Chapter 5. The Access Controller
In the last chapter, we looked at the security manager, which provides the security policy interface used by the core Java API. The implementation of most security managers, however, is based entirely upon the access controller. In this chapter, we’re going to look at the access controller and its related classes. Along the way, we’ll cover a number of important topics:
How to implement and use your own permission classes to extend the mechanism of the Java sandbox to your own applications.
How to implement a different security policy so that permissions can be set in new ways (e.g., by reading them from a central server rather than from a collection of files).
How the core Java API is able to perform certain operations that other classes cannot.
How to create objects that can only be accessed if you have the appropriate permission.
The access controller is built upon the four concepts we examined in Chapter 2 :
- Code sources
An encapsulation of the location from which certain Java classes were obtained.
- Permissions
An encapsulation of a request to perform a particular operation.
- Policies
An encapsulation of all the specific permissions that should be granted to specific code sources.
- Protection domains
An encapsulation of a particular code source and the permissions granted to that code source.
We’ll start by examining how these concepts map to the Java API.
Get Java Security, 2nd Edition now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
