Version 5

    In this article, I will describe topics associated with the Java Security Manager as applied to the JBoss Application Server.

    What is the Java Security Manager?

    The Java Security Manager provides facility to integrate a security policy to govern the activities of Java applications running in the Java VM. Read more about it here.

     

    Where is the security policy for JBoss Application Server?

    Typically, the system administrator of the JBoss AS has to work out a security manager policy for use. At JBoss, we do use policies that we have crafted to run the JBoss AS test suite. Users of JBoss AS can utilize these policies as starting points for their applications.

     

    The policy used in the testsuite to run JBoss AS 5.1 under a Java Security Manager is linked here.

     

    How does the Java Security Manager enforce the security rules in operation in the JBoss AS?

    When the Java VM is started with the "-Djava.security.manager" system property, the Java VM will in its native code instantiate a Java Security Manager such that all calls for


    System.getSecurityManager()

     

    will return a non-null value.

     

    If there is no policy file provided as a system property while starting the Java VM, then the Java Security Manager uses the security.policy shipped with the Java VM. You can provide your own security policy with the "-Djava.security.policy" system property.

     

    When applications run in the JBoss Application Server, it is just regular java code in use in the Java VM. Hence the Java VM and its instantiated Java Security Manager police the operations of Java code running in the VM.

     

    Implicit policing by the Java Security Manager

    This happens when the Java Security Manager will apply checks before a sensitive operation is performed in the Java VM. Such sensitive calls include:

    • Read System Properties
    • Write System Properties
    • Get the Thread Context ClassLoader
    • Open a socket

     

    During these checks, the Java Security Manager will consult the policy that has been provided to see if a rule is configured such that the present caller of the operation is entitled to that sensitive operation. Until that happens, the Java VM will throw a security exception.

     

    Explicit policing by the Java Security Manager

    Java applications can request the Java Security Manager to enforce security checks for API usage.

     

    Typically, the code usage is as follows:

    public void someMethod
    {
      ...
      SecurityManager sm = System.getSecurityManager();
      if(sm != null)
        sm.checkPermission(somePermission);
    
      //Perform sensistive operation
    }
    

     

    Here somePermission needs to be an instance of the java.security.Permission

     

    The code example shows that the caller of someMethod needs to have permissions to perform the sensitive operation inside the someMethod call.