The Policy-Based Security Model
Prior to the Java 2 SDK, the primary means of providing security in Java was through the SecurityManager class. Anyone who has run an applet in a browser has seen the SecurityManager class at work. By default, the SecurityManager class allows no interaction with client system resources or connections with other systems except the server that the applet was downloaded from.
Its methods consist of checkxxx methods where read, write, loadLibrary, and so on replace the xxx. If the method returns false, which is the default behavior, the operation is not allowed. In general, browsers take the default form of the SecurityManager class or modify the behavior just a little bit. That forces unsigned applets to run inside ...
Get PURE Java™ 2 now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
