11:42 am - bobbotron - Java permissions, policies So I'm writing a bit of code, and I have this group of threads (that get created in a thread group that I'll refer to as thread group A) I want to ensure that I can restrict what they are allowed to do (ie, no file access, no sockets, etc, it will be configurable). Now what I was going to do was extend the Security Manager object, and when checkPermission is called, check to see whether the calling thread is part of thread group A, and if it is, check the permissions configuration I have specified, and allow or deny the check. If a thread not in thread group A makes a privileged call, then the security manager should just return, allowing the call.Now the problem is, some of my code uses a framework that make a number of security checks that use the java Policy security object, that aren't captured with the Security manager. I'm pretty sure one solution would be to create my own subclass of Policy, and override it's implies method, but yikes, it seems pretty complicated, and I'm not sure of all of the implications this would have.Any veteran java security gurus out there?
bobbotron - Java permissions, policies So I'm writing a bit of code, and I have this group of threads (that get created in a thread group that I'll refer to as thread group A) I want to ensure that I can restrict what they are allowed to do (ie, no file access, no sockets, etc, it will be configurable). Now what I was going to do was extend the Security Manager object, and when checkPermission is called, check to see whether the calling thread is part of thread group A, and if it is, check the permissions configuration I have specified, and allow or deny the check. If a thread not in thread group A makes a privileged call, then the security manager should just return, allowing the call.Now the problem is, some of my code uses a framework that make a number of security checks that use the java Policy security object, that aren't captured with the Security manager. I'm pretty sure one solution would be to create my own subclass of Policy, and override it's implies method, but yikes, it seems pretty complicated, and I'm not sure of all of the implications this would have.Any veteran java security gurus out there?