Java Reference
In-Depth Information
The
SecurityManager
class contains many methods with names that begin
with the word "check." These methods are called by various methods
in the standard libraries before those methods perform certain poten-
tially sensitive operations, such as accessing files, creating and con-
trolling threads, creating class loaders, performing some forms of re-
flection, and controlling security itself. The invocation of such a check
method typically looks like this:
SecurityManager security = System.getSecurityManager();
if (security != null) {
security.check
XXX
(...);
}
The security manager is given an opportunity to prevent completion
of the operation by throwing an exception. A security manager routine
simply returns if the operation is permitted but throws a
SecurityExcep-
tion
if the operation is not permitted.
You can get and set the security manager with methods of the
System
class:
public static void
setSecurityManager(SecurityManager s)
Sets the system security manager object. If a security man-
ager already exists this new manager will replace it, provided
the existing manager supports replacement and you have
permission to replace it; otherwise, a
SecurityException
is
thrown.
public static SecurityManager
getSecurityManager()
Gets the system security manager. If none has been set
null
is returned and you are assumed to have all permissions.
The security manager delegates the actual security check to an access
control object. Each check method just invokes the security manager's