The Java Security Architecture
An Overview of the Internals |
Prof. David Bernstein |
Computer Science Department |
bernstdh@jmu.edu |
ClassLoader
:
.class
files
Permission
:
Principal
:
CodeSource
:
ProtectionDomain
:
CodeSource
,
a collection of Permission
objects, and a collection
of Principal
objects
(and the ClassLoader
that was used)Policy
:
Principal
objects,
columns corresponding to CodeSource
objects, and
Permission
objects in the body)Policy
object
installed in the runtime at any point in time.class
file is read and the bytecodes are
(statically) verifiedCodeSource
object)Permission
objects)ProtectionDomain
object is created or re-usedClassLoader
)AccessController
is used
Policy
is (constructed if necessary and)
consulted and the set of
permissions to be granted is determined based on the
ProtectionDomain
SecurityException
is thrown)