Using Policy-Based Security
In JDK 1.0 and 1.1, security in terms of use of system resources was governed by the java.lang.SecurityManager class. Fundamental to the SecurityManager class and policy-based permissions as well is the principle that if a right is not expressly granted, your code does not have it. The SecurityManager class consists of several methods, mostly checkxxx, where xxx is the name of some operation that could adversely affect a host's data, such as checkRead() and checkWrite(). When you tried an operation that might be a security violation, Java called the appropriate SecurityManager method to see if it was okay to allow you to perform the operation. For example, this constructor call in an applet running in a Web browser: ...
Get PURE Java™ 2 now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
