首先在项目根目录创建一个test.txt空文件,执行下面的代码
public class JavaPolicyTest {
public static void main(String[] args) throws IOException {
// 注释1: System.setProperty("java.security.policy", "test.policy");
// 注释2: System.setSecurityManager(new SecurityManager());
File file = new File("test.txt");
try {
read(file);
System.out.println("file read ok");
} catch (Throwable e) {
System.out.println(e.getMessage());
}
try {
write(file);
System.out.println("file write ok");
} catch (Throwable e) {
System.out.println(e.getMessage());
}
}
private static void read(File file) throws Throwable {
try (BufferedReader reader = new BufferedReader(new InputStreamReader(new FileInputStream(file)))){
String temp;
while ((temp = reader.readLine()) != null) {
System.out.println("read-->" + temp);
}
}
}
private static void write(File file) throws Throwable {
FileWriter fw = new FileWriter(file,true);
fw.write("hello world \r\n");
System.out.println("write -> hello world");
fw.flush();
fw.close();
}
}
情况1:
直接运行,最后会输出
file read ok
write -> hello world
file write ok
情况2:
把上面的注释2打开,再执行,输出如下:
access denied (“java.io.FilePermission” “test.txt” “read”)
access denied (“java.io.FilePermission” “test.txt” “write”)
情况3:
接下来在项目根目录下创建一个test.policy文件,内容如下:
grant codeBase "file:${user.dir}/-" {
permission java.io.FilePermission "${user.dir}/test.txt","read,write";
};
表示在项目根目录下的代码,拥有对test.txt文件的读写权限
接着把注释1打开再执行,输出如下:
read–>hello world
file read ok
write -> hello world
file write ok