6.1. SecurityManager

The java.lang.SecurityManager class, designed into the original release of JDK 1.0, is the focal point of access control. The security manager is called whenever a decision is needed to determine whether to grant or deny a request for accessing a sensitive resource. As an example of a SecurityManager class, the sun.applet.AppletSecurity class, a subclass of SecurityManager, implemented the sandbox security model in JDK 1.0. Recall from Section 2.2 that according to this model, applications—classes residing on the local file system—are given full system access, whereas applets—remote classes loaded over the network—are denied all but the most essential privileges.

6.1.1. Example Use of the Security Manager

In the Java 2 ...

Get Inside Java™ 2 Platform Security: Architecture, API Design, and Implementation, Second Edition now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.