Class SecurityAgent

java.lang.Object
org.cojen.boxtin.SecurityAgent

public final class SecurityAgent extends Object
The SecurityAgent is an instrumentation agent which transforms classes such that access checks are enforced. For operations which are denied, a SecurityException is thrown at runtime.

The agent can be launched with a custom Controller as follows:

 java -javaagent:Boxtin.jar=my.app.SecurityController ...
 

If the controller is specified as "default", then a default one is selected which only allows limited access to the java.base module.

The controller must have a public constructor which has no arguments, or it must have a public constructor which accepts a single String argument. To supply a string value, append it after the controller name:

 java -javaagent:Boxtin.jar=my.app.SecurityController=custom.value ...
 

If no controller is specified, then the activate method must be called later, preferably from the main method.

  • Method Details

    • activate

      public static void activate(Controller controller)
      Activate the security agent if not already done so. Activation should be done as early as possible, because some classes which have already been loaded might not be transformable.
      Parameters:
      controller - if null, a default one is used which only allows limited access to the java.base module
      Throws:
      IllegalStateException - if the SecurityAgent wasn't loaded
      SecurityException - if already activated
    • isActivated

      public static boolean isActivated()
      Returns true if a call to activate succeeded. Once activated, the security agent cannot be deactivated.