O'Reilly logo

Inside Java™ 2 Platform Security: Architecture, API Design, and Implementation, Second Edition by Mary Dageforde, Gary Ellison, Li Gong

Stay ahead with the world's most comprehensive technology and business learning platform.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, tutorials, and more.

Start Free Trial

No credit card required

5.2. Describing Code

The security policy is essentially an access control matrix that describes code according to its characteristics and the permissions it is granted. The CodeSource and Principal classes are used to describe code.

5.2.1. CodeSource

Code is fully characterized by three things. One is its origin, or its location as specified by a URL. The second, applicable if the code is signed, is the set of digital certificates containing the public keys corresponding to the private keys used to sign the code. (Note: Digital certificates are described in Section 8.1.) The first two characteristics are captured in the class java.security.CodeSource, which can be viewed as a natural extension of the concept of a code base within HTML, although ...

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, interactive tutorials, and more.

Start Free Trial

No credit card required