Java Security

From Wikibooks, open books for an open world
Jump to: navigation, search

Scope Java Programming
Java Security
Classes and Objects
Navigate Language Fundamentals topic: v  d  e )


Since Java 1.2, the Java platform itself comes with a security model built into applications it runs. It provides an access controller similar to what the Java enabled browser provides for an applet.

There are two main ways we can add security to our application. One way is to add a Class loader, or a security manager. The other way is to run your application under an other program, that can be called JavaRunner. JavaRunner can be used to run applications, the same way as appletviewer is used to run applets.

Permissions in Java[edit]

Permissions in Java grant or deny certain privileges to an application. Take this file from an applet called "Desert":

grant {
permission java.security.AllPermission;
};

This file says to allow every permission (i.e. no security). Take also this code:

import java.io.*;
 
perm = new FilePermission("/tmp/wikibooks-test", "read");

This represents permission to allow reading of /tmp/wikibooks-temp. For more information see this.

Language Security[edit]

Security and the Class Loader[edit]


Scope Java Programming
Java Security
Classes and Objects