Protection
and Policy Domain in Detail
Remember, Policy maps the code sources to their permissions, and the Policy
object is, essentially, a Singleton. The methods we commonly use
on Policy are getPermissions(), getPolicy(), refresh(), and setPolicy().
Now we'll look at getPermissions().
- getPermissions() returns to us a PermissionCollection object. This is fairly self-explanatory; a PermissionCollection is simply a collection of allowed permissions.
- Additionally, each class has a ProtectionDomain that encapsulates the code source and corresponding PermissionCollection.
- You can get this by calling the getProtectionDomain of the Class object.
- The Class object must represent the class in which you are interested in finding permissions. Use the forName() static method of class Class to get this.
- Sound confusing? How about this:
- ProtectionDomain has four methods:
- CodeSource getCodeSource() - returns a CodeSource object that encapsulates both the location (URL) of the code and any certificates.
- PermissionCollection getPermissions() - returns the PermissionCollection, discussed earlier.
- boolean implies(Permission permission) - returns true if the ProtectionDomain implies the permission represented in the Permission object.
- String toString() - overrides the default toString() method of class Object.
- The ProtectionDomain is set when the class is loaded.
- The SecureClassLoader uses the policy object to find permissions for the code source. Then it creates a ProtectionDomain with the permissions and code sources.
- The SecurityManager checks requested permissions against granted permissions.
- It gets the ProtectionDomains of all of the classes on the stack, and asks if they permit the operation being requested. If so, the operation can continue. If not, a SecurityException is thrown.
- By checking all classes, the SecurityManager ensures that the most restrictive policy of all classes on the stack is enforced.
ProtectionDomain pd = Class.forName("Car").getProtectionDomain()