Table of Contents |
Security becomes a major concern when writing programs that interact with the Internet. Will I download something that corrupts my filesystem? Will I be open for a virus attack? It's unlikely that our computers will ever be completely safe from attack from the few evil-doers out there. However, we can take steps to provide a significant level of protection and security for our computers and data.The Java runtime environment has an object, a security manager, that is on-the-job full-time when the system is running. The security manager must approve all potentially threatening operations before they can be completed. If, for some reason, the security manager disallows a certain operation, it throws a SecurityException. Otherwise, the operation is allowed to continue normally.
This lesson first discusses the job of the security manager and how it works. Next, you will learn how to write your own security manager and how to install it as the working security manager for your Java applications. And finally, this lesson takes a deeper look at the SecurityManager class explaining just what each method is for and which ones you are likely to have to override when implementing your security manger.
Note: You cannot install a new security manager in an applet. Applets are subject to the security manager of the application (Web browser or appletviewer) in which they are running. See Understanding Applet Capabilities and Restrictions for information.
Introducing the Security Manager
[PENDING: this page talks about what sorts of things the security manager intercedes on. Good place for a picture it seems. Also the default security manager is very lenient.]Writing a Security Manager
This page walks you through a simple (and unlikely) implementation of a security manager that requires the user to type in a password each time there's a "thread access".Installing your Security Manager
This page shows you how to install your security manager as the security manager on-duty for your Java application.More About the SecurityManager Class
And finally, this page looks at the SecurityManager class in greater detail highlighting the methods you are likely to override when implementing your own security manager.[PENDING: what about the other methods in SecurityManager that you are not likely to override? Should I cover those and put in a "Using the SecurityManager" page?]
Table of Contents |