Package com.swiftmq.tools.security

Class SecureClassLoaderObjectInputStream

  • All Implemented Interfaces:
    java.io.Closeable, java.io.DataInput, java.io.ObjectInput, java.io.ObjectStreamConstants, java.lang.AutoCloseable
    public class SecureClassLoaderObjectInputStream
extends java.io.ObjectInputStream

    • Nested Class Summary

      • Nested classes/interfaces inherited from class java.io.ObjectInputStream

        java.io.ObjectInputStream.GetField

    • Field Summary

      Fields 
      Modifier and Type Field Description
      static java.lang.String[] serializablePackages  
      static java.lang.String[] trusted  

      • Fields inherited from interface java.io.ObjectStreamConstants

        baseWireHandle, PROTOCOL_VERSION_1, PROTOCOL_VERSION_2, SC_BLOCK_DATA, SC_ENUM, SC_EXTERNALIZABLE, SC_SERIALIZABLE, SC_WRITE_METHOD, SERIAL_FILTER_PERMISSION, STREAM_MAGIC, STREAM_VERSION, SUBCLASS_IMPLEMENTATION_PERMISSION, SUBSTITUTION_PERMISSION, TC_ARRAY, TC_BASE, TC_BLOCKDATA, TC_BLOCKDATALONG, TC_CLASS, TC_CLASSDESC, TC_ENDBLOCKDATA, TC_ENUM, TC_EXCEPTION, TC_LONGSTRING, TC_MAX, TC_NULL, TC_OBJECT, TC_PROXYCLASSDESC, TC_REFERENCE, TC_RESET, TC_STRING

    • Method Summary

      All Methods Static Methods Instance Methods Concrete Methods 
      Modifier and Type Method Description
      void addTrustedPackage​(java.lang.String trustedPackage)  
      java.util.List<java.lang.String> getTrustedPackages()  
      static boolean isAllAllowed()  
      boolean isTrustAllPackages()  
      static java.lang.Class<?> loadSimpleType​(java.lang.String name)
      Load a simple type
      protected java.lang.Class<?> resolveClass​(java.io.ObjectStreamClass classDesc)  
      protected java.lang.Class<?> resolveProxyClass​(java.lang.String[] interfaces)  
      void setTrustAllPackages​(boolean trustAllPackages)  
      void setTrustedPackages​(java.util.List<java.lang.String> trustedPackages)  

      • Methods inherited from class java.io.ObjectInputStream

        available, close, defaultReadObject, enableResolveObject, getObjectInputFilter, read, read, readBoolean, readByte, readChar, readClassDescriptor, readDouble, readFields, readFloat, readFully, readFully, readInt, readLine, readLong, readObject, readObjectOverride, readShort, readStreamHeader, readUnshared, readUnsignedByte, readUnsignedShort, readUTF, registerValidation, resolveObject, setObjectInputFilter, skipBytes

      • Methods inherited from class java.io.InputStream

        mark, markSupported, nullInputStream, read, readAllBytes, readNBytes, readNBytes, reset, skip, transferTo

      • Methods inherited from class java.lang.Object

        clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

      • Methods inherited from interface java.io.ObjectInput

        read, skip

    • Field Detail

      • serializablePackages

        public static final java.lang.String[] serializablePackages

      • trusted

        public static final java.lang.String[] trusted

    • Constructor Detail

      • SecureClassLoaderObjectInputStream

        public SecureClassLoaderObjectInputStream​(java.io.InputStream in)
                                   throws java.io.IOException
        Throws:
        java.io.IOException

      • SecureClassLoaderObjectInputStream

        public SecureClassLoaderObjectInputStream​(java.io.InputStream in,
                                          java.lang.ClassLoader inLoader)
                                   throws java.io.IOException
        Throws:
        java.io.IOException

    • Method Detail

      • isAllAllowed

        public static boolean isAllAllowed()

      • loadSimpleType

        public static java.lang.Class<?> loadSimpleType​(java.lang.String name)
        Load a simple type
        Parameters:
        name - the name of the class to load
        Returns:
        the class or null if it could not be loaded

      • resolveClass

        protected java.lang.Class<?> resolveClass​(java.io.ObjectStreamClass classDesc)
                                   throws java.io.IOException,
                                          java.lang.ClassNotFoundException
        Overrides:
        resolveClass in class java.io.ObjectInputStream
        Throws:
        java.io.IOException
        java.lang.ClassNotFoundException

      • resolveProxyClass

        protected java.lang.Class<?> resolveProxyClass​(java.lang.String[] interfaces)
                                        throws java.io.IOException,
                                               java.lang.ClassNotFoundException
        Overrides:
        resolveProxyClass in class java.io.ObjectInputStream
        Throws:
        java.io.IOException
        java.lang.ClassNotFoundException

      • getTrustedPackages

        public java.util.List<java.lang.String> getTrustedPackages()

      • setTrustedPackages

        public void setTrustedPackages​(java.util.List<java.lang.String> trustedPackages)

      • addTrustedPackage

        public void addTrustedPackage​(java.lang.String trustedPackage)

      • isTrustAllPackages

        public boolean isTrustAllPackages()

      • setTrustAllPackages

        public void setTrustAllPackages​(boolean trustAllPackages)