6.1. SecurityManager

The java.lang.SecurityManager class, designed into the original release of JDK 1.0, is the focal point of access control. The security manager is called whenever a decision is needed to determine whether to grant or deny a request for accessing a sensitive resource. As an example of a SecurityManager class, the sun.applet.AppletSecurity class, a subclass of SecurityManager, implemented the sandbox security model in JDK 1.0. Recall from Section 2.2 that according to this model, applications—classes residing on the local file system—are given full system access, whereas applets—remote classes loaded over the network—are denied all but the most essential privileges.

6.1.1. Example Use of the Security Manager

In the Java 2 ...

Get Inside Java™ 2 Platform Security: Architecture, API Design, and Implementation, Second Edition now with O’Reilly online learning.

O’Reilly members experience live online training, plus books, videos, and digital content from 200+ publishers.