neweagle
发贴: 0
积分: 0
|
于 2003-08-06 11:25
jaas中授权问题??各位老大,现身拉 在web上做jaas的授权,可是老通不过,在命令下又可以,郁闷?? 策略文件如下: grant { permission javax.security.auth.AuthPermission "createLoginContext"; permission javax.security.auth.AuthPermission "doAs"; permission javax.security.auth.AuthPermission "doAsPrivileged"; permission javax.security.auth.AuthPermission "modifyPrincipals"; permission javax.security.auth.AuthPermission "getSubject"; }; /**grant codebase "file:/D:/JBuilder8/myjbproject/JaasDemo805/classes/jaas/JaasDemo.jar"**/ grant Principal jaas.PrincipalImpl "Brad" { permission jaas.PersonnelPermission "access"; };
主要用到类: package jaas;
import java.security.*; import javax.security.auth.*; import javax.security.auth.callback.*; import javax.security.auth.login.*; // // This is the main program in the JAAS Example. It creates a Login Context, // logs the user in based on the settings in the Login Configuration file, // and calls two sensitive pieces of code, the first using programmatic // authorization, and the second using declaritive authorization. public class JAASExample {
static LoginContext lc = null;
public static void main( String[] args) { // // Create a login context try { lc = new LoginContext("JAASExample", new UsernamePasswordCallbackHandler()); } catch (LoginException le) { System.out.println( "Login Context Creation Error" ); System.exit(1); } // // Login try { lc.login(); } catch (LoginException le) { System.out.println( "\nOVERALL AUTHENTICATION FAILED\n" ); System.exit(1); } System.out.println( "\nOVERALL AUTHENTICATION SUCCEEDED\n" ); System.out.println( lc.getSubject() ); // // Call the sensitive PayrollAction code, which uses programmatic // authorization. try { Subject.doAs( lc.getSubject(), new PayrollAction() ); } catch (AccessControlException e) { System.out.println( "Payroll Access DENIED" ); } // // Call the sensitive PersonnelAction code, which uses declarative // authorization. try { System.out.println("start here"); Subject.doAsPrivileged( lc.getSubject(), new PersonnelAction(), null );
} catch (AccessControlException e) { System.out.println( "Personnel Access DENIED" ); } try { lc.logout(); } catch (LoginException le) { System.out.println( "Logout FAILED" ); System.exit(1); } System.exit(0); } } ×××××××××××××××PersonnelAction.java package jaas;
import java.io.*; import java.security.*; // // This class is a sensitive Personnel function that demonstrates // the use of declarative authorization using the user defined // permission PersonnelPermission, which throws an exception // if it not granted public class PersonnelAction implements PrivilegedAction { public Object run() {
try{ AccessController.checkPermission(new PersonnelPermission("access")); System.out.println( "Subject has Personnel access\n"); }catch(Exception e){ System.out.println("error:" +e.getMessage()); }
return new Integer(0); } } ××××××××××××PersonnelPermission.java package jaas;
import java.security.*; // // Implement a user defined permission for access to the personnel // code for this example public class PersonnelPermission extends BasicPermission {
public PersonnelPermission(String name) { super(name); }
public PersonnelPermission(String name, String action) { super(name); } }
系统报错为: error:access denied (jaas.PersonnelPermission access)
请指教阿,各位老大???????
|