restricting package access in loaded code

[Graham Matthews]

Hi

I am writing an app which has a plugin architecture. I have split my apps
classes into two packages, core and sdk. Plugins that other people write
are welcome to use the classes in the sdk package, but should not use
the classes in the core package.

At present someone can write a plugin and declare it to be in package
core, and hence access code that I do not wish them to access.

So how do I enforce this separation? I have been looking at the
security manager class, and the checkPackageAccess() and
checkPackageDefinition() methods. But it's all kinda mysterious and
I haven't made much progress.

Can anyone point me at a resource to show me how to dynamically
restrict package access in the way I wish.

thanks
graham

 

[Chris Smith]

At present someone can write a plugin and declare it to be in package
core, and hence access code that I do not wish them to access.

So how do I enforce this separation? I have been looking at the
security manager class, and the checkPackageAccess() and
checkPackageDefinition() methods. But it's all kinda mysterious and
I haven't made much progress.

Google for sealed packages. That does exactly what you want. You can
seal the core package to prevent additional classes from being added.

--
www.designacourse.com
The Easiest Way to Train Anyone... Anywhere.

Chris Smith - Lead Software Developer/Technical Trainer
MindIQ Corporation

 

[rio]

Hi Graham,

Did you find a way to solve your problem. I think I have the same
question here. Imo Chris went 2 steps ahead by advising his solution.

What my problem is that I want to restrict certain packages (imported ones)
to access any(also public) methods or members of classes than run within
the same JVM.

Is that possible? How? You have any code snappets?

Thx