Implementing a Class Loader
Part
of the security implications of a class loader depend upon its
internal implementation. When you implement a class loader, you have
two basic choices: you can extend the
ClassLoader class, or you can extend the
SecureClassLoader class. The second choice is
preferred, but it is not an option for Java 1.1. If you’re
programming in 1.2, you may choose to use the URL class loader rather
than implementing your own, but the information in this section will
help you understand the security features of the URL class loader. In
this section, then, we’ll look at how to implement both default
and secure class loaders.
Implementing the ClassLoader Class
Aside from the primordial class loader, all Java class loaders must
extend the ClassLoader
class
(java.lang.ClassLoader). Since the
ClassLoader class is
abstract, it is necessary to subclass it to
create a class loader.
Protected methods in the ClassLoader class
In order to implement a class loader, we start with this method:
- protected abstract Class
loadClass(String name, boolean resolve)
, protected Class loadClass(String name, boolean resolve) ★
Using the rules of the class loader, find the class with the given
nameand, if indicated by theresolvevariable, ensure that the class is resolved. If the class is not found, this method should throw aClassNotFoundException. This method is abstract in 1.1, but not in ...
Get Java Security now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
