| blob | 418ee77f3589cf5433b1dcd6c5af89c348e4c257 |
1 /* URLClassLoader.java -- ClassLoader that loads classes from one or more URLs
2 Copyright (C) 1999, 2000, 2001, 2002, 2003, 2004, 2005, 2006
3 Free Software Foundation, Inc.
5 This file is part of GNU Classpath.
7 GNU Classpath is free software; you can redistribute it and/or modify
8 it under the terms of the GNU General Public License as published by
9 the Free Software Foundation; either version 2, or (at your option)
10 any later version.
12 GNU Classpath is distributed in the hope that it will be useful, but
13 WITHOUT ANY WARRANTY; without even the implied warranty of
14 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
15 General Public License for more details.
17 You should have received a copy of the GNU General Public License
18 along with GNU Classpath; see the file COPYING. If not, write to the
19 Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
20 02110-1301 USA.
22 Linking this library statically or dynamically with other modules is
23 making a combined work based on this library. Thus, the terms and
24 conditions of the GNU General Public License cover the whole
25 combination.
27 As a special exception, the copyright holders of this library give you
28 permission to link this library with independent modules to produce an
29 executable, regardless of the license terms of these independent
30 modules, and to copy and distribute the resulting executable under
31 terms of your choice, provided that you also meet, for each linked
32 independent module, the terms and conditions of the license of that
33 module. An independent module is a module which is not derived from
34 or based on this library. If you modify this library, you may extend
35 this exception to your version of the library, but you are not
36 obligated to do so. If you do not wish to do so, delete this
37 exception statement from your version. */
73 /**
74 * A secure class loader that can load classes and resources from
75 * multiple locations. Given an array of <code>URL</code>s this class
76 * loader will retrieve classes and resources by fetching them from
77 * possible remote locations. Each <code>URL</code> is searched in
78 * order in which it was added. If the file portion of the
79 * <code>URL</code> ends with a '/' character then it is interpreted
80 * as a base directory, otherwise it is interpreted as a jar file from
81 * which the classes/resources are resolved.
82 *
83 * <p>New instances can be created by two static
84 * <code>newInstance()</code> methods or by three public
85 * contructors. Both ways give the option to supply an initial array
86 * of <code>URL</code>s and (optionally) a parent classloader (that is
87 * different from the standard system class loader).</p>
88 *
89 * <p>Normally creating a <code>URLClassLoader</code> throws a
90 * <code>SecurityException</code> if a <code>SecurityManager</code> is
91 * installed and the <code>checkCreateClassLoader()</code> method does
92 * not return true. But the <code>newInstance()</code> methods may be
93 * used by any code as long as it has permission to acces the given
94 * <code>URL</code>s. <code>URLClassLoaders</code> created by the
95 * <code>newInstance()</code> methods also explicitly call the
96 * <code>checkPackageAccess()</code> method of
97 * <code>SecurityManager</code> if one is installed before trying to
98 * load a class. Note that only subclasses of
99 * <code>URLClassLoader</code> can add new URLs after the
100 * URLClassLoader had been created. But it is always possible to get
101 * an array of all URLs that the class loader uses to resolve classes
102 * and resources by way of the <code>getURLs()</code> method.</p>
103 *
104 * <p>Open issues:
105 * <ul>
106 *
107 * <li>Should the URLClassLoader actually add the locations found in
108 * the manifest or is this the responsibility of some other
109 * loader/(sub)class? (see <a
110 * href="http://java.sun.com/products/jdk/1.4/docs/guide/extensions/spec.html">
111 * Extension Mechanism Architecture - Bundles Extensions</a>)</li>
112 *
113 * <li>How does <code>definePackage()</code> and sealing work
114 * precisely?</li>
115 *
116 * <li>We save and use the security context (when a created by
117 * <code>newInstance()</code> but do we have to use it in more
118 * places?</li>
119 *
120 * <li>The use of <code>URLStreamHandler</code>s has not been tested.</li>
121 *
122 * </ul>
123 * </p>
124 *
125 * @since 1.2
126 *
127 * @author Mark Wielaard (mark@klomp.org)
128 * @author Wu Gansha (gansha.wu@intel.com)
129 */
131 {
132 // Class Variables
134 /**
135 * A cache to store mappings between handler factory and its
136 * private protocol handler cache (also a HashMap), so we can avoid
137 * creating handlers each time the same protocol comes.
138 */
139 private static URLStreamHandlerCache factoryCache
142 /**
143 * The prefix for URL loaders.
144 */
147 // Instance variables
149 /** Locations to load classes from */
152 /**
153 * Store pre-parsed information for each url into this vector: each
154 * element is a URL loader. A jar file has its own class-path
155 * attribute which adds to the URLs that will be searched, but this
156 * does not add to the list of urls.
157 */
160 /** Factory used to get the protocol handlers of the URLs */
163 /**
164 * The security context when created from <code>newInstance()</code>
165 * or null when created through a normal constructor or when no
166 * <code>SecurityManager</code> was installed.
167 */
170 // Helper classes
172 /**
173 * Creates a URLClassLoader that gets classes from the supplied URLs.
174 * To determine if this classloader may be created the constructor of
175 * the super class (<code>SecureClassLoader</code>) is called first, which
176 * can throw a SecurityException. Then the supplied URLs are added
177 * in the order given to the URLClassLoader which uses these URLs to
178 * load classes and resources (after using the default parent ClassLoader).
179 *
180 * @param urls Locations that should be searched by this ClassLoader when
181 * resolving Classes or Resources.
182 * @exception SecurityException if the SecurityManager disallows the
183 * creation of a ClassLoader.
184 * @see SecureClassLoader
185 */
187 {
192 }
194 /**
195 * Creates a <code>URLClassLoader</code> that gets classes from the supplied
196 * <code>URL</code>s.
197 * To determine if this classloader may be created the constructor of
198 * the super class (<code>SecureClassLoader</code>) is called first, which
199 * can throw a SecurityException. Then the supplied URLs are added
200 * in the order given to the URLClassLoader which uses these URLs to
201 * load classes and resources (after using the supplied parent ClassLoader).
202 * @param urls Locations that should be searched by this ClassLoader when
203 * resolving Classes or Resources.
204 * @param parent The parent class loader used before trying this class
205 * loader.
206 * @exception SecurityException if the SecurityManager disallows the
207 * creation of a ClassLoader.
208 * @exception SecurityException
209 * @see SecureClassLoader
210 */
212 throws SecurityException
213 {
218 }
220 // Package-private to avoid a trampoline constructor.
221 /**
222 * Package-private constructor used by the static
223 * <code>newInstance(URL[])</code> method. Creates an
224 * <code>URLClassLoader</code> with the given parent but without any
225 * <code>URL</code>s yet. This is used to bypass the normal security
226 * check for creating classloaders, but remembers the security
227 * context which will be used when defining classes. The
228 * <code>URL</code>s to load from must be added by the
229 * <code>newInstance()</code> method in the security context of the
230 * caller.
231 *
232 * @param securityContext the security context of the unprivileged code.
233 */
235 {
239 }
241 /**
242 * Creates a URLClassLoader that gets classes from the supplied URLs.
243 * To determine if this classloader may be created the constructor of
244 * the super class (<CODE>SecureClassLoader</CODE>) is called first, which
245 * can throw a SecurityException. Then the supplied URLs are added
246 * in the order given to the URLClassLoader which uses these URLs to
247 * load classes and resources (after using the supplied parent ClassLoader).
248 * It will use the supplied <CODE>URLStreamHandlerFactory</CODE> to get the
249 * protocol handlers of the supplied URLs.
250 * @param urls Locations that should be searched by this ClassLoader when
251 * resolving Classes or Resources.
252 * @param parent The parent class loader used before trying this class
253 * loader.
254 * @param factory Used to get the protocol handler for the URLs.
255 * @exception SecurityException if the SecurityManager disallows the
256 * creation of a ClassLoader.
257 * @exception SecurityException
258 * @see SecureClassLoader
259 */
261 URLStreamHandlerFactory factory)
262 throws SecurityException
263 {
267 // If this factory is not yet in factoryCache, add it.
270 }
272 // Methods
274 /**
275 * Adds a new location to the end of the internal URL store.
276 * @param newUrl the location to add
277 */
279 {
282 }
285 {
287 {
291 // Reset the toString() value.
294 // Create a loader for this URL.
299 // If we have a file: URL, we want to make it absolute
300 // here, before we decide whether it is really a jar.
301 URL absoluteURL;
303 {
305 try
306 {
308 }
310 {
311 try
312 {
314 }
316 {
317 // This really should not happen.
319 }
320 }
321 }
322 else
323 {
324 // This doesn't hurt, and it simplifies the logic a
325 // little.
327 }
329 // First see if we can find a handler with the correct name.
330 try
331 {
339 loader
341 factoryCache,
342 factory,
343 newUrl,
344 absoluteURL });
345 }
347 {
348 // Fall through.
349 }
351 {
352 // Programming error in the class library.
353 InternalError vme
357 }
359 {
360 // Programming error in the class library.
361 InternalError vme
365 }
367 {
368 // Programming error in the class library.
369 InternalError vme
373 }
375 {
376 // Programming error in the class library.
377 InternalError vme
381 }
384 {
385 // If it is not a directory, use the jar loader.
392 else
394 newUrl);
395 }
401 }
402 }
404 /**
405 * Adds an array of new locations to the end of the internal URL
406 * store. Called from the the constructors. Should not call to the
407 * protected addURL() method since that can be overridden and
408 * subclasses are not yet in a good state at this point.
409 * jboss 4.0.3 for example depends on this.
410 *
411 * @param newUrls the locations to add
412 */
414 {
416 {
419 }
420 }
422 /**
423 * Look in both Attributes for a given value. The first Attributes
424 * object, if not null, has precedence.
425 */
427 Attributes second)
428 {
435 }
437 /**
438 * Defines a Package based on the given name and the supplied manifest
439 * information. The manifest indicates the title, version and
440 * vendor information of the specification and implementation and whether the
441 * package is sealed. If the Manifest indicates that the package is sealed
442 * then the Package will be sealed with respect to the supplied URL.
443 *
444 * @param name The name of the package
445 * @param manifest The manifest describing the specification,
446 * implementation and sealing details of the package
447 * @param url the code source url to seal the package
448 * @return the defined Package
449 * @throws IllegalArgumentException If this package name already exists
450 * in this class loader
451 */
453 throws IllegalArgumentException
454 {
455 // Compute the name of the package as it may appear in the
456 // Manifest.
467 String specTitle
470 String specVersion
473 String specVendor
476 String implTitle
479 String implVersion
482 String implVendor
486 // Look if the Manifest indicates that this package is sealed
487 // XXX - most likely not completely correct!
488 // Shouldn't we also check the sealed attribute of the complete jar?
489 // http://java.sun.com/products/jdk/1.4/docs/guide/extensions/spec.html#bundled
490 // But how do we get that jar manifest here?
493 // make sure that the URL is null so the package is not sealed
499 url);
500 }
502 /**
503 * Finds (the first) class by name from one of the locations. The locations
504 * are searched in the order they were added to the URLClassLoader.
505 *
506 * @param className the classname to find
507 * @exception ClassNotFoundException when the class could not be found or
508 * loaded
509 * @return a Class object representing the found class
510 */
512 throws ClassNotFoundException
513 {
514 // Just try to find the resource by the (almost) same name
519 {
529 }
533 // Try to read the class data, create the CodeSource, Package and
534 // construct the class (and watch out for those nasty IOExceptions)
535 try
536 {
539 try
540 {
543 {
544 // We know the length of the data.
545 // Just try to read it in all at once
549 {
555 }
556 }
557 else
558 {
559 // We don't know the data length.
560 // Have to read it in chunks.
565 {
569 }
571 }
572 }
573 finally
574 {
576 }
579 // Now get the CodeSource
582 // Find out package name
589 {
590 // define the package
595 else
598 }
600 // And finally construct the class!
604 {
607 {
609 {
612 source);
613 }
615 }
616 else
619 // Avoid NullPointerExceptions.
625 }
627 {
629 }
630 }
632 // Cached String representation of this URLClassLoader
635 /**
636 * Returns a String representation of this URLClassLoader giving the
637 * actual Class name, the URLs that are searched and the parent
638 * ClassLoader.
639 */
641 {
643 {
645 {
651 {
655 }
661 }
663 }
664 }
666 /**
667 * Finds the first occurrence of a resource that can be found. The locations
668 * are searched in the order they were added to the URLClassLoader.
669 *
670 * @param resourceName the resource name to look for
671 * @return the URLResource for the resource if found, null otherwise
672 */
674 {
677 {
685 }
687 }
689 /**
690 * Finds the first occurrence of a resource that can be found.
691 *
692 * @param resourceName the resource name to look for
693 * @return the URL if found, null otherwise
694 */
696 {
701 // Resource not found
703 }
705 /**
706 * Finds all the resources with a particular name from all the locations.
707 *
708 * @param resourceName the name of the resource to lookup
709 * @return a (possible empty) enumeration of URLs where the resource can be
710 * found
711 * @exception IOException when an error occurs accessing one of the
712 * locations
713 */
715 throws IOException
716 {
720 {
725 }
727 }
729 /**
730 * Returns the permissions needed to access a particular code
731 * source. These permissions includes those returned by
732 * <code>SecureClassLoader.getPermissions()</code> and the actual
733 * permissions to access the objects referenced by the URL of the
734 * code source. The extra permissions added depend on the protocol
735 * and file portion of the URL in the code source. If the URL has
736 * the "file" protocol ends with a '/' character then it must be a
737 * directory and a file Permission to read everything in that
738 * directory and all subdirectories is added. If the URL had the
739 * "file" protocol and doesn't end with a '/' character then it must
740 * be a normal file and a file permission to read that file is
741 * added. If the <code>URL</code> has any other protocol then a
742 * socket permission to connect and accept connections from the host
743 * portion of the URL is added.
744 *
745 * @param source The codesource that needs the permissions to be accessed
746 * @return the collection of permissions needed to access the code resource
747 * @see java.security.SecureClassLoader#getPermissions(CodeSource)
748 */
750 {
751 // XXX - This implementation does exactly as the Javadoc describes.
752 // But maybe we should/could use URLConnection.getPermissions()?
753 // First get the permissions that would normally be granted
756 // Now add any extra permissions depending on the URL location.
760 {
763 // If the file end in / it must be an directory.
765 {
766 // Grant permission to read everything in that directory and
767 // all subdirectories.
769 }
770 else
771 {
772 // It is a 'normal' file.
773 // Grant permission to access that file.
775 }
776 }
777 else
778 {
779 // Grant permission to connect to and accept connections from host
783 }
786 }
788 /**
789 * Returns all the locations that this class loader currently uses the
790 * resolve classes and resource. This includes both the initially supplied
791 * URLs as any URLs added later by the loader.
792 * @return All the currently used URLs
793 */
795 {
797 }
799 /**
800 * Creates a new instance of a <code>URLClassLoader</code> that gets
801 * classes from the supplied <code>URL</code>s. This class loader
802 * will have as parent the standard system class loader.
803 *
804 * @param urls the initial URLs used to resolve classes and
805 * resources
806 *
807 * @return the class loader
808 *
809 * @exception SecurityException when the calling code does not have
810 * permission to access the given <code>URL</code>s
811 */
813 throws SecurityException
814 {
816 }
818 /**
819 * Creates a new instance of a <code>URLClassLoader</code> that gets
820 * classes from the supplied <code>URL</code>s and with the supplied
821 * loader as parent class loader.
822 *
823 * @param urls the initial URLs used to resolve classes and
824 * resources
825 * @param parent the parent class loader
826 *
827 * @return the class loader
828 *
829 * @exception SecurityException when the calling code does not have
830 * permission to access the given <code>URL</code>s
831 */
833 throws SecurityException
834 {
838 else
839 {
842 // XXX - What to do with anything else then an AccessControlContext?
847 URLClassLoader loader =
849 {
851 {
854 }
855 });
858 }
859 }
860 }