当从未签名的 Javascript 调用时,如何获得签名的 Java Applet 来执行特权操作?
签名的 Java Applet 具有与客户端上运行的普通 Java 应用程序相同的安全许可。 对于特定项目,我需要这些权限,并且我需要通过 JavaScript 调用执行特权操作。
现在的问题是,至少对于 Ubuntu 中的 Firefox 3(目标浏览器和平台)来说,当通过未签名的 JavaScript 调用 applet 方法时,它会失去其特殊权限。 由于无法选择对 JavaScript 进行签名,因此我需要一种方法来解决此限制。
实现此目的的一种方法是在小程序启动时创建一个线程,并在主线程收到 JavaScript 调用时调用该线程上的方法。 我已经实现了这个想法的工作原型,但我发现它有点笨拙,因为它使用了太多反射,并且不像我想要的那样易于重用。
有没有一种通用的标准方法来完成我想做的事情? 而且,如果我的想法是正确的方法,您将如何以可重用的方式实现它? 我想要实现的是一个框架,允许这种“在特权线程中运行方法”的东西用于各种对象。 理想的乌托邦解决方案是这样的:
// when the applet starts-up
PrivilegedExecuter priv = new PrivilegedExecuter(myObject); //or MyClass.class
// ...
// inside a JavaScript-called method (myObject has myMethod)
priv.myMethod(); // myMethod is run synchronously in a privileged thread
Signed Java Applets have the same security clearance as a normal Java application running on the client. For a particular project, I need these permissions, and I need to perform privileged operations as a result of a JavaScript call.
Now, the problem is that, at least for Firefox 3 in Ubuntu (target browser and platform), when an applet method is invoked through unsigned JavaScript it loses its special permissions. As signing the JavaScript is not an option, I need a way to work around this restriction.
One way to achieve this is to create a thread when the applet starts, and call methods on that thread whenever the main thread receives the JavaScript calls. I have implemented a working prototype of that idea, but I have found it a bit clumsy, because it uses too much reflection and isn't as easily reusable as I would have wanted.
Is there a common, standard way of doing what I'm trying to do? And, if my idea is the right way to go, how would you go about implementing it in a reusable way? What I'm trying to achieve is a framework that allows this "running-methods-in-a-privileg-thread" thing to be used for a variety of objects. The ideal, utopic solution would be something like:
// when the applet starts-up
PrivilegedExecuter priv = new PrivilegedExecuter(myObject); //or MyClass.class
// ...
// inside a JavaScript-called method (myObject has myMethod)
priv.myMethod(); // myMethod is run synchronously in a privileged thread
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(2)
使用 java.security.AccessController 类。
doPrivilegedAction 和 doPrivilegedExceptionAction 可以完全满足您的需要。
例如:
AccessController.doPrivileged(new PrivilegedAction() { public Object run() { .. do something that only works with signed applets .. } });Use the java.security.AccessController class.
There is a doPrivilegedAction and doPrivilegedExceptionAction that do exactly what you need.
For example:
AccessController.doPrivileged(new PrivilegedAction() { public Object run() { .. do something that only works with signed applets .. } });值得补充的是:使您的 privaction'd run() 方法尽可能小且独立。 显然,您可以让您签名的小程序的 init() 方法调用一个特权
run(),而后者又执行实际的小程序,但这只是乞求被滥用、意外误用或彻底利用。此外,签名小程序在被 JavaScript 调用时会失去其特殊权限,这一事实并不特定于特定的浏览器或平台。 无论何时何地,情况就是如此。
It's worth adding: make your privaction'd
run()method as small and self-contained as possible. Obviously you could just have your signed applet's init() method call a privilegedrun()which in turn does the actual applet, but that's just begging to be abused, misused accidentally, or outright exploited.Also, the fact that signed applets lose their special permissions when called by JavaScript is not specific to a particular browser or platform. That's just how it is, everywhere, all the time.