每个线程的Java安全管理器 [英] Java Security manager per thread

问题描述

我想在受限制的沙箱中运行特定的线程类，而应用程序的其余部分可以不受限制地运行.

I want to run a specific thread-class in a restricted sandbox, while the rest of the application can run unrestricted.

是否可以仅针对特定线程类附加安全管理器?

Is it possible to attach a security manager for a specific thread-class only?

-

使用彼得的提示，我在我的自定义安全管理器中创建了以下变量:

Using Peter's hint, I created the following variable, inside my custom security manager:

private static ThreadLocal<Boolean> isChatbot = new InheritableThreadLocal<Boolean>() {
  @Override protected synchronized Boolean initialValue() {
    boolean value = (Thread.currentThread() instanceof ChatBot);
    return value;
  }
  @Override protected synchronized Boolean childValue(Boolean parentValue) {
    boolean value = (Thread.currentThread() instanceof ChatBot || parentValue);
    return value;
  }
};

ChatBot是我要限制运行的特定线程类.因此，在initialValue中，我给所有ChatBot线程赋予值'true'，在childValue中我还给所有由ChatBot线程产生的子级赋予值'true'.

ChatBot is my specific class of threads which I want to run restricted. So in initialValue I give the value 'true' to all ChatBot threads, and in childValue I also give the value 'true' to all childs spawned by a ChatBot thread.

奇怪的是，这行不通.我在childValue内放置了一个断点，并且看到执行永不到达那里，因此子线程的值为'false'.

Strangely, this doesn't work. I put a breakpoint inside childValue, and I saw that the execution never gets there, so child threads get a value of 'false'.

我在做什么错了?

推荐答案

您可以创建一个安全管理器，该安全管理器仅检查一个线程(或带有InheritableThreadLocal的每个线程).使用InheritableThreadLocal的好处是，任何产生的线程也将被检查.已选中.

You can create a security manager which only checks one thread (or every thread with an InheritableThreadLocal) The benefit of using an InheritableThreadLocal is that any spawned thread will also be checked.

这篇关于每个线程的Java安全管理器的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！