To inspect a component’s security permissions, use the following rhino-console command or related MBean operation.

Note The security permissions for a component may be shared with multiple other components. For example, SBBs in the same jar may share their permissions.

Console command: getsecuritypolicy

Command

getsecuritypolicy (<ComponentID> | <LibraryID> [jarname]) [true|false]
  Description
    Returns the security policy associated with the specified ComponentID. The
    optional 'jarname' argument can be used to specify a nested library jar for
    LibraryIDs. The original policy will be returned if the final argument is
    'true'.

Example

To list the security permissions for the SIP resource adaptor:

./rhino-console getsecuritypolicy ResourceAdaptorID[name=OCSIP,vendor=OpenCloud,version=2.3.1]
grant {
  permission java.util.PropertyPermission "opencloud.sip.*", "read";
  permission java.io.FilePermission "/etc/resolv.conf", "read";
  permission java.net.SocketPermission "*", "resolve";
  permission java.net.SocketPermission "*:1024-", "listen,resolve";
  permission java.net.SocketPermission "*:1024-", "accept,connect";
  permission java.lang.RuntimePermission "modifyThread";
  permission java.io.FilePermission "sip-ra-ssl.truststore", "read";
  permission java.util.PropertyPermission "javax.sip.*", "read";
  permission java.io.FilePermission "sip-ra-ssl.keystore", "read";
  permission java.net.SocketPermission "*:53", "connect,accept";
};

MBean operation: getSecurityPolicy

MBean

Rhino operation

public String getSecurityPolicy(ComponentID id, String subId, boolean original)
    throws NullPointerException, UnrecognizedComponentException,
           IllegalArgumentException, ManagementException;

This operation returns the security permissions associated with a component.

Previous page Next page
Rhino Version 2.6.1