jkd1.2 - security - new types of permissions - example

Guy Edjlali (edjlali@ece.eng.wayne.edu)
Wed, 4 Mar 1998 12:59:03 -0500 (EST)

Date: Wed, 4 Mar 1998 12:59:03 -0500 (EST)
From: Guy Edjlali <edjlali@ece.eng.wayne.edu>
To: java-security@web4.javasoft.com
Subject: jkd1.2 - security - new types of permissions - example
Message-Id: <Pine.SOL.3.96.980304103122.17552A-100000@ernie>

Hello

I was implementing a template of your example on how to create
new types of permissions. I wanted to see how the functions are
called. The test example (see below for the code of: Test.java
TVPermission.java and java.policy) is giving me the
following output:
[72] java Test
TVPermission channel-7 watch
TVPermission channel-7 read
TVPermission channel-2 watch
[73]

There seems to be no call to the implies function.
Could you tell me what is wrong in my example?
Thank you for helping me out.

BTW: Is the -usepolicy option implemented?
[73] java -usepolicy:myPolicy Test
usepolicy:myPolicy: illegal argument
Usage: java [-options] class

where options include:
-help print this message and exit
-version print product version and exit
-v -verbose[:class|gc|jni]
turn on verbose mode
-classpath <directories and zip/jar files separated by :>
set search path for classes
-D<name>=<value> set a system property
-X print help on non-standard options and exit

----------------------------------------------------------------------
import java.security.*;
public class Test {
public static void main(String args[]) {

TVPermission tvperm1 = new TVPermission("channel-7","watch");
AccessController.checkPermission(tvperm1);

TVPermission tvperm2 = new TVPermission("channel-7","read");
AccessController.checkPermission(tvperm2);

TVPermission tvperm3 = new TVPermission("channel-2","watch");
AccessController.checkPermission(tvperm3);
}
}
---------------------------------------------------------------------------

import java.security.*;
public class TVPermission extends Permission {

TVPermission(String name,String action) {
super(name);
System.out.println("TVPermission "+name+" "+action);
}

public boolean implies(Permission permission) {
System.out.println("implies:"+permission);
return false;
}

public boolean equals(Object o) {
System.out.println("equals "+o);
return false;
}

public int hashCode() {
System.out.println("hashCode");
return 0;
}

public String getActions() {
System.out.println("getActions");
return "watch, read";
}
}
-------------------------------------------------------------------------------
// java.policy file
grant {
// allows anyone to listen on un-privileged ports
permission java.net.SocketPermission "localhost:1024-", "listen";

// "standard" properies that can be read by anyone

permission java.util.PropertyPermission "java.version", "read";
permission java.util.PropertyPermission "java.vendor", "read";
permission java.util.PropertyPermission "java.vendor.url", "read";
permission java.util.PropertyPermission "java.class.version",
"read";
permission java.util.PropertyPermission "os.name", "read";
permission java.util.PropertyPermission "os.version", "read";
permission java.util.PropertyPermission "os.arch", "read";
permission java.util.PropertyPermission "file.separator", "read";
permission java.util.PropertyPermission "path.separator", "read";
permission java.util.PropertyPermission "line.separator", "read";
permission TVPermission "channel7","watch";
};

------------------------------------------------------------------------------

Best regards

- Guy Edjlali _________
\___ Dept. of Electrical and Computer Engineering
edjlali@ece.eng.wayne.edu \_______________ Wayne State University
Phone: (313) 577 3738 Fax: (313) 577 1101 \__ 5050 Anthony Wayne Drive
http://www.pdcl.eng.wayne.edu/~edjlali \_____ Detroit, MI 48202