java rmi RMISecurityManager








Class java.rmi.RMISecurityManager





All Packages Class Hierarchy This Package Previous Next Index


Class java.rmi.RMISecurityManager


java.lang.Object
|
+----java.lang.SecurityManager
|
+----java.rmi.RMISecurityManager



public class RMISecurityManager
extends SecurityManager

This class defines a default security policy for RMI applications (not
applets). For code loaded from a class loader, the security manager
disables all functions except class definition and access. This class
may be subclassed to implement a different policy. To set a
RMISecurityManager, add the following to an application's main()
method:
System.setSecurityManager(new RMISecurityManager()); If no security
manager has been set, RMI will only load classes from local system
files as defined by CLASSPATH.








RMISecurityManager()
Construct and initialize.






checkAccept(String, int)
For now loaded classes can't accept connections on any port.

checkAccess(Thread)
Loaded classes are not allowed to manipulate threads.

checkAccess(ThreadGroup)
Loaded classes are not allowed to manipulate thread groups.

checkAwtEventQueueAccess()
Checks to see if an client can get access to the AWT event queue
(disallowed from loaded classes).

checkConnect(String, int)
Loaded classes can make connections if called through the RMI transport.

checkConnect(String, int, Object)
Loaded classes can make connections if
called through the RMI transport.

checkCreateClassLoader()
Loaded classes are not allowed to create class loaders, or even
execute any of ClassLoader's methods.

checkDelete(String)
Check if a file with the specified system dependent
file name can be deleted.

checkExec(String)
Loaded classes are not allowed to fork processes.

checkExit(int)
Loaded classes are not allowed to exit the VM.

checkLink(String)
Loaded classes are not allowed to link dynamic libraries.

checkListen(int)
For now loaded classes can't listen on any port.

checkMemberAccess(Class, int)
Check if client is allowed reflective access to a member or a set
of members for the specified class.

checkMulticast(InetAddress)
Checks to see if current execution context is allowed to use
(join/leave/send/receive) IP multicast (disallowed from loaded classes).

checkMulticast(InetAddress, byte)
Checks to see if current execution context is allowed to use
(join/leave/send/receive) IP multicast (disallowed from loaded classes).

checkPackageAccess(String)
Check if a loaded class can access a package.

checkPackageDefinition(String)
Check if a loaded class can define classes in a package.

checkPrintJobAccess()
Disallow printing from loaded classes.

checkPropertiesAccess()
Loaded classes are not allowed to access the system properties list.

checkPropertyAccess(String)
Loaded classes can access the system property named by key
only if its twin key.rmi property is set to true.

checkRead(FileDescriptor)
Loaded classes are not allowed to open descriptors for reading unless
it is done through a socket, in which case other access
restrictions still apply.

checkRead(String)
Check if a loaded class can read a particular file.

checkRead(String, Object)
No file reads are valid from a loaded class.

checkSecurityAccess(String)
Loaded classes cannot perform security provider operations.

checkSetFactory()
Check if a loaded class can set a networking-related object factory.

checkSystemClipboardAccess()
Checks to see if an client can get access to the System Clipboard
(disallowed from loaded classes).

checkTopLevelWindow(Object)
Allow caller to create top-level windows.

checkWrite(FileDescriptor)
Loaded classes are not allowed to open descriptors for writing unless
it is done through a socket, in which case other access
restrictions still apply.

checkWrite(String)
Check if a loaded class can write a particular file.

getSecurityContext()
Returns the security context (e.g., a URL).







RMISecurityManager

public RMISecurityManager()


Construct and initialize.







getSecurityContext

public Object getSecurityContext()


Returns the security context (e.g., a URL).


Overrides:
getSecurityContext in class SecurityManager



checkCreateClassLoader

public synchronized void checkCreateClassLoader()


Loaded classes are not allowed to create class loaders, or even
execute any of ClassLoader's methods.


Overrides:
checkCreateClassLoader in class SecurityManager



checkAccess

public synchronized void checkAccess(Thread t)


Loaded classes are not allowed to manipulate threads.


Overrides:
checkAccess in class SecurityManager



checkAccess

public synchronized void checkAccess(ThreadGroup g)


Loaded classes are not allowed to manipulate thread groups.


Overrides:
checkAccess in class SecurityManager



checkExit

public synchronized void checkExit(int status)


Loaded classes are not allowed to exit the VM.


Overrides:
checkExit in class SecurityManager



checkExec

public synchronized void checkExec(String cmd)


Loaded classes are not allowed to fork processes.


Overrides:
checkExec in class SecurityManager



checkLink

public synchronized void checkLink(String lib)


Loaded classes are not allowed to link dynamic libraries.


Overrides:
checkLink in class SecurityManager



checkPropertiesAccess

public synchronized void checkPropertiesAccess()


Loaded classes are not allowed to access the system properties list.


Overrides:
checkPropertiesAccess in class SecurityManager



checkPropertyAccess

public synchronized void checkPropertyAccess(String key)


Loaded classes can access the system property named by key
only if its twin key.rmi property is set to true.
For example, the property java.home can be read by
loaded classes only if java.home.rmi is true.


Overrides:
checkPropertyAccess in class SecurityManager



checkRead

public synchronized void checkRead(String file)


Check if a loaded class can read a particular file.


Overrides:
checkRead in class SecurityManager



checkRead

public void checkRead(String file,
Object context)


No file reads are valid from a loaded class.


Throws: RMISecurityException
If called from a loaded class.
Overrides:
checkRead in class SecurityManager



checkWrite

public synchronized void checkWrite(String file)


Check if a loaded class can write a particular file.


Throws: RMISecurityException
If called from a loaded class.
Overrides:
checkWrite in class SecurityManager



checkDelete

public void checkDelete(String file)


Check if a file with the specified system dependent
file name can be deleted.


Parameters:
file - the system dependent file name
Throws: RMISecurityException
If the file is not found.
Overrides:
checkDelete in class SecurityManager



checkRead

public synchronized void checkRead(FileDescriptor fd)


Loaded classes are not allowed to open descriptors for reading unless
it is done through a socket, in which case other access
restrictions still apply.


Overrides:
checkRead in class SecurityManager



checkWrite

public synchronized void checkWrite(FileDescriptor fd)


Loaded classes are not allowed to open descriptors for writing unless
it is done through a socket, in which case other access
restrictions still apply.


Overrides:
checkWrite in class SecurityManager



checkListen

public synchronized void checkListen(int port)


For now loaded classes can't listen on any port.


Overrides:
checkListen in class SecurityManager



checkAccept

public synchronized void checkAccept(String host,
int port)


For now loaded classes can't accept connections on any port.


Overrides:
checkAccept in class SecurityManager



checkMulticast

public void checkMulticast(InetAddress maddr)


Checks to see if current execution context is allowed to use
(join/leave/send/receive) IP multicast (disallowed from loaded classes).


Overrides:
checkMulticast in class SecurityManager



checkMulticast

public void checkMulticast(InetAddress maddr,
byte ttl)


Checks to see if current execution context is allowed to use
(join/leave/send/receive) IP multicast (disallowed from loaded classes).


Overrides:
checkMulticast in class SecurityManager



checkConnect

public synchronized void checkConnect(String host,
int port)


Loaded classes can make connections if called through the RMI transport.


Overrides:
checkConnect in class SecurityManager



checkConnect

public void checkConnect(String host,
int port,
Object context)


Loaded classes can make connections if
called through the RMI transport.


Overrides:
checkConnect in class SecurityManager



checkTopLevelWindow

public synchronized boolean checkTopLevelWindow(Object window)


Allow caller to create top-level windows.
Allow loaded classes to create windows with warnings.


Overrides:
checkTopLevelWindow in class SecurityManager



checkPackageAccess

public synchronized void checkPackageAccess(String pkg)


Check if a loaded class can access a package.


Overrides:
checkPackageAccess in class SecurityManager



checkPackageDefinition

public synchronized void checkPackageDefinition(String pkg)


Check if a loaded class can define classes in a package.


Overrides:
checkPackageDefinition in class SecurityManager



checkSetFactory

public synchronized void checkSetFactory()


Check if a loaded class can set a networking-related object factory.


Overrides:
checkSetFactory in class SecurityManager



checkPrintJobAccess

public void checkPrintJobAccess()


Disallow printing from loaded classes.


Overrides:
checkPrintJobAccess in class SecurityManager



checkSystemClipboardAccess

public void checkSystemClipboardAccess()


Checks to see if an client can get access to the System Clipboard
(disallowed from loaded classes).


Overrides:
checkSystemClipboardAccess in class SecurityManager



checkAwtEventQueueAccess

public void checkAwtEventQueueAccess()


Checks to see if an client can get access to the AWT event queue
(disallowed from loaded classes).


Overrides:
checkAwtEventQueueAccess in class SecurityManager



checkMemberAccess

public void checkMemberAccess(Class clazz,
int which)


Check if client is allowed reflective access to a member or a set
of members for the specified class. Once initial access is granted,
the reflected members can be queried for identifying information, but
can only be used (via get, set, invoke, or
newInstance) with standard Java language access control.
The policy is to dent untrusted clients access to
declared members of classes other than those loaded via
the same class loader. All other accesses are granted.


Overrides:
checkMemberAccess in class SecurityManager



checkSecurityAccess

public void checkSecurityAccess(String provider)


Loaded classes cannot perform security provider operations.


Overrides:
checkSecurityAccess in class SecurityManager




All Packages Class Hierarchy This Package Previous Next Index

Submit a bug or feature - Version 1.1.7 of Java Platform API Specification
Java is a trademark or registered trademark of Sun Microsystems, Inc. in the US and other countries.
Copyright 1995-1998 Sun Microsystems, Inc. 901 San Antonio Road,
Palo Alto, California, 94303, U.S.A. All Rights Reserved.




Wyszukiwarka