4

I am doing some debugging in an application (not applet) and have obtained the system's security manager via a call to System.getSecurityManager(). How can I print all configuration information that this SecurityManager was setup with? Looking at the Java 7 SE API it seems that all methods are interrogatory in nature and there is no way to get the permissions configuration. The toString() method also seems to inherit directly from Object and just prints the pointer.

mKorbel
  • 109,525
  • 20
  • 134
  • 319
Marcus Junius Brutus
  • 26,087
  • 41
  • 189
  • 331

2 Answers2

1

Run the program with -Djava.security.debug=access,domain and you will see everything you need to see.

user207421
  • 305,947
  • 44
  • 307
  • 483
  • He could be simply `sign` his `jar` file. And moreover we don't know whether he's programming an `application` or an `applet` – Sri Harsha Chilakapati Sep 02 '12 at 01:36
  • @SriHarshaChilakapati That won't stop it printing out all the access information, including the entire security domain configuration. – user207421 Sep 02 '12 at 01:48
  • It's an application. I just edited my question to reflect that. – Marcus Junius Brutus Sep 02 '12 at 06:17
  • I tried that, there's no change in the output. I am not inside a debugger. I'm just trying to find a method to print a comprehensive listing of Security Manager's configuration / settings / permissions. SecurityManager#toString doesn't do anything useful, and like I said at the original message I don't see any methods in java.lang.SecurityManager that can give me what I need. What API/methods, exactly, are you proposing that I use when I run my code with -Djava.security.debug=access,domain ?? – Marcus Junius Brutus Sep 02 '12 at 06:41
  • @MenelaosPerdikeas You mean that option printed *nothing?* Contrary to everything it says in the Javadoc? – user207421 Sep 02 '12 at 08:40
  • No, there's no difference in the output whether I use -Djava.security.debug=access,domain or not. – Marcus Junius Brutus Sep 02 '12 at 19:46
-1

See it here. http://www.oracle.com/technetwork/java/javase/tech/index-jsp-136007.html

There also exists another method of checking the permissions. Use a try catch block.

try{

} catch (Exception e){
    if (e instanceof SecurityException){
        // It's a security violation.
        // Look for another possibility
    }
}

Hope this helps.

Sri Harsha Chilakapati
  • 11,744
  • 6
  • 50
  • 91
  • Your citation doesn't provide any kind of an answer. And why wouldn't you just catch SecurityException and avoid the 'instanceof' test? – user207421 Sep 02 '12 at 01:27
  • @EJP I've not omitted the `instanceof` test. I don't know what work he's doing which get's him a security exception. So I've added a comment to look for another possibility of the same work which do not get a security exception. He could instead `sign` his `.jar` files – Sri Harsha Chilakapati Sep 02 '12 at 01:32
  • You haven't addressed my comment or answered my question in any way. -1. – user207421 Sep 02 '12 at 01:50