8036841: Reuse no-perms AccessControlContext object when performing isAuthorized check
Reviewed-by: wetmore
--- a/jdk/src/share/classes/java/security/AccessController.java Thu May 29 15:50:36 2014 +0100
+++ b/jdk/src/share/classes/java/security/AccessController.java Tue Jun 03 07:34:35 2014 -0400
@@ -592,14 +592,24 @@
System.getSecurityManager() != null &&
!callerPD.impliesCreateAccessControlContext())
{
- ProtectionDomain nullPD = new ProtectionDomain(null, null);
- return new AccessControlContext(new ProtectionDomain[] { nullPD });
+ return getInnocuousAcc();
} else {
return new AccessControlContext(callerPD, combiner, parent,
context, perms);
}
}
+ private static class AccHolder {
+ // An AccessControlContext with no granted permissions.
+ // Only initialized on demand when getInnocuousAcc() is called.
+ static final AccessControlContext innocuousAcc =
+ new AccessControlContext(new ProtectionDomain[] {
+ new ProtectionDomain(null, null) });
+ }
+ private static AccessControlContext getInnocuousAcc() {
+ return AccHolder.innocuousAcc;
+ }
+
private static ProtectionDomain getCallerPD(final Class <?> caller) {
ProtectionDomain callerPd = doPrivileged
(new PrivilegedAction<ProtectionDomain>() {