Using Policy-Based Security
In JDK 1.0 and 1.1, security in terms of use of system resources was governed by the java.lang.SecurityManager class. Fundamental to the SecurityManager class and policy-based permissions as well is the principle that if a right is not expressly granted, your code does not have it. The SecurityManager class consists of several methods, mostly checkxxx, where xxx is the name of some operation that could adversely affect a host's data, such as checkRead() and checkWrite(). When you tried an operation that might be a security violation, Java called the appropriate SecurityManager method to see if it was okay to allow you to perform the operation. For example, this constructor call in an applet running in a Web browser: ...
Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
and much more.
Read now
Unlock full access