3.3. Architecture Summary

As a summary of the overall process of how the Java 2 security architecture works, this section takes you through the handling of an applet or application. The following steps occur when viewing an applet, either through a Web browser or appletviewer or when running a Java application, possibly from the command line by invoking the program called java.

A class file is obtained and accepted if it passes preliminary bytecode verification.
The class’s code source is determined. If the code appears to be signed, this step includes signature verification.
The set of static permissions, if any, to be granted to this class is determined, based on the class’s code source.
A protection domain is created to mark the ...

Get Inside Java™ 2 Platform Security: Architecture, API Design, and Implementation, Second Edition now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.