javax.security.auth
Ŭ·¡½º Policy

java.lang.Object
  |
  +--javax.security.auth.Policy

public abstract class Policy
extends java.lang.Object

Subject º£À̽ºÀÇ ½ÂÀÎÀÇ ½Ã½ºÅÛ Á¤Ã¥À» ³ªÅ¸³»´Â abstract Ŭ·¡½ºÀÔ´Ï´Ù. ÀÌ Å¬·¡½ºÀÇ ¼­ºê Ŭ·¡½º ½ÇÀå¿¡¼­´Â, Subject º£À̽ºÀÇ ¾×¼¼½º Á¦¾î Policy ¸¦ ÁöÁ¤ÇÏ´Â ¹æ¹ýÀ» Á¦°øÇÕ´Ï´Ù.

Policy ¿ÀºêÁ§Æ®´Â, ´ÙÀ½ÀÇ ¹æ¹ýÀ¸·Î,Principal ·Î¼­ ½ÇÇàÇϰí ÀÖ´Â Äڵ忡 ºÎ¿©µÈ Permission ¼¼Æ®¸¦ Äí¿¡¸®-ÇÒ ¼ö°¡ ÀÖ½À´Ï´Ù.

	policy = Policy.getPolicy();
	PermissionCollection perms = policy.getPermissions(subject,
							codeSource);
Policy ¿ÀºêÁ§Æ®¿¡¼­´Â ·ÎÄà Æú¸®½Ã¸¦ ÂüÁ¶ÇØ, ÀûÀýÇÑ Permissions ¿ÀºêÁ§Æ®¸¦ µ¹·ÁÁÝ´Ï´Ù. ÀÌ Permissions ¿ÀºêÁ§Æ®¿¡´Â, ÁöÁ¤ÇÑ subject ¿¡ °ü·ÃÁöÀ» ¼ö ÀÖ¾ú´ø Principal ¿¡ ºÎ¿©µÇ¾î ÇÑÆí codeSource ·Î ÁöÁ¤µÈ Äڵ忡 ºÎ¿©µÈ Permission °¡ ÀÖ½À´Ï´Ù.

Policy ¿¡´Â, ÀÌÇÏ¿¡ ³ªÅ¸³»´Â Á¤º¸°¡ °Ý³³µË´Ï´Ù. ÀÌ ¿¹¿¡¼­´Â, ´ÜÁö µðÆúÆ®ÀÇ Policy ½ÇÀåÀÇ ±¸¹®À» ³ªÅ¸³»°í ÀÖ½À´Ï´Ù. ÀÌ Å¬·¡½ºÀÇ ¼­ºê Ŭ·¡½º ½ÇÀå¿¡¼­´Â ´Ù¸¥ ±¸¹®À» ½ÇÀåÇÒ ¼öµµ ÀÖ¾î ÆÄÀÏ, µ¥ÀÌŸº£À̽º, ¼­¹ö¶ó°í ÇÏ´Â ÀÓÀÇÀÇ ¼Ò½º·ÎºÎÅÍ Policy ¸¦ ÃëµæÇÒ ¼öµµ ÀÖ½À´Ï´Ù.

Policy ÀÇ °¢ ¿£Æ®¸®´Â,grant ¿£Æ®¸®·Î¼­ ³ªÅ¸³»Áý´Ï´Ù. °¢ grant ¿£Æ®¸®¿¡¼­´Â, ÄÚµå º£À̽º, ÄÚµåÀÇ ¼­¸íÀÚ, ¹× Principal ·ÎºÎÅÍ ¿Ï¼ºµÇ´Â ¼ÂÀÕ´ÜÀ½Ç¥, ±×¸®°í ±× ¼ÂÀÕ´ÜÀ½Ç¥¿¡ ºÎ¿©µÈ Permission ¸¦ ÁöÁ¤ÇÕ´Ï´Ù.

	grant CodeBase ["URL"], Signedby ["signers"],
	      Principal [Principal_Class] "Principal_Name" {
	    Permission Permission_Class ["Target_Name"]
					[, "Permission_Actions"]
					[, signedBy "SignerName"];
	};
À̸§/Ä¡ Æä¾îÀÇ ¼ÂÀÕ´ÜÀ½Ç¥ °¡¿îµ¥, CodeBase ÄÄÆÛ³ÍÆ®¿Í Signedby ÄÄÆÛ³ÍÆ®´Â »ý·« °¡´ÉÇÕ´Ï´Ù. Á¸ÀçÇÏÁö ¾Ê´Â °æ¿ì´Â ÀÓÀÇÀÇ ÄÚµå º£À̽º°¡ ÀÏÄ¡ÇØ, ÀÓÀÇÀÇ ¼­¸íÀÚ (¼­¸í ¾øÀ½ÀÇ Äڵ带 Æ÷ÇÔÇÑ´Ù)°¡ ÀÏÄ¡ÇÕ´Ï´Ù. ¿¹¸¦ µé¾î ´ÙÀ½°ú °°ÀÌ µË´Ï´Ù.
	grant CodeBase "foo.com", Signedby "foo",
	      Principal com.sun.security.auth.SolarisPrincipal "duke" {
	    permission java.io.FilePermission "/home/duke", "read, write";
	};
ÀÌ grant ¿£Æ®¸®¿¡¼­´Â, foo °¡ ¼­¸íÇÑ, À̸§ duke ÀÇ SolarisPrincipal ·Î ½ÇÇàÇϰí ÀÖ´Â foo.com ·ÎºÎÅÍÀÇ Äڵ忡,Permission °¡ 1 °³ ÀÖ´Â °ÍÀ» ÁöÁ¤ÇØ ÀÖ½À´Ï´Ù. ÀÌ Permission ¿¡¼­´Â, /home/duke µð·ºÅ丮¿¡ÀÇ ÆÄÀÏÀÇ ÀÐ°í ¾²±â¸¦, ½ÇÇàÇÏ´Â Äڵ忡 Çã°¡ÇÕ´Ï´Ù.

¾î´À Principal ·Î ¡¸½ÇÇࡹÇÏ·Á¸é , ÄÚµå·Î Subject.doAs(subject, ...) ¸Þ¼Òµå¸¦ È£ÃâÇÕ´Ï´Ù. ÀÌ ¸Þ¼Òµå¸¦ È£ÃâÇϸé(ÀÚ), ÁöÁ¤ÇÑ Subject ¿¡ °ü·ÃÁöÀ» ¼ö ÀÖ´ø ¸ðµç Principal ·Î ÄÚµå´Â ½ÇÇàµË´Ï´Ù. ÀÌ Policy ( ¹× ÀÌ Policy ¿¡ ºÎ¿©µÈ Permission)´Â,Subject.doAs ÀÇ È£Ãâ ÈÄ¿¡ À¯È¿ÇÏ°Ô µË´Ï´Ù.

1 °³ÀÇ grant ¿£Æ®¸®³»¿¡, º¹¼öÀÇ Principal ¸¦ ±â¼úÇÒ ¼ö ÀÖ½À´Ï´Ù. grant ¿£Æ®¸®³»·Î ÁöÁ¤µÈ ¸ðµç Principal °¡ Subject.doAs ¿¡°Ô °Ç³×Áö´Â Subject ¿¡ °ü·ÃÁöÀ» ¼ö ÀÖ°í ÀÖ´Â °æ¿ì¸¸, ÁöÁ¤µÈ Permissions °¡ ±× Subject ¿¡ ºÎ¿©µË´Ï´Ù.

	grant Principal com.sun.security.auth.SolarisPrincipal "duke",
	      Principal com.sun.security.auth.SolarisNumericUserPrincipal "0" {
	    permission java.io.FilePermission "/home/duke", "read, write";
	    permission java.net.SocketPermission "duke.com", "connect";
	};
ÀÌ ¿£Æ®¸®¿¡¼­´Â, duke ¿Í 0 ÀÇ ¾çÂÊ ¸ðµÎ·Î ½ÇÇàµÇ´Â Äڵ忡, duke ÀÇ È¨ µð·ºÅ丮³»ÀÇ ÆÄÀÏ¿¡ÀÇ ÀÐ°í ¾²±â ¾×¼¼½º±ÇÀ» ºÎ¿©ÇØ, ÇÑÃþ ´õ duke.com ¿¡ÀÇ ¼ÒÄÏ Á¢¼ÓÀ» ½Ç½ÃÇÒ ±Ç¸®¸¦ ºÎ¿©ÇÕ´Ï´Ù.

Principal º£À̽º°¡ ¾Æ´Ñ grant ¿£Æ®¸®´Â, ÀÌ Policy ¿¡¼­´Â Çã°¡µÇÁö ¾Ê½À´Ï´Ù. ±× ¶§¹®¿¡, ´ÙÀ½ÀÇ grant ¿£Æ®¸®´Â °ÅºÎµË´Ï´Ù.

	grant CodeBase "foo.com", Signedby "foo" {
	    permission java.io.FilePermission "/tmp/scratch", "read, write";
	};
ÀÌ·¯ÇÑ ¾×¼¼½º±ÇÀº java.security.Policy ¿¡ ±â¼úÇÒ Çʿ䰡 ÀÖ½À´Ï´Ù.

µðÆúÆ®ÀÇ Policy ½ÇÀåÀº, (Java ½ÃÅ¥·¯Æ¼ ÇÁ·ÓÆÛƼ ÆÄÀÏÀÇ) auth.policy.provider ½ÃÅ¥·¯Æ¼ ÇÁ·ÓÆÛƼ¿¡, Èñ¸ÁÇÏ´Â Policy ½ÇÀå Ŭ·¡½ºÀÇ ¿ÏÀü ÁöÁ¤¸íÀ» ¼³Á¤ÇÏ´Â °ÍÀ¸·Î½á º¯°æÇÒ ¼ö ÀÖ½À´Ï´Ù. Java ½ÃÅ¥·¯Æ¼ ÇÁ·ÓÆÛƼ ÆÄÀÏÀº, <JAVA_HOME>/lib/security/java.security ¶ó´Â À̸§ÀÇ ÆÄÀÏ¿¡ °Ý³³µÇ°í ÀÖ½À´Ï´Ù. ¿©±â¼­, <JAVA_HOME> ´Â JDK ÀÇ ÀνºÅçó µð·ºÅ丮¸¦ ³ªÅ¸³À´Ï´Ù.


constructor¡¡ ¡¡ ÀÇ °³¿ä
protected Policy ()
          À¯ÀÏÇÑ constructor¡¡ ¡¡.
 
¸Þ¼ÒµåÀÇ °³¿ä
abstract  java.security.PermissionCollection getPermissions (Subject  subject, java.security.CodeSource cs)
          ÁöÁ¤ÇÑ CodeSource ¿¡ °ü·ÃÁöÀ» ¼ö ÀÖ¾ú´ø Principal ¿¡ ºÎ¿©µÈ Permission ¸¦ ÃëµæÇÕ´Ï´Ù.
static Policy getPolicy ()
          ÀνºÅç ³¡³­ Policy ¿ÀºêÁ§Æ®¸¦ µ¹·ÁÁÝ´Ï´Ù.
abstract  void refresh ()
          Policy ÀÇ ¸®ÇÁ·¹½¬ ¹× Àç·Îµå¸¦ ½ÇÇàÇÕ´Ï´Ù.
static void setPolicy (Policy  policy)
          ½Ã½ºÅÛ ÀüüÀÇ Policy ¿ÀºêÁ§Æ®¸¦ ¼³Á¤ÇÕ´Ï´Ù.
 
Ŭ·¡½º java.lang.Object ·ÎºÎÅÍ °è½ÂÇÑ ¸Þ¼Òµå
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
 

constructor¡¡ ¡¡ ÀÇ »ó¼¼

Policy

protected Policy()
À¯ÀÏÇÑ constructor¡¡ ¡¡. (¼­ºê Ŭ·¡½ºÀÇ constructor¡¡ ¡¡ ¿¡ ÀÇÇÑ È£Ãâ¿ëÀ̸ç, Åë»óÀº ¾Ï¹¬ÀûÀ¸·Î ºÒ·Á °©´Ï´Ù. )
¸Þ¼ÒµåÀÇ »ó¼¼

getPolicy

public static Policy  getPolicy()
ÀνºÅç ³¡³­ Policy ¿ÀºêÁ§Æ®¸¦ µ¹·ÁÁÝ´Ï´Ù. ÀÌ ¸Þ¼Òµå´Â ÃÖÃÊ·Î AuthPermission("getPolicy") ¾×¼¼½º±ÇÀ» »ç¿ëÇØ SecurityManager.checkPermission ¸¦ È£ÃâÇØ, È£Ãâ Ãø¿¡ Policy ¿ÀºêÁ§Æ®¸¦ ÃëµæÇÒ ¼ö ÀÖ´Â ¾×¼¼½º±ÇÀÌ ÀÖ´ÂÁö ¾î¶²Áö¸¦ È®ÀÎÇÕ´Ï´Ù.

¹Ýȯ°ª:
ÀνºÅç ³¡³­ Policy. ¹Ýȯ°ªÀº null ¿©¼­´Â ¾È µÇ´Â
¿¹¿Ü:
java.lang.SecurityException - ÇöÀçÀÇ thread°¡ Policy ¿ÀºêÁ§Æ®¸¦ ÃëµæÇÏ´Â ¾×¼¼½º±ÇÀ» °¡ÁöÁö ¾Ê´Â °æ¿ì

setPolicy

public static void setPolicy(Policy  policy)
½Ã½ºÅÛ ÀüüÀÇ Policy ¿ÀºêÁ§Æ®¸¦ ¼³Á¤ÇÕ´Ï´Ù. ÀÌ ¸Þ¼Òµå´Â ÃÖÃÊ·Î AuthPermission("setPolicy") ¾×¼¼½º±ÇÀ» »ç¿ëÇØ SecurityManager.checkPermission ¸¦ È£ÃâÇØ, È£Ãâ Ãø¿¡ Policy ¸¦ ¼³Á¤ÇÏ´Â ¾×¼¼½º±ÇÀÌ ÀÖ´ÂÁö ¾î¶²Áö¸¦ È®ÀÎÇÕ´Ï´Ù.

ÆÄ¶ó¹ÌÅÍ:
policy - ½Å±Ô ½Ã½ºÅÛ Policy ¿ÀºêÁ§Æ®
¿¹¿Ü:
java.lang.SecurityException - ÇöÀçÀÇ thread°¡ Policy ¸¦ ¼³Á¤ÇÏ´Â ¾×¼¼½º±ÇÀ» °¡ÁöÁö ¾Ê´Â °æ¿ì

getPermissions

public abstract java.security.PermissionCollection getPermissions(Subject  subject,
                                                                  java.security.CodeSource cs)
ÁöÁ¤ÇÑ CodeSource ¿¡ °ü·ÃÁöÀ» ¼ö ÀÖ¾ú´ø Principal ¿¡ ºÎ¿©µÈ Permission ¸¦ ÃëµæÇÕ´Ï´Ù.

ÆÄ¶ó¹ÌÅÍ:
subject - Subject. Subject ¿¡ °ü·ÃÁöÀ» ¼ö ÀÖ¾ú´ø Principal ´Â, ÁöÁ¤ÇÑ CodeSource ¿Í ÇÔ²², ÀÌ ¸Þ¼Òµå°¡ µ¹·ÁÁÖ´Â Permission ¸¦ °áÁ¤Çϴµ¥ »ç¿ëµÈ´Ù. ÀÌ ÆÄ¶ó¹ÌÅÍ´Â null µµ °¡´É

cs - CodeSource °¡ ÁöÁ¤ÇÑ ÄÚµå. CodeSource ´Â, ÁöÁ¤ÇÑ Subject ¿Í ÇÔ²², ÀÌ ¸Þ¼Òµå°¡ µ¹·ÁÁÖ´Â Permission ¸¦ °áÁ¤Çϴµ¥ »ç¿ëµÈ´Ù. ÀÌ ÆÄ¶ó¹ÌÅÍ´Â null µµ °¡´É
¹Ýȯ°ª:
subject ¹× cs ÆÄ¶ó¹ÌÅÍ·Î ÁöÁ¤µÈ ¸ðµç Subject ¹× Äڵ忡 ºÎ¿©µÈ Permission ÀÇ Collection

refresh

public abstract void refresh()
Policy ÀÇ ¸®ÇÁ·¹½¬ ¹× Àç·Îµå¸¦ ½ÇÇàÇÕ´Ï´Ù.

ÀÌ ¸Þ¼Òµå´Â, ÀÌ ¿ÀºêÁ§Æ®¿¡, ÇöÀçÀÇ Æú¸®½ÃÀÇ ¸®ÇÁ·¹½¬³ª Àç·Îµå¸¦ ½Ç½ÃÇÏ°Ô ÇÕ´Ï´Ù. À̰ÍÀº ½ÇÀå¿¡ ÀÇÁ¸ÇÕ´Ï´Ù. ¿¹¸¦ µé¾î Policy ¿ÀºêÁ§Æ®°¡ ÆÄÀÏ¿¡ °Ý³³µÇ°í ÀÖ´Â °æ¿ì,refresh ¸¦ È£ÃâÇϸé(ÀÚ), ÆÄÀÏÀÌ Çѹø ´õ ÀоÁö°Ô µË´Ï´Ù.

¿¹¿Ü:
java.lang.SecurityException - È£Ãâ Ãø¿¡, Policy ¸¦ ¸®ÇÁ·¹½¬ ÇÏ´Â ¾×¼¼½º±ÇÀÌ ¾ø´Â °æ¿ì


Copyright 2002 Sun Microsystems, Inc. All rights reserved.
»ç¿ë¿¡´Â»ç¿ë Çã¶ô °è¾àÀÌ Àû¿ëµË´Ï´Ù.