- 浏览: 415386 次
- 性别:
- 来自: 深圳
文章分类
最新评论
-
Glogo:
楼主您好,我在试验您的代码的时候发现新开的三个子线程并没有一直 ...
java 高并发 ReentrantLock -- 可重入的锁 -
univasity:
最近发觉也被限速了,投诉一下就好一会~~ 看来明天又要和电信M ...
ADSL上网速度慢 都是帐号限速惹的祸 -
liuyuanhui0301:
java 高并发 ReentrantLock -- 可重入的锁 -
dang_java:
呵.很好的说明文档.
JXTA技术与应用发展 -
helloqidi:
谢谢,学习了
SQL中exists和in的区别
Why use a SecurityManager?
The Java SecurityManager is what allows a web browser to run an applet in its own sandbox to prevent untrusted code from accessing files on the local system, connecting to a host other than the one the applet was loaded from, etc.
In the same way the SecurityManager protects you from an untrusted applet running in your browser, use of a SecurityManager while running Tomcat can protect your server from trojan servlets, JSP's, JSP beans, and tag libraries. Or even inadvertent mistakes.
Imagine if someone who is authorized to publish JSP's on your site inadvertently included the following in their JSP:
<% System.exit(1); %>
Every time that JSP was executed by Tomcat, Tomcat would exit.
Using the Java SecurityManager is just one more line of defense a system administrator can use to keep the server secure and reliable.
System Requirements
Use of the SecurityManager requires a JVM that supports JDK 1.2.
Precautions
Implementation of a SecurityManager in Tomcat has not been fully tested to ensure the security of Tomcat. No special Permissions have been created to prevent access to internal Tomcat classes by JSP's, web applications, servlets, beans, or tag libraries. Make sure that you are satisfied with your SecurityManager configuration before allowing untrusted users to publish web applications, JSP's, servlets, beans, or tag libraries.
Still, running with a SecurityManager is definitely better than running without one.
Types of Permissions
Permission classes are used to define what Permissions a class loaded by Tomcat will have. There are a number of Permission classes as part of the JDK and you can even create your own Permission class for use in your own web applications.
This is just a short summary of the System SecurityManager Permission classes applicable to Tomcat. Please refer to the JDK documentation for more information on using the below Permissions.
java.util.PropertyPermission
Controls read/write access to JVM properties such as java.home.
java.lang.RuntimePermission
Controls use of some System/Runtime functions like exit() and exec().
java.io.FilePermission
Controls read/write/execute access to files and directories.
java.net.SocketPermission
Controls use of network sockets.
java.net.NetPermission
Controls use of multicast network connections.
java.lang.reflect.ReflectPermission
Controls use of reflection to do class introspection.
java.security.SecurityPermission
Controls access to Security methods.
java.security.AllPermission
Allows access to all permissions, just as if you were running Tomcat without a SecurityManager.
Configuring Tomcat for use with a SecurityManager
tomcat.policy
The security policies implemented by the Java SecurityManager are configured in the tomcat.policy file located in the tomcat conf
directory. The tomcat.policy file replaces any system java.policy file. The tomcat.policy file can be edited by hand or you can use the policytool application that comes with Java 1.2, or later.
Entries in the tomcat.policy file use the standard java.policy file format as follows:
// Example policy file entry grant [signedBy <signer> [,codeBase <code source>] { permission <class> [<name> [, <action list>]]; }; |
The signedBy and codeBase entries are optional when granting permissions. Comment lines begin with // and end at a new line.
The codeBase is in the form of a URL and for a file URL can use the ${java.home} and ${tomcat.home} properties which are expanded out to the directory paths defined for them.
Default tomcat.policy file
// Permissions for tomcat. // javac needs this grant codeBase "file:${java.home}/lib/-" { permission java.security.AllPermission; }; // Tomcat gets all permissions grant codeBase "file:${tomcat.home}/lib/-" { permission java.security.AllPermission; }; grant codeBase "file:${tomcat.home}/classes/-" { permission java.security.AllPermission; }; // Example webapp policy // By default we grant read access on webapp dir // and read of the line.separator PropertyPermission grant codeBase "file:${tomcat.home}/webapps/examples" { permission java.net.SocketPermission "localhost:1024-","listen"; permission java.util.PropertyPermission "*","read"; }; |
Here is an example where in addition to the above, we want to grant the examples web application the ability to connect to the localhost smtp port so that it can send mail.
grant codeBase "file:${tomcat.home}/webapps/examples" { permission java.net.SocketPermission "localhost:25","connect"; permission java.net.SocketPermission "localhost:1024","listen"; permission java.util.PropertyPermission "*","read"; }; |
Now what if we wanted to give all contexts not configured by their own grant entry some default permissions in addition to what Tomcat assigns by default.
grant { permission java.net.SocketPermission "localhost:1024","listen"; permission java.util.PropertyPermission "*","read"; }; |
Finally, a more complex tomcat.policy file. In this case we are using Tomcat as an app server for a number of remote web servers. We want to limit what remote web servers can connect to Tomcat by using the Java SecurityManager.
// Permissions for tomcat. // javac needs this grant codeBase "file:${java.home}/lib/-" { permission java.security.AllPermission; }; // Tomcat with IP filtering grant codeBase "file:${tomcat.home}/lib/-" { // Tomcat should be able to read/write all properties permission java.util.PropertyPermission "*","read,write"; // Tomcat needs to be able to read files in its own directory permission java.io.FilePermission "${tomcat.home}/-","read"; // Tomcat has to be able to write its logs permission java.io.FilePermission "${tomcat.home}/logs/-","read,write"; // Tomcat has to be able to write to the conf directory permission java.io.FilePermission "${tomcat.home}/conf/-","read,write"; // Tomcat has to be able to compile JSP's permission java.io.FilePermission "${tomcat.home}/work/-","read,write,delete"; // Tomcat needs all the RuntimePermission's permission java.lang.RuntimePermission "*"; // Needed so Tomcat can set security policy for a Context permission java.security.SecurityPermission "*"; // Needed so that Tomcat will accept connections from a remote web server // Replace XXX.XXX.XXX.XXX with the IP address of the remote web server permission java.net.SocketPermission "XXX.XXX.XXX.XXX:1024-","accept,listen,resolve"; // Tomcat has to be able to use its port on the localhost permission java.net.SocketPermission "localhost:1024-","connect,accept,listen,resolve"; }; // Example webapp policy // By default we grant read access on webapp dir // and read of the line.separator PropertyPermission grant codeBase "file:${tomcat.home}/webapps/examples" { permission java.net.SocketPermission "localhost:1024-","listen"; permission java.util.PropertyPermission "*","read"; }; |
Starting Tomcat with a SecurityManager
Once you have configured the tomcat.policy for use with a SecurityManager, Tomcat can be started with the SecurityManager in place by adding the "-security" option to bin/startup.bat or bin/startup.
What happens when the SecurityManager detects a Security violation?
The JVM will throw an AccessControlException or a SecurityException when the SecurityManager detects a security policy violation.
Trouble shooting tomcat.policy configuration and Security Violations
You can turn on Java SecurityManager debug logging by setting the environmental variable:
TOMCAT_OPTS=-Djava.security.debug=all
The debug output will be written to Tomcat's log file, or the console if no log file is defined.
Note: This gives the most complete debugging information, but generates many MB's of output, for less verbose security debug output, use:
TOMCAT_OPTS=-Djava.security.debug=access,failure
Use the following shell command to determine all the security debug options available: java -Djava.security.debug=help
JSP Compile using JVM internal javac fails with AccessControlException for RuntimePermission accessClassInPackage sun.tools.javac.
Check your JAVA_HOME/jre/lib/security/java.security file configuration. Comment out the line "package.access=sun.".
发表评论
-
深入JVM锁机制
2011-09-19 01:00 944目前在Java中存在两种 ... -
java 正则表达式 非捕获组(特殊构造)Special Constructs(Non-Capturing)
2011-06-20 23:15 1598针对Java API文档中的正则表达式关于特殊构造(非捕获组) ... -
Java文件映射[mmap]揭秘
2011-06-08 20:10 1094前言 相信现在 ... -
原创 java的Mmap二三事
2011-06-08 19:46 1157转自 :http://blog.csdn.net/kabini ... -
java 安全沙箱模型详解
2011-04-18 16:29 906起到第一道安全保障作 ... -
非阻塞算法-ReentrantLock代码剖析之ReentrantLock.lock
2011-04-15 13:59 1047ReentrantLock是java.util.concurr ... -
CyclicBarrier与CountDownLatch、栅栏与计数器
2011-04-15 10:39 1427在多线程设计中,我猜常常会遇到线程间相互等待以及某个线程等待1 ... -
Java KeyStore
2011-04-13 17:17 1426简介Java自带的keytool工具是个密钥和证书管理工具。它 ... -
Security Managers and the JavaTM 2 SDK
2011-04-12 13:37 738The original Link : http://do ... -
Something about SecurityManager
2011-04-12 13:33 748The Java Security was made up o ... -
Java安全管理器(Security Manager)(
2011-04-11 14:54 856转载自: http://blog.sina.com.cn/s/ ... -
Java对象的强、软、弱和虚引用(1)
2011-04-01 08:44 771本文介绍Java对象的强 ... -
Java对象的强引用、软引用、弱引用和虚引用
2011-04-01 08:39 871在JDK1.2以前的版本中, ... -
java 高并发 ReentrantLock -- 可重入的锁
2011-03-30 08:09 2287ReentrantLock -- 可重入的锁 可重入锁指 ... -
线程运行栈信息的获取
2011-03-24 17:23 1270线程运行栈信息的获取 ... -
java序列化——Serializable
2011-03-15 23:17 1033类通过实现 java.io.Serializable 接口 ... -
Java aio(异步网络IO)初探
2011-03-11 16:34 1525按照《Unix网络编程》的 ... -
JAVA NIO 简介
2011-03-11 13:38 10811. 基本 概念 IO 是主存和外部设备 ( 硬盘、终 ... -
[字节码系列]ObjectWeb ASM构建Method Monitor
2011-03-08 18:08 831在前面的篇章中,我们看到Java Instru ... -
深入了解Java ClassLoader、Bytecode 、ASM、cglib
2011-03-08 16:35 829一、Java ClassLoader 1,什 ...
相关推荐
Using the SecurityManager 205 Granting File Permissions 208 Setting Up a Tomcat chroot Jail 213 Filtering Bad User Input 224 Securing Tomcat with SSL 241 7. Configuration . . . . . . . . . . . . . . ....
Advanced Programming for the Java 2 Platform.chm 里边有很多不怎么为人所知的东西,时常参考,还是蛮有好处的 Chapter 1: Matching Project Requirements with Technology <br>Project Requirements ...
NULL 博文链接:https://lanhuidong.iteye.com/blog/1090395
安全经理Java安全管理器的定制实现,旨在为Web应用程序提供额外的保护和保证。 它允许使用更灵活的许可算法,以更好地满足J2EE环境的安全需求。背景默认的Java安全管理器实现被设计为用于不受信任的代码的通用沙箱。...
3.10 java.lang.SecurityManager 51 3.10.1 使用安全管理器的实例 51 3.10.2 JDK1.2中没有改变的API 52 3.10.3 JDK1.2中禁用的方法 53 3.11 java.security.AccessController 56 3.11.1 AceessController的界面设计 ...
安全解决Java中设计缺陷的SecurityManager实现
创建安全管理器利用安全管理器public static void main(String args[]){方法调用此方法时,返回所有新创建的线程实例化后所在的线
3.10 java.lang.SecurityManager 51 3.10.1 使用安全管理器的实例 51 3.10.2 JDK1.2中没有改变的API 52 3.10.3 JDK1.2中禁用的方法 53 3.11 java.security.AccessController 56 3.11.1 AceessController的界面设计 ...
下面小编就为大家带来一篇浅谈shiro的SecurityManager类结构。小编觉得挺不错的,现在就分享给大家,也给大家做个参考。一起跟随小编过来看看吧
理解 Shiro 的核心概念:Subject、SecurityManager、Realm 等。 身份认证: 理解身份认证的概念和流程。 认识 AuthenticationToken 和 AuthenticationInfo。 学习如何自定义 Realm 来实现不同的身份认证方式。 授权...
这是使用Scala编写的Java SecurityManager对沙盒代码的实现。 它从Jens Nordahl的汲取了灵感,尽管花了点时间才能看清参数是什么。 它由一个Main类组成,该类启动一个沙箱,然后从该沙箱中启动一个脚本。 跑步 ...
Java 对通过网络下载的类具有一个安全防范机制(类 ClassLoader),如分配不同的名字空间以防替代本地的同名类、字节代码检查,并提供安全管理机制(类 SecurityManager)让 Java 应用设置安全哨兵。 Java 语言是可...
在现代的Java Web应用开发中,使用SSM(Spring + Spring MVC + MyBatis)框架组合是一种非常流行的做法。...在权限控制方面,可以配置Shiro的安全管理器(SecurityManager)和授权信息(如角色和权限)。
使用详情见 博客 利用ScriptEngineManager执行js的RSA加密 http://blog.csdn.net/userwyh/article/details/52345718
java对通过网络下载的类具 有一个安全防范机制(类classloader),如分配不同的名字空间以防替代本地的同名类 、字节代码检查,并提供安全管理机制(类securitymanager)让java应用设置安全哨兵 。多元性,作为现下...
System.setSecurityManager(new SecurityManager() { @Override public void checkExit(int status) { throw new ThreadDeath(); } }); try { System.exit(0); } finally { System.out.println("In the ...
主要针对计算机相关专业的正在做毕设的学生和需要项目实战的Java学习者。 也可作为课程设计、期末大作业。包含:项目源码、数据库脚本、项目说明等,该项目可以直接作为毕设使用。 也可以用来学习参考借鉴!
Requirements: (Only JDK 11.0.X 64 bit (17 and 18 not contains a java.lang.SecurityManager class needed for sandboxing)), 64-bit OS mod by CXV Press Generate a Key in welcome window - fix all ...
适用于OpenIDConnect的Flask-AppBuilder SecurityManager 包装,公开了可与任何Flask-AppBuilder应用一起使用的SecurityManager 。 它将允许您的用户使用OpenIDConnect提供程序(例如Auth0,Okta或Google Apps)...