The J2SE Security Model
Java bytecode running within a JVM can potentially perform malicious acts. Because of this, all code must run under the auspices of a security manager—which every JVM includes. The security manager provides highly granular control over what code can and cannot do. Although most applications run under the default security manager, the J2SE specification allows for customized security managers to be implemented and executed within the JVM.
Security managers must be told how to control access to restricted resources. This is accomplished with a security policy file. When the JVM is started, command-line options allow the use of a custom security manager and policy file. If no policy file is specified, the default policy file ...
Get BEA WebLogic Server™ 8.1 Unleashed now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
