安全性是 Java鼓吹得最多的特性之一,的确, Java的安全特性涵盖了从应用级别到语言级别乃至 JVM本身。以前大家都知道有个 Sandbox,但仅有Sandbox尚不能满足,或者说不能很方便地做到我们所需要的全部安全需求,譬如现在一个系统首先起码需要一个登录功能,更进一步的话,还需要对用户访问资源的行为进行约束,下面我想大致讲一下Java是怎样做这些事情的,基本上是一个总结或者说是“读后感”的性质,同时给出一个简单的实现例子,这个例子其实还是模仿人家的,呵呵……
1.Java的访问控制机制
谈到访问控制,或者说“授权”,这里有两层含义,一是从资源的角度,这个socket端口是否被允许操作?这个文件是可读的?可写的?还是可执行的?还是以上都行?这就是我们在UNIX下用“ls l”命令列出当前目录下文件时,那些“-rwx-”之类的含义;二是从访问者的角度,我想通过80端口看Web上新浪欧洲杯的新闻,在这个系统中有没有这个资格?我想播放D盘上一个名为“friends.rm”的视频文件,我得到了访问这个文件的权限了吗?我有运行播放器的权限吗?
- Exception in thread "main" java.security.AccessControlException: access denied (……)
- ……
Java内置了一个默认的安全策略,这种情况下安全管理器首先装载的是这个默认的策略,不信啊,不信你检查一下你的“%JAVA_HOME%jrelibsecurity”目录,是不是有个叫“ java.policy”的文件?用notepad打开看看:
- // Standard extensions get all permissions by default
- grant codeBase "file:${java.home}/lib/ext/*" {
- permission java.security.AllPermission;
- };
- // default permissions granted to all domains
- grant {
- // Allows any thread to stop itself using the java.lang.Thread.stop()
- // method that takes no argument.
- // Note that this permission is granted by default only to remain
- // backwards compatible.
- // It is strongly recommended that you either remove this permission
- // from this policy file or further restrict it to code sources
- // that you specify, because Thread.stop() is potentially unsafe.
- // See "http://java.sun.com/notes" for more information.
- permission java.lang.RuntimePermission "stopThread";
- // allows anyone to listen on un-privileged ports
- permission java.net.SocketPermission "localhost:1024-", "listen";
- // "standard" properies that can be read by anyone
- permission java.util.PropertyPermission "java.version", "read";
- permission java.util.PropertyPermission "java.vendor", "read";
- permission java.util.PropertyPermission "java.vendor.url", "read";
- permission java.util.PropertyPermission "java.class.version", "read";
- permission java.util.PropertyPermission "os.name", "read";
- permission java.util.PropertyPermission "os.version", "read";
- permission java.util.PropertyPermission "os.arch"<