Admin: 1 версия

2010-06-01T05:01:27Z

1 версия

в 17:44, 31 мая 2010

2010-05-31T17:44:27Z

Новая страница

== Define your own security manager ==



<source lang="java">
class CustomSecurityManager extends SecurityManager {
public CustomSecurityManager() {
super();
}
public void checkRead(String fileName) {
if (fileName != null && fileName.endsWith(".java")) {
throw new SecurityException(" You are not allowed to read " + " file names ending with .java");
}
super.checkRead(fileName);
}
public void checkWrite(String fileName) {
if (fileName != null && fileName.endsWith(".java")) {
throw new SecurityException(" You are not allowed to write "
+ " file names ending with .java");
}
super.checkWrite(fileName);
}
public void checkDelete(String fileName) {
if (fileName != null && fileName.endsWith(".java")) {
throw new SecurityException(" You are not allowed to delete "
+ " file names ending with .java");
}
super.checkDelete(fileName);
}
}
public class MainClass {
public static void main() {
System.setSecurityManager(new CustomSecurityManager());
SecurityManager secMgr = System.getSecurityManager();
if (secMgr != null) {
secMgr.checkRead("fileName");
}
}
}</source>



== Enabling the Security Manager ==



<source lang="java">
public class Main {
public static void main(String[] argv) throws Exception {
System.setProperty("java.version", "data");
try {
SecurityManager sm = new SecurityManager();
System.setSecurityManager(sm);
} catch (SecurityException se) {
se.printStackTrace();
}
// no longer possible; an AccessControlException is thrown
System.setProperty("java.version", "malicious data");
}
}
/*Exception in thread "main" java.security.AccessControlException: access denied (java.util.PropertyPermission java.version write)
at java.security.AccessControlContext.checkPermission(AccessControlContext.java:323)
at java.security.AccessController.checkPermission(AccessController.java:546)
at java.lang.SecurityManager.checkPermission(SecurityManager.java:532)
at java.lang.System.setProperty(System.java:727)
at Main.main(Main.java:13)
*/</source>



== extends SecurityManager ==



<source lang="java">
import java.io.IOException;
public class MainClass {
public static void main(String args[]) throws IOException {
System.setSecurityManager(new MySecurityManager());
}
}
class MySecurityManager extends SecurityManager {
public void checkRead(String file) {
if (!(file.endsWith(".txt")) && !(file.endsWith(".java")) && !(file.endsWith(".class"))
&& !(file.startsWith("C:\\"))) {
throw new SecurityException("No Read Permission for : " + file);
}
}
}</source>



== Listing All Permissions Granted to Classes Loaded from a URL or Directory ==



<source lang="java">
import java.io.File;
import java.net.URL;
import java.security.CodeSource;
import java.security.Permission;
import java.security.PermissionCollection;
import java.security.Policy;
import java.security.cert.Certificate;
import java.util.Enumeration;
public class Main {
public static void main(String[] argv) throws Exception {
SecurityManager sm = new SecurityManager();
System.setSecurityManager(sm);
URL codebase = new URL("http://java.sun.ru/");
//codebase = new File("c:\\java\\").toURI().toURL();
//codebase = new File(System.getProperty("user.home")).toURI().toURL();
CodeSource cs = new CodeSource(codebase, (Certificate[])null);
PermissionCollection pcoll = Policy.getPolicy().getPermissions(cs);
Enumeration e = pcoll.elements();
for (; e.hasMoreElements();) {
Permission p = (Permission) e.nextElement();
}
}
}</source>



== To ignore the policies in the java.security file, and use the specified policy, use "==" instead of "=" ==



<source lang="java">
java -Djava.security.manager -Djava.security.policy==someURL MyApp</source>



== To specify an additional policy file, set the java.security.policy system property at the command line: ==



<source lang="java">
c:\java -Djava.security.manager -Djava.security.policy=someURL MyApp
c:\appletviewer -J-Djava.security.policy=someURL HTMLfile</source>



== Use SecurityManager to check AWT permission and file permission ==



<source lang="java">
import java.awt.AWTPermission;
import java.io.FilePermission;
public class MainClass {
public static void main(String args[]) throws Exception {
SecurityManager sm = System.getSecurityManager();
if (sm != null) {
FilePermission fp = new FilePermission("c:\\autoexec.bat", "read");
sm.checkPermission(fp);
}
if (sm != null) {
AWTPermission ap = new AWTPermission("accessClipboard");
sm.checkPermission(ap);
}
System.out.println("Has AWTPermission to access AWT Clipboard");
}
}</source>

← Предыдущая	Версия 05:01, 1 июня 2010
(нет различий)

Java Tutorial/Security/SecurityManager - История изменений

Admin: 1 версия

в 17:44, 31 мая 2010