I'm having a problem with extensions, privileges, permissions, and the SecurityManager in Java. I'm using a SecurityManager because I'm using RMI, but that doesn't really come into this. If I can just get to the point where I'm dealing with RMI issues, I'll be thrilled. My IDE is Eclipse, if that's important. I have two eclipse projects, Auxionr and AuxionrCommon.
The source file Auxionr.java is in the package com.auxionr.ui and the project Auxionr. It contains the main() method I'm trying to run. That main method is this:
public static void main(String[] args)
{
Util.setupSecurity();
try {
DriveUtils.findAuctionDrive();
} catch (FileNotFoundException e) {
e.printStackTrace();
}
ApplicationCore appCore = new ApplicationCore();
@SuppressWarnings("unused")
Auxionr auxionr = new Auxionr(appCore);
}
(Note: The try-catch block with the FileNotFoundException is irrelevant for the purpose of this question. You'll see why in a moment.)
The source file Util.java is in the package com.auxionr and is in the project AuxionrCommon. It contains the method:
public static void setupSecurity()
{
if (System.getSecurityManager() == null)
{
System.setProperty("java.security.policy", "resources" + File.separator + "auxionr.policy");
System.setSecurityManager(new SecurityManager());
}
}
The source file DriveUtils is in the package com.auxionr and is in the project AuxionrCommon. It contains the method:
public static File findAuctionDrive() throws FileNotFoundException
{
System.getSecurityManager().checkRead("F:/"); //throws an exception on runtime
File[] roots = File.listRoots();
for (File root : roots)
{
if (!root.exists())
continue;
File f = new File(root.getAbsolutePath() + File.separator + "auxionr.properties");
if (!f.exists())
continue;
Properties props = new Properties();
try {
props.load(new FileInputStream(f));
if (props.getProperty("stores").equals("auctions") || props.getProperty("stores").equals("both"))
return root;
} catch (IOException e) {
e.printStackTrace();
}
}
throw new FileNotFoundException("No flashdrive found formatted for Auxionr Auction storage use.");
}
The .policy file resources/auxionr.policy is:
/* AUTOMATICALLY GENERATED ON Fri Sep 16 14:28:24 EDT 2016*/
/* DO NOT EDIT */
grant codeBase "file:/E:/Java/Auxionr/" {
permission java.security.AllPermission;
};
grant codeBase "file:/E:/Java/AuxionrCommo,n/" {
permission java.security.AllPermission;
};
I have checked and this file is formatted, loaded, etc. properly.
From my reading on the Java documentation and elsewhere on Stack Overflow I've worked out that I need to wrap my the code in the extension (Everything in AuxionrCommon... right?) in
AccessControl.doPrivileged(new PrivilegedAction()<Object>{
public Object run(){
//code
}
});
But I've tried various versions of this and the call to System.getSecurityManager().checkRead("F:/") in findAuctionDrive() always throws:
Exception in thread "main" java.security.AccessControlException: access denied ("java.io.FilePermission" "F:/" "read")
at java.security.AccessControlContext.checkPermission(Unknown Source)
at java.security.AccessController.checkPermission(Unknown Source)
at java.lang.SecurityManager.checkPermission(Unknown Source)
at java.lang.SecurityManager.checkRead(Unknown Source)
at com.auxionr.DriveUtils.findAuctionDrive(DriveUtils.java:87)
at com.auxionr.ui.Auxionr.main(Auxionr.java:71)
So the question is: Where do I put the AccessControl.doPrivileged to make the code inside findAuctionDrive() have the proper permissions?