All About Class SecurityManager in Java

The SecurityManager is an abstract class that allows applications to implement security policy.It allows an application to determine,before performing a possibly unsafe or sensitive operation,what the operation is and whether the operation is being performed by a class created by a ClassLoader rather than installed locally.Classes loaded via ClassLoader (if they have been downloaded over network) may be less trustworthy than classes from files installed locally.The application has the option of allowing or disallowing the operation by using SecurityManager.
The SecurityManager class contains a large number of methods whose names begins with the word called check.These methods are called by various methods in the java library before those methods perform certain sensitive operations.
The SecurityManager is thereby given an opportunity to prevent completion of the operation by throwing an Exception.A security manager routine simply return if the operation is permitted but throws an Exception if the operation is not permitted.The only exception to this convention is checkTopLevel window,which returns a boolean value.The current Security manager is set by the setSecurityManager() method in class System.The current security manager is obtained by getSecurityManager() method.

The structure of the class SecurityManager is given as:

public abstract class java.lang.SecurityManager extends java.lang.Object{
//Member elements
protected boolean inCheck;//this field is true if there is a security check in progress , false otherwise
protected SecurityManager();//constructs a new SecurityManager.An application is not allowed to create 
//a new security manager if there is already a current security manager in place.It can throw 
//SecurityException if a SecurityManager already exists.
public void checkAccept(String host,int port);
public void checkAccess(Thread th);
public void checkAccess(ThreadGroup tg);
public void checkConnect(String host,int port);
public void checkConnect(String host,int port,Object context);
public void checkCreateClassLoader();
public void checkDelete(String file);
public void checkExec(String command);
public void checkExit(int status);
public void checkLink(String lib);
public void checkListen(int port);
public void checkPackageAccess(String pkg);
public void checkPackageDefinition(String pkg);
public void checkPropertiesAccess();
public void checkPropertyAccess(String key);
public void checkRead(FileDescriptor fd);
public void checkRead(String file);
public void checkRead(String file,Object context);
public void checkSetFactory();
public boolean checkTopLevelWindow(Object window);
public void checkWrite(FileDescriptor fd);
public void checkWrite(String file);
public boolean getInCheck();
protected int classDepth(String name);
protected int classLoaderDepth();
protected ClassLoader currentClassLoader();
protected class[] getClassContext();
public Object getSecurityContext();
protected boolean inClass(String name);
protected boolean inClassLoader();
All About Class SecurityManager in Java All About Class SecurityManager in Java Reviewed by Animesh Chatterjee on October 04, 2018 Rating: 5

No comments:

Powered by Blogger.