The CodeSource Class

A code source is a simple object that reflects the URL from which a class was loaded and the keys (if any) that were used to sign that class. Class loaders are responsible for creating and manipulating code source objects, as we’ll see in the next chapter.

The CodeSource class (java.security.CodeSource ) has a few interesting methods:

public CodeSource(URL url, Certificate cers[])

Create a code source object for code that has been loaded from the specified URL. The optional array of certificates is the array of public keys that have signed the code that was loaded from this URL. These certificates are typically obtained from reading a signed jar file; if the code was not signed, this argument should be null. Similarly, the URL may be null.

public boolean equals(Object o)

Two code source objects are considered equal if they were loaded from the same URL (that is, the equals( ) method for the URL of the objects returns true) and the array of certificates is equal (that is, a comparison of each certificate in the array of certificates will return true).

public final URL getLocation( )

Return the URL that was passed to the constructor of this object.

public final Certificate[] getCertificates( )

Return a copy of the array of certificates that was used to construct this code source object. The original certificates are not returned so that they cannot be modified accidentally (or maliciously).

public boolean implies(CodeSource cs)

Determine if the code source implies ...

Get Java Security, 2nd Edition now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial