HomeDigital EditionSys-Con RadioSearch Java Cd
Advanced Java AWT Book Reviews/Excerpts Client Server Corba Editorials Embedded Java Enterprise Java IDE's Industry Watch Integration Interviews Java Applet Java & Databases Java & Web Services Java Fundamentals Java Native Interface Java Servlets Java Beans J2ME Libraries .NET Object Orientation Observations/IMHO Product Reviews Scalability & Performance Security Server Side Source Code Straight Talking Swing Threads Using Java with others Wireless XML

"Mastering Java Security Policies and Permissions"
Volume: 5 Issue: 1, p.28


Listing 1:

grant codeBase "file://home/code" SignedBy "Admin" {

// example with no action
permission java.lang.RuntimePermission

// two examples with action fields, one
// containing a wildcard
permission java.net.SocketPermission
"*:*", "connect,accept";
permission java.util.PropertyPermis-
sion "user.home", "read";


Listing 2:

/*This is a method in Admin.java, which any class may call.*/
public String getValue() {
String result = (String) AccessController.doPrivileged(new
PrivilegedAction() {
            public Object run() {
    // Admin has permission to access this
// method
// even if its calling classes do not
       return readSecretValue();
    return result;


All Rights Reserved
Copyright ©  2004 SYS-CON Media, Inc.
  E-mail: [email protected]

Java and Java-based marks are trademarks or registered trademarks of Sun Microsystems, Inc. in the United States and other countries. SYS-CON Publications, Inc. is independent of Sun Microsystems, Inc.