Java Security - Enforcement
An Introduction to the Internals |
Prof. David Bernstein |
Computer Science Department |
bernstdh@jmu.edu |
Permission
and Policy
SecurityManager
objects need to be protected
so only code granted the RuntimePermission
with name "createSecurityManager"
can
construct oneSecurityManager
Class (cont.)public Object getSecurityContext()
:
public void checkPermission(Permission permission, Object context)
:
SecurityException
(which is an unchecked
exception) if the
Permission
is not grantedSecurityManager
Class (cont.)SecurityManager
class is
flexible enough to support thisSecurityManager
is difficultcheckPermission()
methods in
SecurityManager
delegate to an
AccessController
object by defaultAccessController
Class (cont.)public static void checkPermission(Permission permission)
:
Permission
is allowed
in the current execution context (and throws an
AccessControlException
if it isn't)public static AccessControlContext getContext()
:
AccessController
Class (cont.)ProtectionDomain
grants the
requested Permission
ProtectionDomain
and/or Policy
Objectspublic boolean implies(Permission permission)
method is called to see whether the Permission
is grantedpublic boolean implies(ProtectionDomain domain, Permission permission)
method of the current Policy
is called to
to see whether the Permission
is grantedProtectionDomain
objects ProtectionDomain
should be used?ProtectionDomain
of the class containing the
code that is executed is usedProtectionDomain
objects ProtectionDomain
objects are used,
otherwise only the ProtectionDomain
of the subclass
is used
AccessController
has a
public static Object doPrivileged(PrivelegedAction action)
method that tells the runtime the caller is exercising its
permissionsPrivelegedAction<T>
interface
must have a public T run()
method)public class ChangePassword implements PrivilegedAction<String> { // Attributes and other methods public String run() { String result; // Do whatever needs to be done return result; } }
ChangePassword action; action = new ChangePassword(oldPassword, newPassword); AccessController.doPriveleged(action);
AccessController
was created to be
the default delegate for SecurityManager
it can be used on its ownSecurityManager
has not been installed
you can use the static
methods in
AccessController
SecurityManager
so if you want to ensure that
AccessController
is used you can use it
directly