ch10.html

来自「java2高级编程」· HTML 代码 · 共 745 行 · 第 1/4 页

<DIV>
<H4 CLASS="A">
<A NAME="pgfId-1087540"></A><A NAME="69981"></A>Writing a Security Manager</H4>
<P CLASS="Body">
<A NAME="pgfId-1087543"></A><A NAME="marker-1087541"></A>A security manager is a <A NAME="marker-1087542"></A>Java virtual machine object that implements a security policy. By default, the Java 2 Platform software provides a security manager that disallows all access to local system resources apart from the directory and its subdirectories where the program is invoked. </P>
<P CLASS="Body">
<A NAME="pgfId-1087546"></A>You can extend the default security manager to implement <A NAME="marker-1087544"></A><A NAME="marker-1087545"></A>customized verifications and approvals for applets and applications, but the implementation must include the appropriate access verification code for every <EM CLASS="CODE">
check&lt;type&gt;</EM>
 method you override. If you do not include this code, no access verification check happens, and your code breaches system security policy. </P>
<P CLASS="Body">
<A NAME="pgfId-1087548"></A><A NAME="marker-1087547"></A>This section uses an example application to explain how to write a custom security manager that prompts the end user for <A NAME="marker-1087549"></A>password identification before reading from and writing to specific files. The implementation includes access verification code so once the end user makes it through the password check, he or she still needs the file read and write permissions in his or her policy file. </P>
<P CLASS="Body">
<A NAME="pgfId-1087550"></A>The example consists of the <EM CLASS="CODE">
FileIO</EM>
 application, and the <EM CLASS="CODE">
PasswordSecurityManager</EM>
 program that provides the custom security manager implementation. </P>
<DIV>
<H5 CLASS="B">
<A NAME="pgfId-1087551"></A>The <EM CLASS="B-code">
FileIO</EM>
 Program</H5>
<P CLASS="Body">
<A NAME="pgfId-1087552"></A>The FileIO program displays a simple user interface and asks the end user to enter some text. When the end user clicks the <EM CLASS="CODE">
Click Me</EM>
 button (see Figure 10.2), the text is saved to a file in the end user's home directory, and a second file is opened and read. The text read from the second file is displayed to the end user. </P>
<DIV>
<H6 CLASS="FC">
<A NAME="pgfId-1087553"></A>Figure 10.2  <EM CLASS="CODE">
FileIO</EM>
 program before the button click (top) and after the button click (bottom)</H6>
<DIV>
<IMG SRC="CH10-2.gif">
</DIV>
<P CLASS="Body">
<A NAME="pgfId-1087560"></A>&nbsp;</P>
<DIV>
<IMG SRC="CH10-3.gif">
</DIV>
<P CLASS="Body">
<A NAME="pgfId-1087561"></A>The custom security manager for this program prompts the end user to enter a password before it allows <EM CLASS="CODE">
FileIO</EM>
 to write text to or read text from a file. The <EM CLASS="CODE">
main</EM>
 method of <EM CLASS="CODE">
FileIO</EM>
 creates a custom security manager called <EM CLASS="CODE">
PasswordSecurityManager</EM>
. </P>
<PRE CLASS="CODE"><A NAME="pgfId-1087565"></A><A NAME="marker-1087562"></A><A NAME="marker-1087563"></A><A NAME="marker-1087564"></A>import java.awt.Color;</PRE>
<PRE CLASS="CODE"><A NAME="pgfId-1087566"></A>import java.awt.BorderLayout;</PRE>
<PRE CLASS="CODE"><A NAME="pgfId-1087567"></A>import java.awt.event.*;</PRE>
<PRE CLASS="CODE"><A NAME="pgfId-1087568"></A>import javax.swing.*;</PRE>
<PRE CLASS="CODE"><A NAME="pgfId-1087569"></A>import java.io.*;</PRE>
<PRE CLASS="CODE"><A NAME="pgfId-1087570"></A>&nbsp;</PRE>
<PRE CLASS="CODE"><A NAME="pgfId-1087571"></A>class FileIO extends JFrame implements ActionListener {</PRE>
<PRE CLASS="CODE"><A NAME="pgfId-1087572"></A>  JLabel text;</PRE>
<PRE CLASS="CODE"><A NAME="pgfId-1087573"></A>  JButton button;</PRE>
<PRE CLASS="CODE"><A NAME="pgfId-1087574"></A>  JPanel panel;</PRE>
<PRE CLASS="CODE"><A NAME="pgfId-1087575"></A>  JTextField textField;</PRE>
<PRE CLASS="CODE"><A NAME="pgfId-1087576"></A>  private boolean _clickMeMode = true;</PRE>
<PRE CLASS="CODE"><A NAME="pgfId-1087577"></A>&nbsp;</PRE>
<PRE CLASS="CODE"><A NAME="pgfId-1087578"></A>  FileIO() { //Begin Constructor</PRE>
<PRE CLASS="CODE"><A NAME="pgfId-1087579"></A>    text = new JLabel(&quot;Text to save to file:&quot;);</PRE>
<PRE CLASS="CODE"><A NAME="pgfId-1087580"></A>    button = new JButton(&quot;Click Me&quot;);</PRE>
<PRE CLASS="CODE"><A NAME="pgfId-1087581"></A>    button.addActionListener(this);</PRE>
<PRE CLASS="CODE"><A NAME="pgfId-1087582"></A>    textField = new JTextField(20);</PRE>
<PRE CLASS="CODE"><A NAME="pgfId-1087583"></A>    panel = new JPanel();</PRE>
<PRE CLASS="CODE"><A NAME="pgfId-1087584"></A>    panel.setLayout(new BorderLayout());</PRE>
<PRE CLASS="CODE"><A NAME="pgfId-1087585"></A>    panel.setBackground(Color.white);</PRE>
<PRE CLASS="CODE"><A NAME="pgfId-1087586"></A>    getContentPane().add(panel);</PRE>
<PRE CLASS="CODE"><A NAME="pgfId-1087587"></A>    panel.add(BorderLayout.NORTH, text);</PRE>
<PRE CLASS="CODE"><A NAME="pgfId-1087588"></A>    panel.add(BorderLayout.CENTER, textField);</PRE>
<PRE CLASS="CODE"><A NAME="pgfId-1087589"></A>    panel.add(BorderLayout.SOUTH, button);</PRE>
<PRE CLASS="CODE"><A NAME="pgfId-1087590"></A>  } //End Constructor</PRE>
<PRE CLASS="CODE"><A NAME="pgfId-1087591"></A>&nbsp;</PRE>
<PRE CLASS="CODE"><A NAME="pgfId-1087592"></A>  public void actionPerformed(ActionEvent event){</PRE>
<PRE CLASS="CODE"><A NAME="pgfId-1087593"></A>    Object source = event.getSource();</PRE>
<PRE CLASS="CODE"><A NAME="pgfId-1087594"></A>//The equals operator (==) is one of the few operators</PRE>
<PRE CLASS="CODE"><A NAME="pgfId-1087595"></A>//allowed on an object in the Java programming language</PRE>
<PRE CLASS="CODE"><A NAME="pgfId-1087596"></A>    if(source == button) {</PRE>
<PRE CLASS="CODE"><A NAME="pgfId-1087597"></A>      String s = null;</PRE>
<PRE CLASS="CODE"><A NAME="pgfId-1087598"></A>      //Write to file</PRE>
<PRE CLASS="CODE"><A NAME="pgfId-1087599"></A>      if (_clickMeMode){</PRE>
<PRE CLASS="CODE"><A NAME="pgfId-1087600"></A>        FileInputStream in=null</PRE>
<PRE CLASS="CODE"><A NAME="pgfId-1087601"></A>        FileOutputStream out=null;</PRE>
<PRE CLASS="CODE"><A NAME="pgfId-1087602"></A>        try {</PRE>
<PRE CLASS="CODE"><A NAME="pgfId-1087603"></A>          String text = textField.getText();</PRE>
<PRE CLASS="CODE"><A NAME="pgfId-1087604"></A>          byte b[] = text.getBytes();</PRE>
<PRE CLASS="CODE"><A NAME="pgfId-1087605"></A>          String outputFileName = System.getProperty(&quot;user.home&quot;,</PRE>
<PRE CLASS="CODE"><A NAME="pgfId-1087606"></A>                                File.separatorChar + &quot;home&quot; +</PRE>
<PRE CLASS="CODE"><A NAME="pgfId-1087607"></A>                                File.separatorChar + &quot;zelda&quot;) +</PRE>
<PRE CLASS="CODE"><A NAME="pgfId-1087608"></A>                                File.separatorChar + &quot;text.txt&quot;;</PRE>
<PRE CLASS="CODE"><A NAME="pgfId-1087609"></A>          out = new FileOutputStream(outputFileName);</PRE>
<PRE CLASS="CODE"><A NAME="pgfId-1087610"></A>          out.write(b);</PRE>
<PRE CLASS="CODE"><A NAME="pgfId-1087611"></A>        } catch(java.io.IOException e) {</PRE>
<PRE CLASS="CODE"><A NAME="pgfId-1087612"></A>          System.out.println(&quot;Cannot write to text.txt&quot;);</PRE>
<PRE CLASS="CODE"><A NAME="pgfId-1087613"></A>        }</PRE>
<PRE CLASS="CODE"><A NAME="pgfId-1087614"></A>      //Read from file</PRE>
<PRE CLASS="CODE"><A NAME="pgfId-1087615"></A>        try {</PRE>
<PRE CLASS="CODE"><A NAME="pgfId-1087616"></A>          String inputFileName = System.getProperty(&quot;user.home&quot;,</PRE>
<PRE CLASS="CODE"><A NAME="pgfId-1087617"></A>                          File.separatorChar + &quot;home&quot; +</PRE>
<PRE CLASS="CODE"><A NAME="pgfId-1087618"></A>                          File.separatorChar + &quot;zelda&quot;) +</PRE>
<PRE CLASS="CODE"><A NAME="pgfId-1087619"></A>                          File.separatorChar + &quot;text.txt&quot;;</PRE>
<PRE CLASS="CODE"><A NAME="pgfId-1087620"></A>          File inputFile = new File(inputFileName);</PRE>
<PRE CLASS="CODE"><A NAME="pgfId-1087621"></A>          in = new FileInputStream(inputFile);</PRE>
<PRE CLASS="CODE"><A NAME="pgfId-1087622"></A>          byte bt[] = new byte[(int)inputFileName.length()];</PRE>
<PRE CLASS="CODE"><A NAME="pgfId-1087623"></A>          in.read(bt);</PRE>
<PRE CLASS="CODE"><A NAME="pgfId-1087624"></A>          s = new String(bt);</PRE>
<PRE CLASS="CODE"><A NAME="pgfId-1087625"></A>        } catch(java.io.IOException e) {</PRE>
<PRE CLASS="CODE"><A NAME="pgfId-1087626"></A>          System.out.println(&quot;Cannot read from text.txt&quot;);</PRE>
<PRE CLASS="CODE"><A NAME="pgfId-1087627"></A>        } finally {</PRE>
<PRE CLASS="CODE"><A NAME="pgfId-1087628"></A>          try {</PRE>
<PRE CLASS="CODE"><A NAME="pgfId-1087629"></A>            in.close;</PRE>
<PRE CLASS="CODE"><A NAME="pgfId-1087630"></A>            out.close();</PRE>
<PRE CLASS="CODE"><A NAME="pgfId-1087631"></A>          } catch(Java.io.IOException e) {</PRE>
<PRE CLASS="CODE"><A NAME="pgfId-1087632"></A>            System.out.println(&quot;Cannot close&quot;);</PRE>
<PRE CLASS="CODE"><A NAME="pgfId-1087633"></A>          }</PRE>
<PRE CLASS="CODE"><A NAME="pgfId-1087634"></A>        }</PRE>
<PRE CLASS="CODE"><A NAME="pgfId-1087635"></A>&nbsp;</PRE>
<PRE CLASS="CODE"><A NAME="pgfId-1087636"></A>      //Clear text field</PRE>
<PRE CLASS="CODE"><A NAME="pgfId-1087637"></A>        textField.setText(&quot;&quot;);</PRE>
<PRE CLASS="CODE"><A NAME="pgfId-1087638"></A>      //Display text read from file</PRE>
<PRE CLASS="CODE"><A NAME="pgfId-1087639"></A>        text.setText(&quot;Text retrieved from file:&quot;);</PRE>
<PRE CLASS="CODE"><A NAME="pgfId-1087640"></A>        button.setText(&quot;Click Again&quot;);</PRE>
<PRE CLASS="CODE"><A NAME="pgfId-1087641"></A>        _clickMeMode = false;</PRE>
<PRE CLASS="CODE"><A NAME="pgfId-1087642"></A>      } else {</PRE>
<PRE CLASS="CODE"><A NAME="pgfId-1087643"></A>//Save text to file</PRE>
<PRE CLASS="CODE"><A NAME="pgfId-1087644"></A>        text.setText(&quot;Text to save to file:&quot;);</PRE>
<PRE CLASS="CODE"><A NAME="pgfId-1087645"></A>        textField.setText(&quot;&quot;);</PRE>
<PRE CLASS="CODE"><A NAME="pgfId-1087646"></A>        button.setText(&quot;Click Me&quot;);</PRE>
<PRE CLASS="CODE"><A NAME="pgfId-1087647"></A>        _clickMeMode = true;</PRE>
<PRE CLASS="CODE"><A NAME="pgfId-1087648"></A>      }</PRE>
<PRE CLASS="CODE"><A NAME="pgfId-1087649"></A>    }</PRE>
<PRE CLASS="CODE"><A NAME="pgfId-1087650"></A>  }</PRE>
<PRE CLASS="CODE"><A NAME="pgfId-1087651"></A>  public static void main(String[] args){</PRE>
<PRE CLASS="CODE"><A NAME="pgfId-1087652"></A>    FileIO frame = new FileIO();</PRE>
<PRE CLASS="CODE"><A NAME="pgfId-1087653"></A>    frame.setTitle(&quot;Example&quot;);</PRE>
<PRE CLASS="CODE"><A NAME="pgfId-1087654"></A>    WindowListener l = new WindowAdapter() {</PRE>
<PRE CLASS="CODE"><A NAME="pgfId-1087655"></A>      public void windowClosing(WindowEvent e) {</PRE>
<PRE CLASS="CODE"><A NAME="pgfId-1087656"></A>        System.exit(0);</PRE>
<PRE CLASS="CODE"><A NAME="pgfId-1087657"></A>      }</PRE>
<PRE CLASS="CODE"><A NAME="pgfId-1087658"></A>    };</PRE>
<PRE CLASS="CODE"><A NAME="pgfId-1087659"></A>    frame.addWindowListener(l);</PRE>
<PRE CLASS="CODE"><A NAME="pgfId-1087660"></A>    frame.pack();</PRE>
<PRE CLASS="CODE"><A NAME="pgfId-1087661"></A>    frame.setVisible(true);</PRE>
<PRE CLASS="CODE"><A NAME="pgfId-1087662"></A>  }</PRE>
<PRE CLASS="CODE"><A NAME="pgfId-1087663"></A>}</PRE>
</DIV>
</DIV>
<DIV>
<H5 CLASS="B">
<A NAME="pgfId-1087664"></A>The <EM CLASS="B-code">
PasswordSecurityManager</EM>
 Class</H5>
<P CLASS="Body">
<A NAME="pgfId-1087666"></A>The <EM CLASS="CODE">
PasswordSecurityManager</EM>
<A NAME="marker-1087665"></A> class declares two private instance variables, which are initialized by the constructor when the custom security manager is installed. The <EM CLASS="CODE">
password</EM>
 instance variable contains the actual password, and the <EM CLASS="CODE">
buffy</EM>
 instance variable is an input buffer that stores the end user's password input. </P>
<PRE CLASS="CODE"><A NAME="pgfId-1087670"></A><A NAME="marker-1087667"></A><A NAME="marker-1087668"></A><A NAME="marker-1087669"></A>import java.io.*;</PRE>
<PRE CLASS="CODE"><A NAME="pgfId-1087671"></A>import java.security.AccessController;</PRE>
<PRE CLASS="CODE"><A NAME="pgfId-1087672"></A>&nbsp;</PRE>
<PRE CLASS="CODE"><A NAME="pgfId-1087673"></A>public class PasswordSecurityManager extends SecurityManager {</PRE>
<PRE CLASS="CODE"><A NAME="pgfId-1087674"></A>  private String password;</PRE>
<PRE CLASS="CODE"><A NAME="pgfId-1087675"></A>  private BufferedReader buffy;</PRE>
<PRE CLASS="CODE"><A NAME="pgfId-1087676"></A>  public PasswordSecurityManager(String p, BufferedReader b) {</PRE>
<PRE CLASS="CODE"><A NAME="pgfId-1087677"></A>    super();</PRE>
<PRE CLASS="CODE"><A NAME="pgfId-1087678"></A>    this.password = p;</PRE>
<PRE CLASS="CODE"><A NAME="pgfId-1087679"></A>    this.buffy = b;</PRE>
<PRE CLASS="CODE"><A NAME="pgfId-1087680"></A>  }</PRE>
<PRE CLASS="CODE"><A NAME="pgfId-1087681"></A>  private boolean accessOK() {</PRE>
<PRE CLASS="CODE"><A NAME="pgfId-1087682"></A>    int c;</PRE>
<PRE CLASS="CODE"><A NAME="pgfId-1087683"></A>    String response;</PRE>
<PRE CLASS="CODE"><A NAME="pgfId-1087684"></A>    System.out.println(&quot;What's the secret password?&quot;);</PRE>
<PRE CLASS="CODE"><A NAME="pgfId-1087685"></A>    try {</PRE>
<PRE CLASS="CODE"><A NAME="pgfId-1087686"></A>      response = buffy.readLine();</PRE>
<PRE CLASS="CODE"><A NAME="pgfId-1087687"></A>      if(response.equals(password)) {</PRE>
<PRE CLASS="CODE"><A NAME="pgfId-1087688"></A>         return true;</PRE>
<PRE CLASS="CODE"><A NAME="pgfId-1087689"></A>      } else {</PRE>
<PRE CLASS="CODE"><A NAME="pgfId-1087690"></A>        return false;
      }</PRE>
<PRE CLASS="CODE"><A NAME="pgfId-1087691"></A>    } catch (IOException e) {</PRE>
<PRE CLASS="CODE"><A NAME="pgfId-1087692"></A>        return false;</PRE>