Name

AccessController

Synopsis

The static methods of this class implement the default access-control mechanism as of Java 1.2. checkPermission( ) traverses the call stack of the current thread and checks whether all classes in the call stack have the requested permission. If so, checkPermission( ) returns, and the operation can proceed. If not, checkPermission( ) throws an AccessControlException. As of Java 1.2, the checkPermission( ) method of the default java.lang.SecurityManager calls AccessController.checkPermission( ). System-level code that needs to perform an access check should invoke the SecurityManager method rather than calling the AccessController method directly. Unless you are writing system-level code that must control access to system resources, you never need to use this class or the SecurityManager.checkPermission( ) method.

The various doPrivileged( ) methods run blocks of privileged code encapsulated in a PrivilegedAction or PrivilegedExceptionAction object. When checkPermission( ) is traversing the call stack of a thread, it stops if it reaches a privileged block that was executed with doPrivileged( ). This means that privileged code can run with a full set of privileges, even if it was invoked by untrusted or lower-privileged code. See PrivilegedAction for more details.

The getContext( ) method returns an AccessControlContext that represents the current security context of the caller. Such a context might be saved and passed to a future call (perhaps a call ...

Get Java in a Nutshell, 5th Edition now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.