|
|
A policy file is composed of a number of grant entires. These
entries contain:
-
The grant keyword, followed by the codesource.
-
The codesource can optionally have the codebase, which starts with the
codeBase
keyword and lists the jar or directory to which these permissions
apply. End a directory entry with a forward slash ("/").
If codebase missing, the permissions apply to all classes.
-
It can also optionally have the trusted certificate signers if signatures
are required. If missing, signatures are not required.
-
Next, it has curly braces to enclose the permissions granted to this code
source.
-
Each permission is then listed with the fully qualified class name and
target (page 889) and any comma-separated actions that are required to
specify fine grained control as well.
-
See page 890 for special syntax for FilePermission and SocketPermission.
Remember, these are the tricky ones that do not extend BasePermission.
Sidebar: Permissions Example
Policy Tool
|