Reputation: 37
Protecting objects with Security Manager
I want to use java.security.manager to create a custom permission. Basically I want to create a permission, that the policy file will have to specify in order for the user executing my Java app to be able to access the object I am guarding, using the GuardedObject feature of Java. I can't seem to get it working. Please find the specifics below. If I'm doing it wrong, please let me know. I'm new to the Java security manager:
app source code:
import java.security.AccessControlException;
import java.security.Guard;
import java.security.GuardedObject;
import java.util.PropertyPermission;
import java.security.*;
class person {}
class custompermission extends BasicPermission {
custompermission(String name) {
super(name);
}
custompermission(String name, String action) {
super(name,action);
}
}
public class program1 {
public static void main(String[] argv) throws Exception {
String person = "person";
Guard guard = new custompermission("perm");
GuardedObject gobj = new GuardedObject(person, guard);
try {
Object o = gobj.getObject();
} catch (AccessControlException e) {
e.printStackTrace();
}
}
}
Manifest.txt file for my jar:
Main-Class: program1
My policy file - my.security.policy:
grant codeBase "file:/C:/users/root/desktop/temp/temp2/program1.jar" {
permission "perm";
};
Compiling of program and creation of jar file:
C:\Users\root\Desktop\temp\temp2>javac program1.java
C:\Users\root\Desktop\temp\temp2>jar -cvfm program1.jar Manifest.txt *.class
added manifest
adding: custompermission.class(in = 335) (out= 234)(deflated 30%)
adding: person.class(in = 188) (out= 162)(deflated 13%)
adding: personpermission.class(in = 335) (out= 232)(deflated 30%)
adding: program1.class(in = 790) (out= 488)(deflated 38%)
Execution of program:
C:\Users\root\Desktop\temp\temp2>java -Djava.security.manager -Djava.security.policy=my.security.policy -jar program1.jar
java.security.AccessControlException: access denied ("custompermission" "perm")
at java.security.AccessControlContext.checkPermission(Unknown Source)
at java.security.AccessController.checkPermission(Unknown Source)
at java.lang.SecurityManager.checkPermission(Unknown Source)
at java.security.Permission.checkGuard(Unknown Source)
at java.security.GuardedObject.getObject(Unknown Source)
at program1.main(program1.java:37)
C:\Users\root\Desktop\temp\temp2>
Upvotes: 1
Views: 459
Answers (1)
Reputation: 1500
Your code lacks permission class definition, in policy file. Your policy file should look something like:
grant codeBase "file:/C:/users/root/desktop/temp/temp2/program1.jar" {
permission CustomPermission "perm";
};
And I think CustomPermission should by public class within it's own file.
Upvotes: 1
Related Questions
- Security Manager vs Access Controller
- Java SecurityManager - secure code before modification in runtime
- What does secured object mean?
- Java SE Security features to protect application data from the user
- protected access when using objects
- Setting the Java SecurityManager for one method only
- Java Class Protection
- SecurityManager surprises
- Using Security manager to prevent public method access
- Security framework for java with object granularity