- Forward


An HTTP Server that uses Access Control
A Simple Network Application in Java


Prof. David Bernstein
James Madison University

Computer Science Department
bernstdh@jmu.edu

Print

Comments on our Current Design
Back Forward
  • GET Requests:
    • The URI can include almost anything (including things like ..)
  • The Problem:
    • The server will GET any file in the file system
  • Fixing the Problem:
    • Use Java's access control system
Setting the SecurityManager
Back Forward
javaexamples/http/v2s/HttpServer.java (Fragment: main)
 
Using the SecurityManager
Back Forward
javaexamples/http/v2s/HttpConnectionHandler.java (Fragment: doGet)
 
The Policy File
Back Forward
javaexamples/http/v2s/http.policy.txt
 
There's Always More to Learn
Back -