Yfqnihao
What is a java policy and a policy file.
Today, I want to change my notes. Instead of talking about concepts directly, I will give you a small example. I believe that after you finish this example, I will explain it again, will suddenly feel cheerful.
The example is very simple. It is simple for everyone. Follow me below (you can copy my code ).
Step 1: Define a simple class.
Package com. yfq. test;
Import java. io. FileWriter;
Import java. io. IOException;
Public class TestPolicy {
Public static void main (String [] args ){
FileWriter writer;
Try {
Writer = new FileWriter ("d:/testPolicy.txt ");
Writer. write ("hello1 ");
Writer. close ();
} Catch (IOException e ){
E. printStackTrace ();
}
}
}
Step 2: Define a simple policy file, which is stored in the class folder of the project ("src") and named "mypolicy.txt ".
Grant codeBase "file: D:/workspace/TestPolicy/bin /*"{
Permission java. io. FilePermission "d:/testPolicy.txt", "read ";
};
Let me briefly explain the role of this file.
The first line: grant codeBase "file: D:/workspace/TestPolicy/bin/*" means to D: /workspace/TestPolicy/bin/* Defines permissions for all files in this path. The asterisk (*) indicates a wildcard.
Row 2: permission java. io. FilePermission "d:/testPolicy.txt", "read"; meaning that the file d:/testPolicy.txt is assigned only the read permission.
Step 3: run the command. Enter the command in the cmd window (if the command fails to run, it indicates that the jdk environment variable is not configured. configure it)
Java-classpath D:/workspace/TestPolicy/bin-Djava. security. manager-Djava. security. policy = D:/workspace/TestPolicy/src/myPolicy.txt com. yfq. test. testPolicy
Specify the current class path as D:/workspace/TestPolicy/bin and start the default security manager (you should have guessed it here, policies must work with the security manager to work), set the location of the security policy file (there are multiple ways to install the policy file, here we are in windows, if you are interested, you can try again ).
Step 4: view the output
An exception is reported, prompting that the application has no write permission on the file d:/testPolicy.txt.
Modify the mypolicy.txt file of the specified region as follows:
Grant codeBase "file: D:/workspace/TestPolicy/bin /*"{
Permission java. io. FilePermission "d:/testPolicy.txt", "read, write ";
};
Run again and no error is reported. Www.2cto.com
Java corresponds to a class called java. security. policy (Policy) is a magic class. With it, you can define your own code permissions. Of course, it can also be combined with the security manager we mentioned in note 4. Now you only need to remember one sentence:
Java's access control policy for applications is implemented by the abstract class java. security. A singleton of a subclass of Policy indicates that each application actually has only one Policy object at any time, and the Policy object corresponds to the Policy file. The Class Loader uses this Policy object to help them decide what permissions should be granted when a piece of code is imported into the virtual machine.
If you have heard of the concept of strategy a little before, I hope you will feel enlightened after reading this article.