What to do with a Permission object once it has been created

Question

I need to grant some java.io.FilePermissions to a couple of directories. These directories are fetched from a database table so i don't really want to have these particular permissions set in a policy file.

I have the following code in my application:

FilePermission permission1 = new FilePermission(inputDir+File.separatorChar+"*", "read, write");
FilePermission permission2 = new FilePermission(processDir+File.separatorChar+"*", "read, write");

But when my application attempts to move a file from inputDir to processDir I continue to get a java.security.AccessControlException.

So i'm wondering if i have to "register" these permission objects somewhere or somehow?

Answer 1

So i ended up extending the Policy and PermissionCollection classes and at the beginning of my program i made a call to Policy.setPolicy(). Essentially this gives you an in-code way of setting some policies. I don't know if it's useful in general but it's useful to me because i would like to grant java.io.FilePermission to specific directories that may change over time.

Anyway, here is some code to demonstrate what i did:

public class AwesomePolicy extends Policy {
    private PermissionCollection myPermissions;
    private List<Path> inputPaths;
    private List<Path> processPaths;

    public AwesomePolicy(List<Path> inputPaths, List<Path> processPaths){
        this.inputPaths=inputPaths;     // shallow copy
        this.processPaths=processPaths; // shallow copy
        myPermissions = new AwesomePermissionCollection();
        populateAwesomePermissionCollection();
    }

    @Override
    public PermissionCollection getPermissions(CodeSource codesource){
    return permissions;
    }

    private void populateAwesomePermissionCollection(){
        for(Path p : inputPaths){
            myPermissions.add(new FilePermission(p.toString() + File.separatorChar + "*", "read, write");

        for(Path p: processPaths){
            myPermissions.add(new FilePermission(p.toString() + File.separatorChar + "*", "read, write");
    }
  }
}


public AwesomePermissionCollection extends PermissionCollection{

     private static final long serialVersionUID = -7456927975079431927L;

     List<Permission> myPermissions = new ArrayList<Permission>();

    @Override
    public void add(Permission p){
        myPermissions.add(p);
    }

    @Override
    public Enumeration<Permission> elements(){
        return Collections.enumeration(myPermissions);
    }

    @Override
    public boolean implies(Permission permission){
        for(Permission p: myPermissions){
            if(p.implies(permission)){
                return true; 
            }
        }
            return false;
    }
}

and then in my main program i just did Policy.setPolicy(new AwesomePolicy(inputPaths, processPaths)); where inputPaths and processPaths were first fetched from a database table.