CODEWITHSUNDEEP
javasecuritymanager
user1973706
user1973706

Reputation: 1

Java : Is there an API to find which class needs the permission in a Custom security manager class?

I'm trying to find which class has requested the permission dynamically in a custom security manager. I was not able to find any API which helps me to get the codebase location of the invoking class. Below is what I'm trying to do,

I have a testApp class which tries to write to a file,

package test.ProfilingSecurityManager;
import java.io.PrintWriter;
public class TestApp {
public static void main(String [] args) throws Exception {
    System.setSecurityManager(new NewProfilingSecurityManger());
    PrintWriter writer = new PrintWriter("profile.txt");
    writer.println("Test line");
    writer.close();
}
}

The over-ridden method in the custom security manager is below,

public void checkPermission(final Permission permission) {
  try {
  // see what the parent security manager code says
  super.checkPermission(permission);
  } 
  catch (Exception e) {
   // find the code base which requested this permission
   // I can get the call stack here
   Class [] sourceClasses = getClassContext();
   Class invokingClass = sourceClasses[sourceClasses.length - 1];
   // I can also get the accesscontrol context here  
   // using -AccessController.getContext()
   // How do i find the codebase location of the class 
   // which needed this permission here
 }
}

I need to find the codebase location of TestApp when the exception is thrown inside the checkPermission method. Could some one help me out on how to do this?

Thanks

Upvotes: 0

Views: 149

Answers (1)

alphaloop
alphaloop

Reputation: 1167

If you call invokingClass.getProtectionDomain().getCodeSource() this will tell you where that class was loaded from.

However, this will only tell you which class was at the bottom of the call stack when the access check failed. In the example you give, this will be TestApp, but if you're trying to debug security permission issues, a better approach is to run Java with the java.security.debug system property set to access,failure. When a permission check fails, this will tell you which class didn't have the permission, where it was loaded from, and what permissions it does have.

Upvotes: 1

Related Questions