5.5. Assigning Permissions
Previous sections covered the basics of security policy, code source, and the Permission class hierarchy. This section discusses how permissions are computed for running code.
When loading a new class, the class loader assigns the class to its ProtectionDomain. The ProtectionDomain encapsulates the class characteristics, such as location and signers, and the static permissions granted to the specified code, as described in Section 5.3.
Permissions may be granted to a class before the class loader completes the class definition, but it is perfectly legitimate to delay the instantiation of the granted permissions until a security check occurs. This optimization allows a Java application that does not call for security ...
Get Inside Java™ 2 Platform Security: Architecture, API Design, and Implementation, Second Edition now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
