Permissions
The basic entity
that the access controller operates on is a permission
object—an instance of the Permission
class
(java.security.Permission
). The
Permission
class itself is an abstract class
that represents a particular operation. The nomenclature here is a
little misleading, because a permission object can reflect two
things. When it is associated with a class (through a code source and
a protection domain), a permission object represents an actual
permission that has been granted to that class. Otherwise, a
permission object allows us to ask if we have a specific permission.
For example, if we construct a permission object that represents access to a file, possession of that object does not mean that we have permission to access the file. Rather, possession of the object allows us to ask if we have permission to access the file.
An instance of the Permission
class represents
one specific permission. A set of permissions—e.g., all the
permissions that are given to classes signed by a particular
individual—is represented by an instance of the
Permissions
class
(java.security.Permissions
). As developers and
administrators, we’ll make extensive use of these classes, so
we’ll need to investigate them in depth.
The Permission Class
Permissions have three properties:
- A type
All permissions carry a basic type that identifies what the permission pertains to. A permission object to access a file will have a type of
FilePermission
; an object to create a window will have a type ...
Get Java Security now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.