JAAS授權涉及的類和接口

公共類如前所述，包括Subject,Principal,Policy

?

Permission：表示對系統資源的操作，用于封裝"一個權限"。

PrivilegedAction:受私有權限保護的計算邏輯。

AccessController：方法控制器，用于驗證操作權限。

?

?

權限封裝類PersonnelPermission

?

import java.security.BasicPermission;public class PersonnelPermission extends BasicPermission {/*** */private static final long serialVersionUID = -3907398941038069753L;public PersonnelPermission(String name) {super(name);}public PersonnelPermission(String name, String action) {super(name);}}

　　自定義Principal

/** @(#)SamplePrincipal.java 1.4 00/01/11** Copyright 2000-2002 Oracle and/or its affiliates. All rights reserved.** Redistribution and use in source and binary forms, with or * without modification, are permitted provided that the following * conditions are met:* * -Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer.* * -Redistribution in binary form must reproduct the above copyright * notice, this list of conditions and the following disclaimer in * the documentation and/or other materials provided with the * distribution.* * Neither the name of Oracle and/or its affiliates. or the names of * contributors may be used to endorse or promote products derived * from this software without specific prior written permission.* * This software is provided "AS IS," without a warranty of any * kind. ALL EXPRESS OR IMPLIED CONDITIONS, REPRESENTATIONS AND * WARRANTIES, INCLUDING ANY IMPLIED WARRANTY OF MERCHANTABILITY, * FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT, ARE HEREBY * EXCLUDED. SUN AND ITS LICENSORS SHALL NOT BE LIABLE FOR ANY * DAMAGES OR LIABILITIES SUFFERED BY LICENSEE AS A RESULT OF OR * RELATING TO USE, MODIFICATION OR DISTRIBUTION OF THE SOFTWARE OR * ITS DERIVATIVES. IN NO EVENT WILL SUN OR ITS LICENSORS BE LIABLE * FOR ANY LOST REVENUE, PROFIT OR DATA, OR FOR DIRECT, INDIRECT, * SPECIAL, CONSEQUENTIAL, INCIDENTAL OR PUNITIVE DAMAGES, HOWEVER * CAUSED AND REGARDLESS OF THE THEORY OF LIABILITY, ARISING OUT OF * THE USE OF OR INABILITY TO USE SOFTWARE, EVEN IF SUN HAS BEEN * ADVISED OF THE POSSIBILITY OF SUCH DAMAGES.* * You acknowledge that Software is not designed, licensed or * intended for use in the design, construction, operation or * maintenance of any nuclear facility. */package root.tgview;import java.security.Principal;/*** <p> This class implements the <code>Principal</code> interface* and represents a Sample user.** <p> Principals such as this <code>SamplePrincipal</code>* may be associated with a particular <code>Subject</code>* to augment that <code>Subject</code> with an additional* identity. Refer to the <code>Subject</code> class for more information* on how to achieve this. Authorization decisions can then be based upon * the Principals associated with a <code>Subject</code>.* * @version 1.4, 01/11/00* @see java.security.Principal* @see javax.security.auth.Subject*/ public class SamplePrincipal implements Principal, java.io.Serializable {/*** @serial*/private String name;/*** Create a SamplePrincipal with a Sample username.** <p>** @param name the Sample username for this user.** @exception NullPointerException if the <code>name</code>* is <code>null</code>.*/public SamplePrincipal(String name) {if (name == null)throw new NullPointerException("illegal null input");this.name = name;}/*** Return the Sample username for this <code>SamplePrincipal</code>.** <p>** @return the Sample username for this <code>SamplePrincipal</code>*/public String getName() {return name;}/*** Return a string representation of this <code>SamplePrincipal</code>.** <p>** @return a string representation of this <code>SamplePrincipal</code>.*/public String toString() {return("SamplePrincipal: " + name);}/*** Compares the specified Object with this <code>SamplePrincipal</code>* for equality. Returns true if the given object is also a* <code>SamplePrincipal</code> and the two SamplePrincipals* have the same username.** <p>** @param o Object to be compared for equality with this* <code>SamplePrincipal</code>.** @return true if the specified Object is equal equal to this* <code>SamplePrincipal</code>.*/public boolean equals(Object o) {if (o == null)return false;if (this == o)return true;if (!(o instanceof SamplePrincipal))return false;SamplePrincipal that = (SamplePrincipal)o;if (this.getName().equals(that.getName()))return true;return false;}/*** Return a hash code for this <code>SamplePrincipal</code>.** <p>** @return a hash code for this <code>SamplePrincipal</code>.*/public int hashCode() {return name.hashCode();} }

　　需要進行權限驗證的Action

import java.security.AccessController; import java.security.PrivilegedAction; import java.security.PrivilegedExceptionAction;public class TestPrivilegedAction implements PrivilegedAction{@Overridepublic Object run() {AccessController.checkPermission(new PersonnelPermission("access"));System.out.println("\nYour user.home property value is: "+ System.getProperty("user.home"));return "";}}

　　policy配置文件

grant Principal root.tgview.SamplePrincipal "alice"{permission java.util.PropertyPermission "user.home", "read";permission root.tgview.PersonnelPermission "access";};

　　

　　測試代碼

LoginContext lc=null; try { lc= new LoginContext("MyExample",new TextCallbackHandler()); lc.login(); Subject sub = lc.getSubject(); sub.doAsPrivileged(sub, new TestPrivilegedAction(),null);} catch (Exception e) { // Authentication failed. e.printStackTrace();}

　　運行參數

-Djava.security.manager -Djava.security.auth.login.config="D:\jass.config" -Djava.security.policy="D:\Policy.txt"

　　

轉載于:https://www.cnblogs.com/jlx1/p/4629534.html

總結

以上是生活随笔為你收集整理的JAAS授权的全部內容，希望文章能夠幫你解決所遇到的問題。

如果覺得生活随笔網站內容還不錯，歡迎將生活随笔推薦給好友。