AccessController用法 [英] AccessController usage

问题描述

我正在尝试了解java安全性的基础知识和AccessController.doPrivileged（）用法
i以示例程序开始

I am trying understand the basics of java security and AccessController.doPrivileged() usage i started with a sample program

import java.security.AccessController;
import java.security.PrivilegedAction;
public class AccessSystemProperty {
   public static void main(String[] args) {
     System.out.println(System.getSecurityManager());
       AccessController.doPrivileged(
        new PrivilegedAction<Boolean>(){
           public Boolean run(){
               System.out.println(System.getProperty("java.home"));
               return Boolean.TRUE;
           }
        }
       );
   }
}

如果我尝试使用默认安全管理运行上面的代码我正在获取AccessControlException
我的stacktrace是

if i try to run above code using default security manage i am getting AccessControlException My stacktrace is

C:\>java -Djava.security.manager AccessSystemProperty
java.lang.SecurityManager@923e30
Exception in thread "main" java.security.AccessControlException: access denied (
java.util.PropertyPermission java.home read)
        at java.security.AccessControlContext.checkPermission(Unknown Source)
        at java.security.AccessController.checkPermission(Unknown Source)
        at java.lang.SecurityManager.checkPermission(Unknown Source)
        at java.lang.SecurityManager.checkPropertyAccess(Unknown Source)
        at java.lang.System.getProperty(Unknown Source)
        at AccessSystemProperty$1.run(AccessSystemProperty.java:9)
        at AccessSystemProperty$1.run(AccessSystemProperty.java:8)
        at java.security.AccessController.doPrivileged(Native Method)
        at AccessSystemProperty.main(AccessSystemProperty.java:6)

请当我们需要使用AccessController.doPrivileged（）时，帮助我清楚地了解

Kindly help me to get a clear picture of

1。（如果存在SecurityManager，我们使用AccessController.doPrivileged为什么这是在上面的示例中失败了）
2）使用AccessController和PrivilegedAction获得的真正优势是什么？
3）我们是否需要上述示例的自定义策略文件才能工作？
谢谢，
Paul

1)when we need to use AccessController.doPrivileged() ?.(if SecurityManager is present we use AccessController.doPrivileged why this is failing in above example ) 2) what is the real advantage we are getting by using AccessController and PrivilegedAction?. 3) Do we need custom policy file for above example to work ? Thanks, Paul

推荐答案

您可以使用AccessController.doPrivileged（）来提供某些代码权限调用堆栈中较早的代码由于在策略中授予了该特权，因此没有，但特权代码具有哪些特权。

You would use AccessController.doPrivileged() to give certain code privileges that code earlier in the calling stack DOES NOT have but which the privileged codes DOES have by virtue of that privilege being granted in a policy.

例如，假设ClassA调用方法ClassB和ClassB需要读取java.home系统属性（借用你的例子），并假设你已经根据你的例子指定了SecurityManager。

For example, assume ClassA invokes methods on ClassB, and ClassB needs to read the java.home system property (to borrow from your example), and assume that you've specified that SecurityManager is present as per your example.

还假设从名为classb.jar的jar加载ClassB（但为了使示例工作ClassA不从该jar加载），以下内容应该在安全策略文件中：

Also assume that ClassB is loaded from a jar named "classb.jar" (but to make the example work ClassA is NOT loaded from that jar), the following should be in the security policy file:

grant codeBase "file:/home/somebody/classb.jar" { 
    permission java.util.PropertyPermission "java.home", "read";
};

现在当ClassB运行并尝试执行未包含在AccessController中的System.getProperty（）时java.home上的.doPrivileged（）。安全管理器将检查堆栈，以查看堆栈中较高的每个类是否具有java.home的PropertyPermission（无论是直接还是暗示）。如果没有，访问将失败。

Now when ClassB runs and tries to do a System.getProperty() which is NOT wrapped in an AccessController.doPrivileged() on "java.home". the security manager will check the stack to see if every class higher on the stack has PropertyPermission (whether directly or implied) for "java.home". If not, the access will fail.

但是，如果ClassB在AccessController.doPrivileged（）中包装System.getProperty（），则安全管理器只关心策略文件给出ClassB具有特权，因此允许访问。

However, if ClassB wraps the System.getProperty() in an AccessController.doPrivileged() the securitymanager only cares that the policy file gives ClassB that privilege and so the access is allowed.

这是一个片段来显示：

public void doStuff() {

    try {
        /*
         * this will fail even if this class has permission via the policy file
         * IF any caller does not have permission
         */
        System.out.println(System.getProperty("java.home")); 
    } catch (Exception e1) {
        System.out.println(e1.getMessage());
    }
    AccessController.doPrivileged(new PrivilegedAction<Boolean>() {
        public Boolean run() {
            try {
                /*
                 * this will be allowed if this class has permission via the policy
                 * file even if no caller has permission
                 */
                System.out.println(System.getProperty("java.home"));
            } catch (Exception e) {
                System.out.println(e.getMessage());
            }

            return Boolean.TRUE;
        }
    });

因此，对于您的示例，您只需要指定一个包含类似于我在上面引用的授予节。

So in the case of your example, you just need to specify a policy file containing something similar to the grant stanza that I referenced above.

这篇关于AccessController用法的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！