Contents | Package | Class | Tree | Deprecated | Index | Help | Java 1.2 Beta 3 | ||
PREV | NEXT | SHOW LISTS | HIDE LISTS |
java.lang.Object | +----java.security.Policy
There is only one Policy object in effect at any given time. It is consulted by a ProtectionDomain when the protection domain initializes its set of permissions.
The source location for the policy information utilized by the Policy object is up to the Policy implementation. The policy configuration may be stored, for example, as a flat ASCII file, as a serialized binary file of the Policy class, or as a database.
The currently-installed Policy object can be obtained by calling
getPolicy
, and it can be changed by a call to
the setPolicy
method.
The refresh
method causes the policy
object to refresh/reload its current configuration. This is
implementation-dependent. For example, if the policy object stores
its policy in configuration files, calling refresh
will
cause it to re-read the configuration policy files.
The Policy object is agnostic in that it is not involved in making policy decisions. It is merely the Java runtime representation of the persistent policy configuration.
When a protection domain needs to initialize its set of permissions, it executes code such as the following to ask the currently installed Policy object to populate a Permissions object with the appropriate permissions:
policy = Policy.getPolicy(); Permissions perms = policy.evaluate(MyCodeSource)
The protection domain passes in a CodeSource object, which encapsulates its codebase (URL) and public key attributes. The Policy object evaluates the global policy in light of who the principal is and returns an appropriate Permissions object.
The default Policy implementation can be changed by setting the value of the "policy.provider" security property (in the Java security properties file) to the fully qualified name of the desired Policy implementation class. The Java security properties file is located in the file named <JAVA_HOME>/lib/security/java.security, where <JAVA_HOME> refers to the directory where the JDK was installed.
Constructor Summary | |
Policy()
|
Method Summary | |
Permissions | evaluate(CodeSource codesource)
|
static Policy | getPolicy()
|
void | refresh()
|
static void | setPolicy(Policy policy)
|
Methods inherited from class java.lang.Object |
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait |
Constructor Detail |
public Policy()
Method Detail |
public static Policy getPolicy()
SecurityManager.checkPermission
with the
SecurityPermission("Policy.getPolicy")
permission.public static void setPolicy(Policy policy)
SecurityManager.checkPermission
with the
SecurityPermission("Policy.setPolicy")
permission.
policy
- the new system Policy object.
public abstract Permissions evaluate(CodeSource codesource)
CodeSource
- the codesource associated with the caller.
This encapsulates the original location of the code (where the code
came from) and the public key(s) of its signer.
evaluate
on the policy object.public abstract void refresh()
Contents | Package | Class | Tree | Deprecated | Index | Help | Java 1.2 Beta 3 | ||
PREV | NEXT | SHOW LISTS | HIDE LISTS |