Permissions
The
basic entity that the access
controller operates on
is a permission object -- an instance of the
Permission
class
(java.security.Permission
). This class, of
course, is the basis of the types that are listed in a policy file
for the default security policy. The Permission
class itself is an abstract class that represents a particular
operation. The nomenclature here is a little misleading because a
permission object can reflect two things. When it is associated with
a class (through a code source and a protection domain), a permission
object represents an actual permission that has been granted to that
class. Otherwise, a permission object allows us to ask if we have a
specific permission.
For example, if we construct a permission object that represents access to a file, possession of that object does not mean we have permission to access the file. Rather, possession of the object allows us to ask if we have permission to access the file.
An instance of the Permission
class represents
one specific permission. A set of permissions -- e.g., all the
permissions that are given to classes signed by a particular
individual -- is represented by an instance of the
Permissions
class
(java.security.Permissions
). We’ve seen
how administrators use the class in order to modify security
policies; now we’ll look into the programming behind this
class, including defining your own permission classes.
The Permission Class
Recall that permissions have three properties: a type, a ...
Get Java Security, 2nd Edition now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.