The Artima Developer Community
Sponsored Link

Dynamic Permission Grants
A Conversation with Bob Scheifler, Part V
by Bill Venners
August 5, 2002

<<  Page 2 of 5  >>


Granting Permissions to Class Loaders

Bill Venners: How do I grant permissions dynamically?

Bob Scheifler: You might say I want to grant permissions to the proxy object. But the Java security model doesn't have a notion of granting permissions to objects. Its notion is that you grant permissions to protection domains. So now you have to look at how the Java security model defines a protection domain. In J2SE 1.4 the notion of a protection domain has been extended to include principals and class loaders. In part it was extended precisely for the Jini security model. A protection domain now has three components: principals, code source, and class loader. The principals indentify who is executing the code. The code source is the traditional notion of where the code came from, a URL, and who signed the code. The class loader is an actual class loader object that loaded the code.

Since we can't grant to the object, we grant to the class loader of the object's class. The class loader essentially equates to the code base. You don't have to know the actual code base because you can grant to the class loader.

<<  Page 2 of 5  >>

Copyright © 1996-2018 Artima, Inc. All Rights Reserved. - Privacy Policy - Terms of Use