ajanta.server
Class AjantaSecurityManager

java.lang.Object
  |
  +--java.lang.SecurityManager
        |
        +--java.rmi.RMISecurityManager
              |
              +--ajanta.server.AjantaSecurityManager

public class AjantaSecurityManager
extends java.rmi.RMISecurityManager

A security manager derived from the restrictive RMI security manager Java's RMISecurityManager class provides an implementation of the security manager suitable for controlling accesses by remote code. It denies all access to local resources to any code which is loaded from a remote source, such as the machine hosting the client of an RMI call. We needed a more relaxed security policy, so as to allow agents to operate effectively, and yet not cause damage to the server's resources. AjantaSecurityManager} by extending the RMISecurityManager and by overriding some of its methods, allowed agents to access some system-level resources that would otherwise be denied to them. For example, by overriding the {\tt checkConnect} method, we allow agents to open connections to other machines. However, AjantaSecurityManager can imposes restrictions on which machines can be connected to, based on its security policy. It can also keep track of how many ports a single agent has opened, and can impose limits on this number, so as to prevent a denial of service attack ( will be supported in future releases). checkRead and checkWrite methods deny read and write access to files according to ACL based on owner of agent.


Field Summary
 
Fields inherited from class java.lang.SecurityManager
inCheck
 
Constructor Summary
AjantaSecurityManager(java.util.Hashtable dd, ajanta.naming.URN user)
           
 
Method Summary
 void setAcl(java.lang.String root_path)
          Set the path of the .acl file which is for creating ACL used for readAccess and writeAccess
 void setNameRegistry(ajanta.server.NRAccess namereg)
          Set the NRAcess interface for the Security Manager
 
Methods inherited from class java.lang.SecurityManager
checkAccept, checkAccess, checkAccess, checkAwtEventQueueAccess, checkConnect, checkConnect, checkCreateClassLoader, checkDelete, checkExec, checkExit, checkLink, checkListen, checkMemberAccess, checkMulticast, checkMulticast, checkPackageAccess, checkPackageDefinition, checkPermission, checkPermission, checkPrintJobAccess, checkPropertiesAccess, checkPropertyAccess, checkRead, checkRead, checkRead, checkSecurityAccess, checkSetFactory, checkSystemClipboardAccess, checkTopLevelWindow, checkWrite, checkWrite, classDepth, classLoaderDepth, currentClassLoader, currentLoadedClass, getClassContext, getInCheck, getSecurityContext, getThreadGroup, inClass, inClassLoader
 
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
 

Constructor Detail

AjantaSecurityManager

public AjantaSecurityManager(java.util.Hashtable dd,
                             ajanta.naming.URN user)
Parameters:
dd - reference to the domain database of the agent server
user - URN of the owner of the agent server
Method Detail

setAcl

public void setAcl(java.lang.String root_path)
Set the path of the .acl file which is for creating ACL used for readAccess and writeAccess

Parameters:
root_path - full path sting for the .acl file

setNameRegistry

public void setNameRegistry(ajanta.server.NRAccess namereg)
Set the NRAcess interface for the Security Manager

Parameters:
namereg - reference to the NRAccess field of agent server