O'Reilly logo

Java Security by Scott Oaks

Stay ahead with the world's most comprehensive technology and business learning platform.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, tutorials, and more.

Start Free Trial

No credit card required

Summary

Implementing a security manager is a key step in defining a security policy for your own Java applications; the examples presented in this chapter should help you do that effectively. In Java 1.2, you can specify much of the security policy via an external policy file, although there are still instances where you need to write your own security manager in order to achieve specific (but common) policies. In Java 1.1 and previous releases, you need to write your own security manager that implements the security policy you feel is appropriate. Otherwise, your Java application will have no security policy at all.

If you don’t feel comfortable running a third-party Java application without a security manager in place, the examples we’ve provided in this chapter are also key—they provide the cornerstone of the security features that are built into the JavaRunner program.

On the other hand, if you have a secured network and want to expand the parameters of the Java sandbox without resorting to the use and configuration of signed classes (the topic we’ll explore for most of the rest of this book), writing your own security manager is also the way to go. For browsers that support it, you can then substitute the new security manager into them, or you can again use the JavaRunner program or Java’s Launcher to run the program.

No matter what path you take, the security manager is the most important aspect of the Java sandbox. The methods of the security manager should help you be able ...

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, interactive tutorials, and more.

Start Free Trial

No credit card required