download the
code
The current (JDK1.3) reference implementation uses a custom text file format for
policy files. This format is tricky to get correct, and the GUI front end
(policytool) is clunky. It would be much better to have an XML format for
policies, so that they could be edited, manipulated, and validated by the large
number of XML tools.
My first cut at this was to write a version that used XSLT to transform an XML policy into the one expected by the reference implementation. (Just wanted to see it work). You can still see the source files from this in the old folder.
The current version is written "from scratch" and does not use the reference implementation. As such, it is free for use on your projects (once the kinks are worked out). I will be taking this open source before the end of 2000, to get involved subscribe to the Java-Security mailing list.
To play with the transform you will need an XSLT processor. I used xerces and xalan, from http://xml.apache.org/. To build the project, I use Ant, also available from Apache. The unit test code uses JUnit 3.2, available at http://www.junit.org.
To get started, take a look at the XML files in the policy folder. These are representative of the schema that will be used; I am waiting for outside review before I finalize and document the schema. Then, try running the unit tests from the build folder. (You will have to modify the scripts to match your classpath and bootclasspath locations.) The TestPolicyOn.cmd script exercises the code without actually installing the Policy object. The TestPolicyOn.cmd script expects the Policy to be installed. To do this, you will need to edit your java.security file like this:
#
# Class to instantiate as the system Policy. This is the name of the class
# that will be used as the Policy object.
#
#policy.provider=sun.security.provider.PolicyFile
policy.provider=com.develop.policyxml.PolicyXML
JSex is open source, subject to the following license.
Stuart Halloway
11/10/2000