Class SecurityAgent

java.lang.Object

org.cojen.boxtin.SecurityAgent

public final class SecurityAgent
extends Object

The SecurityAgent is an instrumentation agent which transforms classes such that access checks are enforced. As a result of these transformations, calling a denied operation throws a SecurityException, or it can perform a specific action.

The agent can be launched with a custom Controller as follows:

java -javaagent:Boxtin.jar=my.app.SecurityController ...

If the controller is specified as "default", then a default one is selected which only allows limited access to the java.base module.

The controller must have a public constructor which has no arguments, or it must have a public constructor which accepts a single String argument. To supply a string value, append it after the controller name:

java -javaagent:Boxtin.jar=my.app.SecurityController=custom.value ...

If no controller is specified, then the activate method must be called later, preferably from the main method.

Method Summary

Modifier and Type	Method	Description
static void	activate(Controller controller)	Activate the security agent if not already done so.
static boolean	isActivated()	Returns true if a call to activate succeeded.

Methods inherited from class Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Method Details

activate

public static void activate(Controller controller)

Activate the security agent if not already done so. Activation should be done as early as possible, because some classes which have already been loaded might not be transformable.

Parameters:

controller - if null, a default one is used which only allows limited access to the java.base module

Throws:

IllegalStateException - if the SecurityAgent wasn't loaded

SecurityException - if already activated

isActivated

public static boolean isActivated()

Returns true if a call to activate succeeded. Once activated, the security agent cannot be deactivated.