java的权限控制
custom.policy 文件
grant codeBase "file:C:/Users/viruser.v-desktop/Desktop/testPolicy/*"
{
//permission java.security.AllPermission;
permission java.io.FilePermission "C:/Users/viruser.v-desktop/Desktop/testPolicy/r.txt" , "read";
permission java.util.PropertyPermission "user.dir", "read";
//permission java.util.PropertyPermission "user.home", "read";
};
- 执行命令
cmd java -Djava.security.manager -Djava.security.policy=custom.policy PolicyTest
- 读取文件配置
permission java.util.PropertyPermission “user.dir”, “read”; 配置这个权限后 该类可以读取该目录以及子目录下的文件内容 如果不想让这个类获取其他信息 可以为其指定具体的文件 但是在新建file类的时候 就要使用全路径名 而不是相对路径了
在类目录外的文件 如果要进行读取 需要配置指定配置 如下
permission java.io.FilePermission “C:/Users/viruser.v-desktop/Desktop/testPolicy/r.txt” , “read”;
或者
permission java.io.FilePermission “C:/Users/viruser.v-desktop/Desktop/*” , “read”;
如果需要看代码 可以下载跑一下
-
java类代码如下
mport java.io.File;
import java.io.FileInputStream;
import java.io.FileNotFoundException;
import java.io.FilePermission;
import java.io.IOException;
import java.io.InputStream;
import java.security.AccessController;
import java.security.Permission;
// -Djava.security.manager
//-Djava.security.manager
//-Djava.security.policy=.\\custom.policy
// D:\worksapce\jgg\javaSecuration
import java.security.PrivilegedAction;
import java.security.PrivilegedActionException;
import java.security.PrivilegedExceptionAction;
public class PolicyTest {
public static void file() {
File f = new File("r.txt");
File f2 = new File("C:/Users/viruser.v-desktop/Desktop/r.txt");
File f3 = new File("txt/r.txt");
InputStream is;
try {
System.out.println(f.getCanonicalPath());
//System.out.println(f2.getCanonicalPath());
System.out.println(f3.getCanonicalPath());
is = new FileInputStream(f);
byte[] content = new byte[1024];
while (is.read(content) != -1) {
System.out.println(new String(content));
}
is = new FileInputStream(f3);
while (is.read(content) != -1) {
System.out.println(new String(content));
}
is = new FileInputStream(f2);
while (is.read(content) != -1) {
System.out.println(new String(content));
}
} catch (FileNotFoundException e) {
// TODO Auto-generated catch block
e.printStackTrace();
} catch (IOException e) {
// TODO Auto-generated catch block
e.printStackTrace();
}
}
public static void main(String[] args) throws Exception {
// test read file.
//Permission perm = new FilePermission( "D:\\program files\\jgg\\javaSecuration\\r.txt" , "read" );
//doPrivilegedAction();
//System.setSecurityManager(new SecurityManager());
//doPrivilegedAction();
file();
System.out.println(System.getProperty("user.home"));
//doCheck();
}
/* public static Object doPrivilegedAction() throws Exception {
return AccessController.doPrivileged(new PrivilegedExceptionAction() {
@Override
public Object run() throws Exception {
// TODO Auto-generated method stub
return new FileInputStream(new File( "r.txt"));
}
});
}
public static void doCheck() {
AccessController.doPrivileged( new PrivilegedAction() {
public Object run() {
check();
return null ;
}
} );
}
private static void check() {
Permission perm = new FilePermission( "r.txt" , "read" );
File f = new File("r.txt");
System.out.println( " TestService has permission " );
}
*/
}