|
|||||||||
| PREV CLASS NEXT CLASS | FRAMES NO FRAMES | ||||||||
| SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD | ||||||||
java.lang.Objectjava.security.Policy
public abstract class Policy
Policy is an abstract class for managing the system security
policy for the Java application environment. It specifies which permissions
are available for code from various sources. The security policy is
represented through a subclass of Policy.
Only one Policy is in effect at any time. A
ProtectionDomain initializes itself with information from this class
on the set of permssions to grant.
The location for the actual Policy could be anywhere in any
form because it depends on the Policy implementation. The default system is
in a flat ASCII file or it could be in a database.
The current installed Policy can be accessed with
getPolicy() and changed with setPolicy(Policy) if the code
has the correct permissions.
The refresh() method causes the Policy instance to
refresh/reload its configuration. The method used to refresh depends on the
Policy implementation.
When a protection domain initializes its permissions, it uses code like the following:
policy = Policy.getPolicy();
PermissionCollection perms = policy.getPermissions(myCodeSource);
The protection domain passes the Policy handler a
CodeSource instance which contains the codebase URL and a public key.
The Policy implementation then returns the proper set of
permissions for that CodeSource.
The default Policy implementation can be changed by setting
the "policy.provider" security provider in the "java.security" file to the
correct Policy implementation class.
CodeSource,
PermissionCollection,
SecureClassLoader| Constructor Summary | |
|---|---|
Policy()
Constructs a new Policy object. |
|
| Method Summary | |
|---|---|
abstract PermissionCollection |
getPermissions(CodeSource codesource)
Returns the set of Permissions allowed for a given CodeSource. |
PermissionCollection |
getPermissions(ProtectionDomain domain)
Returns the set of Permissions allowed for a given ProtectionDomain. |
static Policy |
getPolicy()
Returns the currently installed Policy handler. |
boolean |
implies(ProtectionDomain domain,
Permission permission)
Checks if the designated Permission is granted to a designated
ProtectionDomain. |
abstract void |
refresh()
Causes this Policy instance to refresh / reload its
configuration. |
static void |
setPolicy(Policy policy)
Sets the Policy handler to a new value. |
| Methods inherited from class java.lang.Object |
|---|
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait |
| Constructor Detail |
|---|
public Policy()
Policy object.
| Method Detail |
|---|
public static Policy getPolicy()
Policy handler. The value
should not be cached as it can be changed any time by
setPolicy(Policy).
Policy.
SecurityException - if a SecurityManager is installed which disallows this
operation.public static void setPolicy(Policy policy)
Policy handler to a new value.
policy - the new Policy to use.
SecurityException - if a SecurityManager is installed which disallows this
operation.public abstract PermissionCollection getPermissions(CodeSource codesource)
CodeSource.
codesource - the CodeSource for which, the caller needs to find the
set of granted permissions.
CodeSource specified by the
current Policy.
SecurityException - if a SecurityManager is installed which disallows this
operation.public PermissionCollection getPermissions(ProtectionDomain domain)
ProtectionDomain.
domain - the ProtectionDomain for which, the caller needs to find
the set of granted permissions.
ProtectionDomain specified by the
current Policy..ProtectionDomain,
SecureClassLoader
public boolean implies(ProtectionDomain domain,
Permission permission)
Permission is granted to a designated
ProtectionDomain.
domain - the ProtectionDomain to test.permission - the Permission to check.
true if permission is implied by a
permission granted to this ProtectionDomain. Returns
false otherwise.ProtectionDomainpublic abstract void refresh()
Policy instance to refresh / reload its
configuration. The method used to refresh depends on the concrete
implementation.
|
|||||||||
| PREV CLASS NEXT CLASS | FRAMES NO FRAMES | ||||||||
| SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD | ||||||||