在测试这个功能时,也遇到了一些坑。
关键在授权文件这里file:/D:/项目/study/out/production/study/必须是目标类的根目录,
比如com.tt.Testaa 这个类,希望给它赋予写权限,那么
file:/D:/项目/study/out/production/study/com/*
file:/D:/项目/study/out/production/study/com/tt/*
都是无效的,不会给目标类赋予权限。
智能是下面的写法。
grant codeBase "file:/D:/项目/study/out/production/study/*" {
permission java.io.FilePermission "D:\\workspace\\*", "write";
};
然后测试命令如下:
D:\asss>java -Djava.security.manager -Djava.security.policy=D:\项目\study\out\production\study\pt.txt -classpath D:\项目\study\out\production\study;. cn.tt.Pf
D:\asss>java -Djava.security.manager -Djava.security.policy=D:\项目\study\out\production\study\pt.txt -classpath D:\项目\study\out\production\study com.liu.policy.FileUtil
package com.liu.policy;
import java.io.File;
import java.io.IOException;
import java.security.AccessController;
import java.security.PrivilegedAction;
/**
* Created by lenovo on 2018/8/16.
*/
public class FileUtil {
public static void makeFile(String fileNmae)
{
File file=new File("D:\\workspace/"+fileNmae);
try {
file.createNewFile();
} catch (IOException e) {
e.printStackTrace();
}
}
public static void main(String[] args) {
doCreateFile("temp3.txt");
}
public static void doCreateFile(String name){
AccessController.doPrivileged(new PrivilegedAction() {
@Override
public Object run() {
makeFile(name);
return null;
}
});
}
}
package cn.tt;
import com.liu.policy.FileUtil;
/**
* Created by lenovo on 2018/8/16.
*/
public class Pf
{
public static void main(String[] args) {
FileUtil.doCreateFile("tem1.txt");
}
}