Look into Java's built-in security infrastructure
探究Java内置安全基础设施,
System.setSecurityManager(new SecurityManager()); //使用默认安全监控,设置安全管理器
new URL("http://www.google.com").openConnection().connect();
返回结果:
java.security.AccessControlException: access denied ("java.net.SocketPermission www.google.com:80" "connect,resolve");
main component
java.lang SecurityManager
Permission:java.security.Permission instances stand for authorization requests
Configuration:
define permissions in a special policy format. These permissions take the form of grant entries:
grant codeBase "file:${{java.ext.dirs}}/*" {
permission java.security.AllPermission;
};
The codeBase rule above is optional;
JVM loads the common system policy file located at <java.home>/lib/security/java.policy
user-local policy in <user.home>/.java.policy, the JVM appends it to the system policy.
specify policy file –Djava.security.policy=/my/policy-file.
replacing all system and user policies: double equals sign: –Djava.security.policy==/my/policy-file