Java Reference
In-Depth Information
23.5. Security
Security is a very complex issue and a full discussion of it is well beyond
the scope of this topic you can read
Inside Java
™
2 Platform Security
,
Se-
cond Edition,
a companion book in this series, for all the details. What we
can do, however, is provide an overview of the security architecture and
some of its key components. Information on other aspects of security
is given in "
java.security and Related Packages Security Tools
"
on page
To perform a security-checked operation you must have
permission
to
perform that operation. Together, all permissions in a system and the
way in which they are assigned define the
security policy
for that system.
A
protection domain
encloses a set of classes whose instances are gran-
ted the same set of permissions and that all come from the same
code
source.
Protection domains are established via the class loading mechan-
ism. To enable the security policy of a system and activate the protection
domains, you need to install a
security manager.
[2]
[2]
Some virtual machines allow a startup argument that causes a default security manager to be created
and installed. For example, using the
JDK
™
5.0 you define the system property
java.security.manager
by passing the argument
-Djava.security.manager
to the
java
command.
The classes and interfaces used for security are spread across a number
of packages so we use the fully qualified name the first time we introduce
a specific class or interface.
23.5.1. The
SecurityManager
Class
The
java.lang.SecurityManager
class allows applications to implement a
security policy by determining, before performing a possibly unsafe or
sensitive operation, whether it is being attempted in a security context
that allows the operation to be performed. The application can then allow
or disallow the operation.