Security Manager,
Permissions
The Security Manager is the gatekeeper of the application. It verifies
that a class has permission to perform a requested operation when that
operation is requested of the class.
- There are quite a few operations the Security Manger checks. Those are listed on page 877-878 of the book.
- Most classes do not run with a Security Manager installed by default, so all operations are permitted.
- Applets, however, use the AppletSecurity manager, which is quite restrictive.
- Downloaded Remote Method Invocation (RMI) classes use the RMISecurityManager.
- RMI has a capability to dynamically download client classes. Since these classes are downloaded, presumably from an external server, the security manager can restrict what they can do on the client computer. Since the security information is handled locally, this puts the control at the end-user or customer level.