java.lang.ClassLoader |
ClassLoader.NativeLibrary |
Field Summary | |
(package private) ResourcePackage |
resources
Where to get the resources (class-files, images, files, ...) from. |
Fields inherited from class java.lang.ClassLoader |
nocerts |
Constructor Summary | |
AgentClassLoader(AgentSystem ag_sys,
AgentData data,
ClassLoader parent)
Creates a new classloader associated with the provided system and agent. |
Method Summary | |
protected Package |
definePackage(String name,
Manifest man,
URL url)
Defines a new package by name in this ClassLoader. |
protected Class |
findClass(String name)
Finds the specified class. |
protected URL |
findResource(String name)
Finds the resource with the given name. |
protected Enumeration |
findResources(String name)
Returns an Enumeration of URLs representing all the resources with the given name. |
void |
grantAdditionalPermission(Permission perm)
Grants all the classes loaded through this classloader an additional permission. |
protected Class |
loadClass(String name,
boolean resolve)
Loads the class with the specified name. We may not use findSystemClass , this would load the classes through the system classloader
(which loads more classes than the primordial classloader!) |
void |
reSetPermissions(boolean quiet)
Re-sets all permissions. |
void |
revokeAdditionalPermission(Permission perm)
Revokes an additional permission from all the classes loaded through this classloader. |
void |
revokeAllAdditionalPermissions()
Revokes all additional permissions granted to all the classes loaded through this classloader. |
void |
revokeAllPermissions()
Revokes all permissions (basic and additional ones) granted to all the classes loaded through this classloader. |
Methods inherited from class java.security.SecureClassLoader |
|
Methods inherited from class java.lang.Object |
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait |
Field Detail |
ResourcePackage resources
Constructor Detail |
public AgentClassLoader(AgentSystem ag_sys, AgentData data, ClassLoader parent)
ag_sys
- the agent systemdata
- the control data of the associated agentparent
- the parent classloaderMethod Detail |
protected Class loadClass(String name, boolean resolve) throws ClassNotFoundException
We may not use findSystemClass
, this would load the classes through the system classloader
(which loads more classes than the primordial classloader!) and circumvent our security (the system
classloader assigns them ALL permissions, we have to restrict the permissions also for the system classes used)!
We must however use the bootstrap classloader, or we wont't find the java core classes.
Access to findBootstrapClass
is private, so we have to call super.classloader instead.
There the parent classloader is asked first (which would again be the system classloader!), so the
parent must be set to null in the constructor.
Classes from the following packages are loaded through the primordial classloader:
PkgAgentSystem.*
: The classes of the agent system need to be shared, so all agents can call them (e. g. AgentSystem
is called by all agents for moving, ...).
FIM.Util.Crypto.*
: NamedKeyPair
and NamedKeyAndCertificate
are used by AgentBase
. They need
to call getClassLoader
for ClassLoaderObjectInputStream
and must therefore be able to use doPrivileged
FIM.payment.*
: These classes are used for paying for permissions, and must therefore be passed from
the agentsystem to agents and back freely.
We do not load the following classes:
java.io.FileOutputStream
: Use LimitedFileOutputStream
instead (Necessary for limting
the length of files used by agents); Don't use FileWriter
; use OutputStreamWriter(new LimitedFileOutputStream())
instead.
loadClass
in class ClassLoader
name
- the name of the classresolve
- if true
then resolve the classClass
objectClassNotFoundException
- if the class could not be foundAgentBase
,
LimitedFileOutputStream
,
NamedKeyPair
,
NamedKeyAndCertificate
,
ClassLoaderObjectInputStream
protected Class findClass(String name) throws ClassNotFoundException
findResource
to find it
and then loads the class to a byte array and defines it. Also checks for package sealing.findClass
in class ClassLoader
name
- the name of the classClass
objectClassNotFoundException
- if the class could not be foundprotected URL findResource(String name)
ResourcePackage
. Resources
will be searched for in the classpath, the agent-classpath, the library-directory and from where
the agent was loaded (jar file or a directory)findResource
in class ClassLoader
name
- the resource namenull
if the resource could not be foundResourcePackage
protected Enumeration findResources(String name) throws IOException
ResourcePackage
. Resources will be searched for in the classpath, the
agent-classpath, the library-directory and from where the agent was loaded (jar file or a directory)
Will find all resource whose name starts with the parameter (case ignored)findResources
in class ClassLoader
name
- the resource nameResourcePackage
protected Package definePackage(String name, Manifest man, URL url) throws IllegalArgumentException
name
- the package nameman
- the Manifest containing package version and sealing informationurl
- the code source url for the package, or null if noneIllegalArgumentException
- if the package name duplicates an existing package either
in this class loader or one of its ancestorspublic void grantAdditionalPermission(Permission perm) throws SecurityException
PermissionEvent
to notify listeners.
Does nothing if this permission is already granted or the basic permissions imply it.perm
- the permission to grantRuntimeException
- if no protection domain yet set or the policy is not of class PolicyByValue
SecurityException
- if the permission is not in the list of optional permissions for this agentPolicyByValue
,
PermissionChangeListener
,
PermissionEvent
public void revokeAdditionalPermission(Permission perm)
PermissionEvent
to notify listeners.
Does nothing if this permission is currently not an additional granted one (If it is a basic
permission it will remain and the method fails silently).perm
- the permission to revokePermissionChangeListener
,
PermissionEvent
public void revokeAllAdditionalPermissions()
PermissionEvent
to notify listeners for each permission revoked.PermissionChangeListener
,
PermissionEvent
public void revokeAllPermissions()
PermissionEvent
to notify listeners for each permission revoked.PermissionChangeListener
,
PermissionEvent
public void reSetPermissions(boolean quiet)
quiet
- if true
no permission events will be generatedRuntimeException
- if the policy is not of class PolicyByValue
PermissionChangeListener
,
PermissionEvent
|
Agent System POND 1.2 (28.2.2002) | ||||||||
PREV CLASS NEXT CLASS | FRAMES NO FRAMES | ||||||||
SUMMARY: INNER | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD |