HomeDigital EditionSys-Con RadioSearch Java Cd
Advanced Java AWT Book Reviews/Excerpts Client Server Corba Editorials Embedded Java Enterprise Java IDE's Industry Watch Integration Interviews Java Applet Java & Databases Java & Web Services Java Fundamentals Java Native Interface Java Servlets Java Beans J2ME Libraries .NET Object Orientation Observations/IMHO Product Reviews Scalability & Performance Security Server Side Source Code Straight Talking Swing Threads Using Java with others Wireless XML

"Implementing a Security Policy"
Vol. 2, Issue 8, p. 50


Listing 1: New Security Manager
class ServeSecurityManager extends SecurityManager {  
    // the following operations are allowed:  
    public void checkConnect(String host, int port) { };  
    public void checkCreateClassLoader() { };  
    public void checkAccess(Thread g) { };  
    public void checkListen(int port) { };  
    public void checkLink(String lib) { };  
    public void checkPropertyAccess(String key) { };   
    public void checkAccept(String host, int port) { };  
    public void checkAccess(ThreadGroup g) { };  
    public void checkRead(FileDescriptor fd) { };  
    public void checkWrite(String f) { };  
    public void checkWrite(FileDescriptor fd) { };  
    // here goes more methods that we want to override...  
    public void checkRead(String filename){  
     if ((filename.indexOf("..") != -1) || (filename.startWith("/"))) {  
       throw new SecurityException("403 Forbidden. No enough rights to read:"+filename+");  


All Rights Reserved
Copyright ©  2004 SYS-CON Media, Inc.
  E-mail: [email protected]

Java and Java-based marks are trademarks or registered trademarks of Sun Microsystems, Inc. in the United States and other countries. SYS-CON Publications, Inc. is independent of Sun Microsystems, Inc.