All Packages  This Package  Class Hierarchy  Class Search  Index

java.lang.Object
   |
   +----java.lang.ClassLoader
           |
           +----edu.utah.janos.nodeos.FlowClassLoader

Summary

final class  FlowClassLoader
     extends java.lang.ClassLoader
{
          // Fields 8
     private static int dbg_currentIdNumber;
     private int dbg_idNumber;
     private final Hashtable dynamicClasses;
     private final Flow flow;
     private final Hashtable okPackages;
     private boolean packageControl;
     private static final Vector pathcomps;
     private static final Hashtable systemPackages;

          // Constructors 1
     FlowClassLoader(Flow);

          // Methods 11
     public static void addSystemPackage(String);
     public static boolean isSystemPackage(String);
     private static byte[] readLocalBytecode(String) throws ClassNotFoundException;

     void addClass(String, byte[]);
     public void allowPackage(String);
     void destroy();
     public void enablePackageControls(boolean);
     public Class loadClass(String) throws ClassNotFoundException;
     public synchronized Class loadClass(String, boolean) throws ClassNotFoundException;
     private Class readLocalClass(String) throws ClassNotFoundException;
     public String toString();

          // Inner Classes 1
     private static class FlowClassLoader.ClassLoaderInfo
}

Loads class files for a Flow. This ClassLoader is critical to the security of the system. It must prevent dynamic code from installing untrusted code in trusted packages or overriding trusted code.

There are three kinds of classes that a Flow is concerned with: system classes, local classes and dynamic classes. All are optionally subject to package access control checks.

System classes are classes that get loaded once, and get loaded by the JVM's root class loader. The "system" classes are defined on a package basis. See Main for the code that initializes the set of system packages (this include the base Java packages: java.lang, java.util; and the various Janos NodeOS classes: janos.nodeos, janos.util, etc.) The set of system packages is recorded in the static variable "systemPackages".

Local classes are classes that get loaded off of the node's local disk, but get loaded into each Flow. These consist of Applications loaded at end nodes. And maybe some day extensions will fall in this category(?). Like system classes, local classes are categorized on a package basis. The set of local packages is implicitly those that are neither dynamic nor system packages. XXX: It may be advantageous to put other packages (e.g, the ANTS utils package) in this category to make all the static variables per-flow.

Dynamic classes are classes that are installed via a CodeGroup. They exclusively apply to the unit of code that is shipped around.

Aside from these classifications, access to packages can be controlled. By default flow access control is disabled. Once enabled, then only system classes and local classes listed in the package access table will be made visible to the flow. This prevents Flows from accessing system classes they shouldn't have access to.

XXX Not sure if this is correct wrt the new JDK1.2 ClassLoader semantics (e.g., should we be overriding findClass??).

XXX fix to conform to requirements of ANTSv2.0. (Do per-class controls instead of package-based controls.)

Author:

Janos Ministry of Development

Fields

· dynamicClasses

Summary  |  Top

   private final Hashtable dynamicClasses

A mapping from classname to bytecode. This is the set of classes that are loaded over the net into this ClassLoader.

   private static final Hashtable systemPackages

Table of package names. Packages included in this table are loaded by the System ClassLoader.

XXX this is static so that (1) it is shared by all Flows in the system and (2) so that it can be initialized by Main.

See Also: loadClass, addSystemPackage

   private final Hashtable okPackages

A table of Java packages which this flow has "access" to. Default to just the janos.nodeos package.

Due to the design of ClassLoaders, this table is only checked for class references from dynamically loaded classes.

   private boolean packageControl

   private static final Vector pathcomps

   private final Flow flow

For coherent debugging, need to know what flow I'm associated with.

   private static int dbg_currentIdNumber

When debugging is enabled, the toString() method goes to some lengths to avoid printing the object default identifier (i.e, @82e9350) because that screws up the regression tests.

   private int dbg_idNumber

Constructors

· FlowClassLoader

Summary  |  Top

   FlowClassLoader(Flow flow) 

Create a FlowClassLoader. The flow parameter is only used in debugging builds.a

Parameter	Description
flow	the Flow this loader will be associated with

   void addClass(String name, 
                 byte[] bytecode) 

Add a new class to an existing flow. This should be called from inside the flow that the class is being added to.

Neither argument may be null.

Parameter	Description
name	the FQN of the class to be added
bytecode	the bytecode representation of that class

   public void allowPackage(String pkgPrefix) 

Allow access to a Java package from this ClassLoader.

   public void enablePackageControls(boolean doit) 

Turn package access controls on or off.

   public static void addSystemPackage(String pkgName) 

   public static boolean isSystemPackage(String pkgName) 

   private static byte[] readLocalBytecode(String classname)  throws ClassNotFoundException

Read the bytecode for the given class off the local file system. Uses the pathcomps static variable as the "classpath" to search.

Bogus algorithm. Should know if entry is zipfile or not, and re-use that information (instead of rediscovering it).

   private Class readLocalClass(String name)  throws ClassNotFoundException

Look for the given class on the local filesystem.

XXX this should be native and should take advantage of the search code builtin to the JVM.

   public Class loadClass(String name)  throws ClassNotFoundException

Overrides:

loadClass in class ClassLoader

See Also: loadClass

   public synchronized Class loadClass(String name, 
                                       boolean resolve)  throws ClassNotFoundException

The standard ClassLoader loadClass interface.

This loadClass looks for already-loaded classes, looks in the local dynamicClasses, and then checks the package name, then looks in the system class loader.

XXX Currently any code defined in the dynamicClasses will be loaded, *regardless of the package it is in*. This is because a Flow really has no way of knowing what package a legit protocol was defined in. No easy solution. It is a bad problem because dynamic protocols can define code to load into packages like "janos.nodeos"!

XXX also, there is a problem that defineClass() is called before the package access check is done. Thus might run before the access control check is made. That would be bad.

Overrides:

loadClass in class ClassLoader

   void destroy() 

   public String toString() 

Overrides:

toString in class Object

All Packages  This Package  Class Hierarchy  Class Search  Index