Class Marshaling - a mobile code on the tip of your finger
POJO State - observe everything everywhere
Fikin Ant Tasks - a directory of wonderful libraries
Donate to this project Statistics of this project RSS feeds of this project
Java ContainerThis library makes creation of execution containers for your application very easy and painless.
All source code is released under : Apache License V2
Latest release and changes : WHATSNEW
Installation instructions : INSTALL
If you feel generous, donate and be honored forever : Donate
If you feel like business, sign up a maintenance contract and be privileged : Sign-Up
If you feel cool, buy a t-shirt and make a statement : T-shirt
If you feel like hacking, send me a patch : Submit patch
If you feel nothing like it don't panic, drink water and hangover will soon be over
Executing Java code in constrained environment is relatively straight forward task using Java Security API. It actually boils down to two thinks:
Java Applets and Java WebStart are two great examples of running code in constrained environment. But both are separate executable binaries, they are not
In order to get normal Java applications operate in constrained environment one has to enable the security manager
But these permissions are global i.e. they will be valid for any code running within that same JVM.
Now, how about if you have some unknown code you want to run from your application?
Apparently the code should be executed in a constrained environment (in order to protect yourself).
Security manager would allow you to do that. This is the easy part.
The problem comes with the assembling of permission sets. You'd have to do that manually.
Why? Because there is no interface able to read policy files at your disposal.
The only available is built-in in Sun's security framework and there is no publicly available interface.
For addressing this and few more problems, this library is.
Using the library is rather straight forward:
Passing different codebase
would result in executing
In order to
Container objects are abstracting execution of custom code in a constrained environment. The exact set of permissions is defined during their instantiation.
ContainerFactory objects are abstracting creation of
Typically they are instantiated with an input policy file, outlining all permission sets one would need.
One can instantiate a varying set of
. Actual rules how these permissions will vary depends on the particular
Currently available are
PolicyParser objects are abstracting parsing of various policy-file formats.
As Java Security Policy file format presumably would not be the only one file format to express policy rules, implementing this interface would integrate it within the library.
Currently available is
©2006-2007 Nikolay Fiykov