Implementing Your Own Permission

Steps for a User Running TerrysGame (Kim)

The steps a user, such as Kim, would take, are:

Import the Certificates as Trusted Certificates

keytool -import -alias chris -file Chris.cer -keystore kim.keystore
keytool -import -alias terry -file Terry.cer -keystore kim.keystore

Set Up a Policy File With the Required Permissions

Here's the complete kim.policy policy file, as described in A Sample Policy File.

Run TerrysGame

To set the high score:

java -Djava.security.manager -Djava.security.policy=kim.policy
 -classpath hs.jar;terry.jar TerrysGame set 456

To get the high score:

java -Djava.security.manager -Djava.security.policy=kim.policy
 -classpath hs.jar;terry.jar TerrysGame get

Notes:

• If you don't specify -Djava.security.manager, the application will run unrestricted (policy files and permissions won't be checked).

• The -Djava.security.policy=kim.policy tells where the policy file is. Note: There are other ways of specifying the policy file. For example, you can add an entry in the security properties file that specifies the inclusion of kim.policy, as discussed at the end of the Quick Tour lesson.

• -classpath hs.jar;terry.jar specifies the JAR files that contain the class files needed.

• the policy file kim.policy specifies the keystore kim.keystore. Since it does not provide an absolute URL location for the keystore, the keystore is assumed to be in the same directory as the policy file.

Implementing Your Own Permission