May 2001
Intermediate to advanced
618 pages
20h 50m
English
Content preview from Java Security, 2nd EditionBecome an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
O’Reilly covers everything we've got, with content to help us build a world-class technology community, upgrade the capabilities and competencies of our teams, and improve overall team performance as well as their engagement.I wanted to learn C and C++, but it didn't click for me until I picked up an O'Reilly book. When I went on the O’Reilly platform, I was astonished to find all the books there, plus live events and sandboxes so you could play around with the technology.I’ve been on the O’Reilly platform for more than eight years. I use a couple of learning platforms, but I'm on O'Reilly more than anybody else. When you're there, you start learning. I'm never disappointed.I'm always learning. So when I got on to O'Reilly, I was like a kid in a candy store. There are playlists. There are answers. There's on-demand training. It's worth its weight in gold, in terms of what it allows me to do.
Chapter 6. Java Class Loaders
In this chapter, we’re going to look at the third major component that determines the security policy of a Java program: the Java class loader. Class loaders are the mechanism by which files (or other sources) containing Java bytecodes are read into the Java virtual machine and converted into class definitions.
There are three areas in which the class loader operates with the
security model. First, the class loader cooperates with the virtual
machine to define namespaces, which protect the integrity of the
security features built into the Java language. Second, the class
loader calls the security manager when appropriate, ensuring that
code has the appropriate permissions in order to access or define
classes. And third, the class loader sets up the mapping of
permissions to class objects (the protection domain of each class) so
that the access controller knows which classes have which
permissions. The last of these areas is the one which is of most use
to developers: if you want to establish a different security policy
in your application, it’s easier to do it by writing a custom
class loader and establishing the permissions of classes within that
class loader than by writing a new implementation of the
Policy class.
In this chapter, we’ll address all of these points. We’ll also look into the class loader classes that come with Java and how to write your own class loader. As with the other elements of the Java sandbox, the ability to create and use ...
Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
and much more.
Read now
Unlock full access
More than 5,000 organizations count on O’Reilly
O’Reilly covers everything we've got, with content to help us build a world-class technology community, upgrade the capabilities and competencies of our teams, and improve overall team performance as well as their engagement.Julian F.
I wanted to learn C and C++, but it didn't click for me until I picked up an O'Reilly book. When I went on the O’Reilly platform, I was astonished to find all the books there, plus live events and sandboxes so you could play around with the technology.Addison B.
I’ve been on the O’Reilly platform for more than eight years. I use a couple of learning platforms, but I'm on O'Reilly more than anybody else. When you're there, you start learning. I'm never disappointed.Amir M.
I'm always learning. So when I got on to O'Reilly, I was like a kid in a candy store. There are playlists. There are answers. There's on-demand training. It's worth its weight in gold, in terms of what it allows me to do.