Java Reference
In-Depth Information
AccessController.doPrivileged(
PrivilegedAction,
AccessControlContext,
java.security.Permission varargs);
The first argument is the same as the standard
AccessControl-
ler.doPrivileged
, which is a
PrivilegedAction
. The
PrivilegedAc-
tion
can be in the format of a class or a lambda expression. In the recipe example, a
lambda expression is the first argument. In either case, the class or lambda must imple-
ment the
PrivilegedAction
functional interface, which contains the
run()
method. The
run()
method returns a value, and this example simply returns a null
since there is no relevant value to return.
The second argument is an
AccessControlContext
object, which can be used
to perform an additional security check. The
AccessControlContext
instance
can be obtained by calling on the
AccessControlContext.getInstance()
from a particular calling context. In the example, null is specified, which indicates that
no additional security check is required.
The third argument is a
varargs
parameter that's used to specify the type of per-
mission to be granted. The argument accepts one or more
Permission
objects or an
array of
Permission
objects.
The new
AccessController.doPrivileged
method can be used to indic-
ate least privilege or more privilege for the task at hand. This method provides a secure
way to allow an application running with standard permissions to execute tasks using a
lesser or higher set of permissions. To learn more about this feature, take a look at the
online documentation at
http://docs.oracle.com/javase/8/docs/
22-2.
Indicating
a
Server
Name
for
Handshaking
Problem
You want to verify a server name to ensure that it is valid prior to initiating an SSL
connection with the server.