How set Policy.Provider to be your class?
I have made a class EJBPolicy that extends java.security.Policy (i'm using jdk1.4), and overrides the abstract methods. Then in my java.home folder, I changed the file "java.security" so the property "policy.provider" now reads "EJBPolicy". I also changed the "java.security" file in my installation folder (just to be sure). I do not have that file in "user.home". I also added the EJBPolicy to the classpath (added both the folder it is in, as well as the file itself). Then I ran my application like this:
java -classpath D:\JAAS;D:\JAAS\M -Djava.security.manager -Djava.security.auth.login.config=jaas.conf -Djava.security.policy=jaasazn.policy JaasAzn
The "jaasazn.policy" file gives me the ability to get/set the Policy. I added a method to my policy class called getName(), which returns "EJBPolicy". However, when I do this in my app:
System.out.println(((EJBPolicy)thePolicy).getName());
it results in the error:
java.lang.ClassCastException: sun.security.provider.PolicyFile
If I call Policy.setPolicy() and set it to my class EJBPolicy, then it works. But I thought I was able to make my class the default polciy class. What am I doing wrong?
[1204 byte] By [
6tr6tr] at [2007-9-26 1:25:42]
Hi,
I am getting the same problem....i havent as yet tried to ...setPolicy() but i do see that its not loading the indicated policy class -- even tho the property is correctly retrieved....
Also -- just removing the java.security file or totally commenting out the policy.* properties has no effect -- it always loads the default provider. Also seems to be true with the older 1.2.2 -- seems to me - there must be another catch to installing your provider that is not explained in the oft-repeated lines (atleast in 3 books and many other articles...)
-- "...enable this new policy class, just edit the policy.provider entry in your java.security file..."
Here's output of some tests from running of a simple app that
a) retrieves the system property "policy.provider"
b) retrieves the current policy object (Policy.getPolicy()) and checks the class name
c) opens a simple text file (testpolicy.txt) and prints out its contents
[...by changing OS permissions on the file i can produce 'access denied']
Summary:
- in all cases the policy.provider is retruned with the right class name
- If -Djava.security.manager is supplied on the command line -- access to the "policy.provider" property is denied and an exception is thrown by getPolicy() [since app has no special permissions]
** but in all cases the sun.security.provider.PolicyFile class is loaded and being used *** shown by the -verbose option.
.... if anyone has the anwser handy as to what is (not) being done - please post it....thanks.
Test 1 -- with the file having no permission, and no -Djava.security.manager specified on cmdline
Starting tests -- Here we go
==> Provider is set as com.....PolicyLSDB
Policy is instantiated
PolicyFile instance returned
Tester: Cant find file
->testpolicy.txt (Access is denied)
-- ended test -- exiting
Test 2 - with file having open permissions, but no -Djava.security.manager specified
Starting tests -- Here we go
==> Provider is set as com.landmark.security.PolicyLSDB
Policy is instantiated
PolicyFile instance returned
This is a test file for the Policy tester stuff
This is a test file for the Policy tester stuff
This is a test file for the Policy tester stuff
This is a test file for the Policy tester stuff
This is a test file for the Policy tester stuff
This is a test file for the Policy tester stuff
This is a test file for the Policy tester stuff
?
-- ended test -- exiting
Test 3 - with -Djava.security.manager given on cmdline
Starting tests -- Here we go
...property exception ==> access denied (java.security.SecurityPermission getProperty.policy.provider)
Exception in thread "main" java.security.AccessControlException: access denied (java.security.SecurityPermission getPolicy)
at java.security.AccessControlContext.checkPermission(Unknown Source)
at java.security.AccessController.checkPermission(Unknown Source)
at java.lang.SecurityManager.checkPermission(Unknown Source)
at java.security.Policy.getPolicy(Unknown Source)
at com.landmark.security.Testpolicy.main(Testpolicy.java:35)
