Beruflich Dokumente
Kultur Dokumente
T E C H
T I P S
TIPS, TECHNIQUES, AND SAMPLE CODE
"file:." {
java.security.AllPermission;
"http://www.develop.com/TrustWorthyApplets/" {
java.io.SocketPermission "*:80", "connect";
The first grant entry uses a file URL to give classes from the
current directory the special permission "AllPermission." This
permission basically disables security checks, and is useful only
for very trusted code. In this example the trusted code is in the
current directory (presumably you wrote that code yourself). The
second entry uses an HTTP URL to specify that applets downloaded
from a specific website can connect to any machine's HTTP port.
The codeBase field makes it easy to configure fine-grained access
control, without writing any code. This flexible control is
essential for distributed systems built with higher level
technologies such as RMI, JINI, or EJB.
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - The JDK 1.2 security architecture supports several interesting
capabilities not covered here, including digital signing, custom
permissions, custom policy implementations, and privileged scopes.
For more information on these security features, examine the
security documentation at:
http://java.sun.com/j2se/1.3/docs/guide/security/index.html
Java supports user-based security through the Java
Authentication and Authorization Service (JAAS). For
information about JAAS, see:
http://java.sun.com/products/jaas/
For a comprehensive description of security in the Java 2
Platform, see the book "Inside Java 2 Platform Security:
Architecture, API Design, and Implementation" by Li Gong
(http://java.sun.com/docs/books/security/index.html).
. . . . . . . . . . . . . . . . . . . . . . .
- NOTE
The names on the JDC mailing list are used for internal Sun
Microsystems(tm) purposes only. To remove your name from the list,
see Subscribe/Unsubscribe below.
- FEEDBACK
Comments? Send your feedback on the JDC Tech Tips to:
jdc-webmaster@sun.com
- SUBSCRIBE/UNSUBSCRIBE
The JDC newsletter mailing lists are used for internal
Sun Microsystems(TM) purposes only. The JDC Tech Tips are
sent to you because you elected to subscribe.
To remove your name from a JDC newsletter mailing list:
o Go to the JDC Front page. (http://java.sun.com/jdc/)
o Select Subscribe to free JDC newsletters.
If you are not logged in automatically, type in your
UserID and password.
o Update your newsletter preferences and click Update.
To subscribe to a JDC newsletter mailing list:
o Go to the JDC Front page. (http://java.sun.com/jdc/)
o If you are already a member of the JDC, log in.
If you are not a member, select Register (It's free!)
and fill out the requested information.
o Select Subscribe to free JDC newsletters.
o Choose the newsletters you want to subscribe to and click Update.
- ARCHIVES
You'll find the JDC Tech Tips archives at:
http://developer.java.sun.com/developer/TechTips/index.html
- COPYRIGHT
Copyright 2000 Sun Microsystems, Inc. All rights reserved.
901 San Antonio Road, Palo Alto, California 94303 USA.
This document is protected by copyright. For more information, see:
http://developer.java.sun.com/developer/copyright.html
JDC Tech Tips
September 26, 2000
* As used in this document, the terms "Java virtual machine"
or "JVM" mean a virtual machine for the Java platform.