My "deny all" policy does not cause SecurityException in Eclipse RCP part. But works properly in plain java class test — checkPermission throws SecurityException.
I'm using custom policy with implies method. It denies all subjects that have any principal. Check is done inside doAs in some RCP ViewPart.
ViewPart. Settings my policy, creating subject with principal, running doAs for that subject and checking permission:
public class MyPart extends ViewPart {
public void createPartControl(Composite parent) {
Policy.setPolicy(new MyPolicy());
Subject subject = new Subject();
subject.getPrincipals().add(new Principal() {
public String getName() {
return "MyPrincipal";
}
});
Subject.doAs(subject, new PrivilegedAction<Object>() {
@Override
public Object run() {
try {
AccessController.checkPermission(new MyPerm("abc"));
}
catch(SecurityException e) {
e.printStackTrace();
}
return null;
}
});
}
}
Policy. Policy that denies all actions for subjects with principal:
public class MyPolicy extends java.security.Policy {
public boolean implies(ProtectionDomain domain, Permission permission) {
if (domain.getPrincipals().length == 0) {
//not inside of doAs
return true;
}
System.out.println("deny all");
return false;
}
}
Simple permission for test:
public class MyPerm extends Permission {
public MyPerm(String name) {
super(name);
}
public boolean implies(Permission permission) {
return false;
}
public boolean equals(Object o) {
return false;
}
public int hashCode() {
return 0;
}
public String getActions() {
return null;
}
}
Both in plain java class test and in Eclipse RCP, I can see "deny all" string in console. So, my policy is applied in both cases.