Skip to Main Content
Forums

Java Security

Announcement

For appeals, questions and feedback about Oracle Forums, please email oracle-forums-moderators_us@oracle.com. Technical questions should be asked in the appropriate category. Thank you!

Java Security Code Permissions - AccessControlContext.checkPermission(Unkno

843811Dec 8 2004 — edited Dec 10 2004
Hi all!

I have browsed the forum, faq and read tutorials regarding this problem, but I can�t solve this problem. (But I apologies if this issue has been solved under a other topic in this forum�). I�m trying to apply some Permission in my code. This is done by the �AccessProfileInfoPermission� class. The �PermissionCheck� class uses the �AccessProfileInfoPermission� class to check for legal permissions.
But when I try to run the code I get a AccessControlException - �AccessControlContext.checkPermission(Unknown Source)�. So what am I doing wrong here?
I would be grateful for any kind of help...
Thanx !
Kind regards
H�vard S.

Source code � AccessProfileInfoPermission:

package com.sintrasoft.ejb.security;

/**
* <p>Date: Nov 29, 2004</p>
* <p>Title: Java-Security-CodePermissions</p>
* <p>Description: </p>
* <p>Copyright: 2004</p>
* <p>Company: </p>
*
* @author Administrator
* @version 1.0
**/

import java.security.BasicPermission;

public final class AccessProfileInfoPermission extends BasicPermission
{

/**
* Construct a permission with the given name.
* This is the usual constructor for this class,
* as basic permissions do not normally have actions.
* @param name Name of the permission.
*/
public AccessProfileInfoPermission(String name)
{
super(name);
}

// note that actions is ignored and not used,
// but this constructor is still needed
/**
* Construct a permission with the given name and action.
* Must provide a constructor with this signature in all
* implementations of the BasicPermission class due to the mechanism that is used to construct
* permission objects from the policy file.
*/
public AccessProfileInfoPermission(String name, String actions)
{
super(name, actions);
}
}

Source code � PermissionCheck:

package com.sintrasoft.ejb.security;

import java.security.*;
import java.util.ArrayList;

public class PermissionCheck {

private static ArrayList accountInfo = new ArrayList();

public static void main(String[] args) {

/**
* Applying default permission if not specified...
*/
String operation = args.length > 0 ? args[0] : "accessAccount";
try {
System.out.println("Attempting access for operation: " + operation);
doCheck(operation);

/**
* Perfroming restricted business operations on an account Accessing
* the the database for: - Listing account information - Deleting an
* account
*/

if (args[0].equalsIgnoreCase("accessAccount")) {
bankAccountInfo();
System.out.println("Successfully executed operation - "
+ operation + "\n");
}

else if (args[0].equalsIgnoreCase("deleteAccount")) {
bankAccountDelete();
System.out.println("Successfully executed operation - "
+ operation + "\n");
}

} catch (SecurityException se) {
System.out.println("Security violation for operation - "
+ operation);
System.out.println("Not authorized accessing the bank account");

se.printStackTrace();
}
}

private static void bankAccountInfo() {

accountInfo.add("000-234-3454");
accountInfo.add("Donald Baker");

System.out.println("\n=== Accessing the bank account ===");
System.out.println("Account Info=" + accountInfo.get(0) + " "
+ accountInfo.get(1));
}

private static void bankAccountDelete() {
System.out.println("Try to delete bank account...");
accountInfo.clear();

System.out.println("\n=== Accessing the bank account ===");

if (accountInfo.isEmpty()) {
System.out.println("Bank account does not exists...");
} else {
/**
* Should impl. deleteBankAccount Exception...
*/
System.out
.println("Something whent wrong - could not delete bank account");
}
}

public static void doCheck(String operation) {
//an imperative check for the operation
AccessProfileInfoPermission access = new AccessProfileInfoPermission(
operation);
AccessController.checkPermission(access);
}
}

Test script for running the code (execute.bat):

@echo off

cls

echo *** Class PermissionCheck.java:
type PermissionCheck.java

pause
cls

set EXEC_CLASSPATH=PermissionCheck.jar

del /q *.class > out.txt 2>&1
del /q *.jar > out.txt 2>&1
javac *.java
jar cvf PermissionCheck.jar *.class

echo ****************************************************
echo * Accessing without permissions
echo ****************************************************
java -classpath "%CLASSPATH%" -Djava.security.manager PermissionCheck
pause

echo ****************************************************
echo * Accessing with permissions by location
echo ****************************************************
java -Djava.security.manager -Djava.security.policy=="access.policy" PermissionCheck accessAccount
echo The "delete" operation will fail due to insufficient permissions
java -Djava.security.manager -Djava.security.policy=="access.policy" PermissionCheck deleteAccount
pause

echo ****************************************************
echo * Accessing with permissions by signer
echo ****************************************************
jarsigner -verbose -keystore DemoPub.keystore -storepass changeit PermissionCheck.jar DemoPublisher
java -classpath "%CLASSPATH%" -Djava.security.manager -Djava.security.policy=="access.policy" PermissionCheck deleteAccount
pause
Comments
Locked Post
New comments cannot be posted to this locked post.
Post Details
Locked on Jan 7 2005
Added on Dec 8 2004
#other-security-apis-tools-and-issues
11 comments
355 views