Implementing Your Own Permission |
TheHighScore
class stores and protects access to the user's high score forTerrysGame
(and any other games that call it). For simplicity, this class saves the high score value into a file, called.highscore
, in the user's home directory. However, before allowingTerrysGame
to retrieve or update the user's high score value, this class checks to make sure that the user has grantedTerrysGame
permission to access the high score in his/her security policy file.Checking that
TerrysGame
has the HighScorePermissionTo check whether or notTerrysGame
has permission to access the user's high score, theHighScore
class must:Here is the code:
- Call
System.getSecurityManager()
to get the currently installed security manager.
- If the result is not null (i.e., there is a security manager, as opposed to the caller being an application that is unrestricted), then
- Construct a
HighScorePermission
object, and
- Call the security manager's
checkPermission
method, and pass it the newly constructedHighScorePermission
object.SecurityManager sm = System.getSecurityManager(); if (sm != null) { sm.checkPermission(new HighScorePermission(gameName)); }ThecheckPermission
method essentially asks the security manager ifTerrysGame
has the specifiedHighScorePermission
. In other words, it asks the security manager ifTerrysGame
has permission to update the user's high score value for the specified game (TerrysGame
). The underlying security framework will consult the user's security policy to see ifTerrysGame
indeed has this permission.The HighScore Code
Here is the complete source code for the
HighScore
class.Note: The
doPrivileged
method calls are used to enableHighScore
to temporarily access resources that are available to it but that are not available to the code that calls it (TerrysGame
). For example, it is expected that the policy file will grantHighScore
permission to access the.highscore
file in the user's home directory, but it will not grant this permission to games, such asTerrysGame
. For more information about the use ofdoPrivileged
methods, see New Privileged Block API on the publicjava.sun.com
web site.
Implementing Your Own Permission