Re: overriding security manager

Sharon Liu (Sharon.Liu@eng.sun.com)
Thu, 19 Aug 1999 15:47:39 -0700 (PDT)

Message-Id: <199908192248.PAA06442@shorter.eng.sun.com>
Date: Thu, 19 Aug 1999 15:47:39 -0700 (PDT)
From: Sharon Liu <Sharon.Liu@eng.sun.com>
Subject: Re: overriding security manager
To: java-security@java.sun.com, shahzad@hubble.eecs.uic.edu

Shahzad,

The checkRead() example in the security guide is correct. The one
in the online training has some problems: if the accessOK() fails,
a SecurityException will be thrown no matter super.checkRead()
succeeds or fails. So I don't see the point of calling super.checkRead()
in the online training example.

> if (!accessOK()) {
> super.checkRead(filename);
> throw new SecurityException("No Way!");
> } else {
> ...
> }

Sharon

> To: <java-security@java.sun.com>
> Subject: overriding security manager
> MIME-Version: 1.0
> X-Priority: 3
> X-MSMail-Priority: Normal
> X-MimeOLE: Produced By Microsoft MimeOLE V5.00.2014.211
>
> I read
http://java.sun.com/products/jdk/1.2/docs/guide/security/smPortGuide.html
> and it shows how to override security manager. In the code, the derived method
> invokes parent's method if security check fails.
> I also found another guide from sun at
http://developer.java.sun.com/developer/onlineTraining/Programming/JDCBook/signe
d2.html
> that shows that the derived method does following
> if security check fails
> call parent's method
> throw security exception
> otherwise
> build permission and call checkPermission
>
> I am not sure which way is correct.
> Another question I have is that in my application, I have two types of
security checks,
> hard-coded that cannot be configured and configureable from policy files. So
if hardcoded
> check fails I always want to throw security exception however if configurable
check fails
> then I can call parent's default method. Can you suggest a good procedure for
such
> checking.
> Thanks.
>
>