|
|
Providing Your Own Security Manager |
Once you've completed writing your SecurityManager subclass, you can install it as the current security manager for your Java application. You do this with thesetSecurityManager()method from the System class.Here's a small test application, SecurityManagerTest, that installs the SecretPasswordSMgr class from the previous page as the current security manager. The SecurityManagerTest application then creates and starts a few threads to verify that the security manager is in place and operational.
The
main()method begins by installing a new security manager:The bold line in the previous code snippet creates a new instance of the SecretPasswordSMgr class with the password "Booga Booga". This instance is passed totry { System.setSecurityManager(new SecretPasswordSMgr("Booga Booga")); } catch (SecurityException se) { System.out.println("SecurityManager already set!"); }System.setSecurityManager()which installs the object as the current security manager for the running application. This security manager will remain in effect for the duration of the execution of this application.You can only set the security manager for your application once. In other words, your Java application can only invoke
System.setSecurityManager()one time during its lifetime. Any subsequent attempt to install a security manager within a Java application will result in a SecurityException.The rest of the test application creates a thread group, a few threads within that group, and then starts all of the threads. This is a simple test to verify that the SecretPasswordSMgr has been properly installed.
The bold lines in the previous code snippet are restricted thread accesses. These method calls will result in a call to SecretPasswordSMgr'sThread someThreads[] = new Thread[NUMTHREADS]; ThreadGroup aGroup = new ThreadGroup("A Group of Threads"); for (int i = 0; i < NUMTHREADS; i++) { someThreads[i] = new Thread(aGroup, String.valueOf(i)); someThreads[i].start(); }checkAccess()method.Running the Test Program
When you run the SecurityManagerTest application, you will be prompted six times for a password: once when the thread group is created, and once for each of the five threads that are created. If you type in the correct password, the access is granted--the object created--and the application proceeds to the next statement. If you type in an incorrect password,checkAccess()throws a SecurityException, which the test application makes no attempt to catch so the application terminates.This is an example of the output from the application when you type in the password correctly the first time, but incorrectly the second:
What's the secret password? Booga Booga What's the secret password? wrong password java.lang.SecurityException: Not Even! at SecretPasswordSMgr.checkAccess(SecretPasswordSMgr.java:34) at java.lang.ThreadGroup.checkAccess(ThreadGroup.java) at java.lang.Thread.init(Thread.java) at java.lang.Thread.(Thread.java) at SecurityManagerTest.main(SecurityManagerTest.java:19) See also
java.lang.System
|
|
Providing Your Own Security Manager |