JAAS技术:报错了:access denied:

HHHH123 发布于 2014/07/20 13:06
阅读 182
收藏 0

jaas.policy:

grant codeBase  "file:/F:/Java/demo/eclipseWork/LoginModuleBaseJAAS/bin/*"  {   
    permission java.lang.RuntimePermission "createSecurityManager";
    permission java.lang.RuntimePermission "setSecurityManager";
    permission javax.security.auth.AuthPermission "createLoginContext";
    permission javax.security.auth.AuthPermission "doAs";
    permission javax.security.auth.AuthPermission "modifyPrincipals";
    permission javax.security.auth.AuthPermission "getSubject";
    permission java.security.SecurityPermission "getPolicy";
};  

grant codeBase "file:/F:/Java/demo/eclipseWork/LoginModuleBaseJAAS/bin/*"
principal cn.xiezhenbiao.jaas.UserPrincipal "xie"
{
    permission java.io.FilePermission "*", "read";
};

UserPrincipal.java:

package cn.xiezhenbiao.jaas;

import java.io.IOException;
import java.security.Principal;

/**
 * @author Java
 *
 */
public final class UserPrincipal implements Principal, java.io.Serializable {

    private static final long serialVersionUID = 1L;
    
    private String name;
    
    public UserPrincipal(String name) {
        this.name = name;
    }
    
    @Override
    public String getName() {
        return name;
    }

    @Override
    public int hashCode() {
        final int prime = 31;
        int result = 1;
        result = prime * result + ((name == null) ? 0 : name.hashCode());
        return result;
    }

    @Override
    public boolean equals(Object obj) {
        if (this == obj) return true;
        if (obj == null) return false;
        if (getClass() != obj.getClass()) return false;
        UserPrincipal other = (UserPrincipal) obj;
        if (name == null) {
            if (other.name != null)
                return false;
        } else if (!name.equals(other.name))
            return false;
        return true;
    }
    
    @Override
    public String toString() {
        return name;
    }
    
    /**
     * Save the X500Principal object to a stream.
     *
     * @serialData this {@code X500Principal} is serialized
     *          by writing out its DER-encoded form
     *          (the value of {@code getEncoded} is serialized).
     */
    private void writeObject(java.io.ObjectOutputStream s)
        throws IOException {
        s.writeObject(this.name);
    }

    /**
     * Reads this object from a stream (i.e., deserializes it).
     */
    private void readObject(java.io.ObjectInputStream s)
        throws java.io.IOException,
               java.io.NotActiveException,
               ClassNotFoundException {

        this.name = (String) s.readObject();
    }

}

java -Djava.security.auth.login.config=jaas.conf -Djava.security.manager -Djava.security.policy=jaas.policy MyApp

报错:

access denied:

java.io.FilePermission “test.txt", "read"


加载中
返回顶部
顶部