previous chapter table of contents next chapter

Getting Going with No Security

Security for Jini is based on the JDK 1.2 security model, which makes use of a SecurityManager to grant or deny access to resources. All potentially dangerous requests , such as opening a file, starting a process, or establishing a network connection, are all passed to a SecurityManager . This manager will make decisions based on a security policy (which should have been established for that application) and either allow or deny the request.

A few of the examples given so far in this book may work fine without a security manager, but most will require an appropriate security manager to be in place. The major requirement in most examples is for the RMI runtime to be able to download class files to instantiate proxy objects. This can be enabled by installing an RMISecurityManager . Installing a security manager may be done by including this statement in your code:

 System.setSecurityManager(new RMISecurityManager()); 

This should be done before any network- related calls, and is often done in the main() method or in a constructor for the application class.

The security manager will need to make use of a security policy. This is typically given in policy files, which are kept in default locations or are specified to the Java runtime. If policy.all is a policy file in the current directory, then invoking the runtime with this statement

 java -Djava.security.policy="policy.all" ... 

will load the contents of the policy file.

A totally permissive policy file can contain the following:

 grant {     permission java.security.AllPermission "", ""; }; 

This will allow all permissions, and should never be used outside of a test and development environment ”and moreover, one that is insulated from other potentially untrusted machines. (Standalone is good here!)

The big advantage of this permissive policy file is that it gets you going on the rest of Jini without worrying about security issues while you are grappling with other problems!


A Programmer[ap]s Guide to Jini Technology
A Programmer[ap]s Guide to Jini Technology
ISBN: 1893115801
Year: 2000
Pages: 189

flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net