securitymanager.html

API資料大全

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Frameset//EN""http://www.w3.org/TR/REC-html40/frameset.dtd">
<!--NewPage-->
<HTML>
<HEAD>
<!-- Generated by javadoc on Thu Apr 27 23:35:07 PDT 2000 -->
<TITLE>
Java 2 Platform SE v1.3: Class  SecurityManager
</TITLE>
<LINK REL ="stylesheet" TYPE="text/css" HREF="../../stylesheet.css" TITLE="Style">
</HEAD>
<BODY BGCOLOR="white">

<!-- ========== START OF NAVBAR ========== -->
<A NAME="navbar_top"><!-- --></A>
<TABLE BORDER="0" WIDTH="100%" CELLPADDING="1" CELLSPACING="0">
<TR>
<TD COLSPAN=2 BGCOLOR="#EEEEFF" CLASS="NavBarCell1">
<A NAME="navbar_top_firstrow"><!-- --></A>
<TABLE BORDER="0" CELLPADDING="0" CELLSPACING="3">
  <TR ALIGN="center" VALIGN="top">
  <TD BGCOLOR="#EEEEFF" CLASS="NavBarCell1">    <A HREF="../../overview-summary.html"><FONT CLASS="NavBarFont1"><B>Overview</B></FONT></A>&nbsp;</TD>
  <TD BGCOLOR="#EEEEFF" CLASS="NavBarCell1">    <A HREF="package-summary.html"><FONT CLASS="NavBarFont1"><B>Package</B></FONT></A>&nbsp;</TD>
  <TD BGCOLOR="#FFFFFF" CLASS="NavBarCell1Rev"> &nbsp;<FONT CLASS="NavBarFont1Rev"><B>Class</B></FONT>&nbsp;</TD>
  <TD BGCOLOR="#EEEEFF" CLASS="NavBarCell1">    <A HREF="class-use/SecurityManager.html"><FONT CLASS="NavBarFont1"><B>Use</B></FONT></A>&nbsp;</TD>
  <TD BGCOLOR="#EEEEFF" CLASS="NavBarCell1">    <A HREF="package-tree.html"><FONT CLASS="NavBarFont1"><B>Tree</B></FONT></A>&nbsp;</TD>
  <TD BGCOLOR="#EEEEFF" CLASS="NavBarCell1">    <A HREF="../../deprecated-list.html"><FONT CLASS="NavBarFont1"><B>Deprecated</B></FONT></A>&nbsp;</TD>
  <TD BGCOLOR="#EEEEFF" CLASS="NavBarCell1">    <A HREF="../../index-files/index-1.html"><FONT CLASS="NavBarFont1"><B>Index</B></FONT></A>&nbsp;</TD>
  <TD BGCOLOR="#EEEEFF" CLASS="NavBarCell1">    <A HREF="../../help-doc.html"><FONT CLASS="NavBarFont1"><B>Help</B></FONT></A>&nbsp;</TD>
  </TR>
</TABLE>
</TD>
<TD ALIGN="right" VALIGN="top" ROWSPAN=3><EM>
<b>Java<sup><font size=-2>TM</font></sup>&nbsp;2&nbsp;Platform<br>Std.&nbsp;Ed. v1.3</b></EM>
</TD>
</TR>

<TR>
<TD BGCOLOR="white" CLASS="NavBarCell2"><FONT SIZE="-2">
&nbsp;<A HREF="../../java/lang/RuntimePermission.html"><B>PREV CLASS</B></A>&nbsp;
&nbsp;<A HREF="../../java/lang/Short.html"><B>NEXT CLASS</B></A></FONT></TD>
<TD BGCOLOR="white" CLASS="NavBarCell2"><FONT SIZE="-2">
  <A HREF="../../index.html" TARGET="_top"><B>FRAMES</B></A>  &nbsp;
&nbsp;<A HREF="SecurityManager.html" TARGET="_top"><B>NO FRAMES</B></A></FONT></TD>
</TR>
<TR>
<TD VALIGN="top" CLASS="NavBarCell3"><FONT SIZE="-2">
  SUMMARY: &nbsp;INNER&nbsp;|&nbsp;<A HREF="#field_summary">FIELD</A>&nbsp;|&nbsp;<A HREF="#constructor_summary">CONSTR</A>&nbsp;|&nbsp;<A HREF="#method_summary">METHOD</A></FONT></TD>
<TD VALIGN="top" CLASS="NavBarCell3"><FONT SIZE="-2">
DETAIL: &nbsp;<A HREF="#field_detail">FIELD</A>&nbsp;|&nbsp;<A HREF="#constructor_detail">CONSTR</A>&nbsp;|&nbsp;<A HREF="#method_detail">METHOD</A></FONT></TD>
</TR>
</TABLE>
<!-- =========== END OF NAVBAR =========== -->

<HR>
<!-- ======== START OF CLASS DATA ======== -->
<H2>
<FONT SIZE="-1">
java.lang</FONT>
<BR>
Class  SecurityManager</H2>
<PRE>
<A HREF="../../java/lang/Object.html">java.lang.Object</A>
  |
  +--<B>java.lang.SecurityManager</B>
</PRE>
<DL>
<DT><B>Direct Known Subclasses:</B> <DD><A HREF="../../java/rmi/RMISecurityManager.html">RMISecurityManager</A></DD>
</DL>
<HR>
<DL>
<DT>public class <B>SecurityManager</B><DT>extends <A HREF="../../java/lang/Object.html">Object</A></DL>

<P>
The security manager is a class that allows 
 applications to implement a security policy. It allows an 
 application to determine, before performing a possibly unsafe or 
 sensitive operation, what the operation is and whether 
 it is being attempted in a security context that allows the
 operation to be performed. The 
 application can allow or disallow the operation. 
 <p>
 The <code>SecurityManager</code> class contains many methods with 
 names that begin with the word <code>check</code>. These methods 
 are called by various methods in the Java libraries before those 
 methods perform certain potentially sensitive operations. The 
 invocation of such a <code>check</code> method typically looks like this: 
 <p><blockquote><pre>
     SecurityManager security = System.getSecurityManager();
     if (security != null) {
         security.check<i>XXX</i>(argument, &nbsp;.&nbsp;.&nbsp;.&nbsp;);
     }
 </pre></blockquote>
 <p>
 The security manager is thereby given an opportunity to prevent 
 completion of the operation by throwing an exception. A security 
 manager routine simply returns if the operation is permitted, but 
 throws a <code>SecurityException</code> if the operation is not 
 permitted. The only exception to this convention is 
 <code>checkTopLevelWindow</code>, which returns a 
 <code>boolean</code> value. 
 <p>
 The current security manager is set by the 
 <code>setSecurityManager</code> method in class 
 <code>System</code>. The current security manager is obtained 
 by the <code>getSecurityManager</code> method. 
 <p> 
 The special method 
 <A HREF="../../java/lang/SecurityManager.html#checkPermission(java.security.Permission)"><CODE>checkPermission(java.security.Permission)</CODE></A>
 determines whether an access request indicated by a specified
 permission should be granted or denied. The 
 default implementation calls
 
 <pre>
   AccessController.checkPermission(perm);
 </pre>

 <p> 
 If a requested access is allowed, 
 <code>checkPermission</code> returns quietly. If denied, a 
 <code>SecurityException</code> is thrown. 
 <p>
 As of Java 2 SDK v1.2, the default implementation of each of the other
 <code>check</code> methods in <code>SecurityManager</code> is to 
 call the <code>SecurityManager checkPermission</code> method
 to determine if the calling thread has permission to perform the requested
 operation.
 <p> 
 Note that the <code>checkPermission</code> method with
 just a single permission argument always performs security checks
 within the context of the currently executing thread.
 Sometimes a security check that should be made within a given context
 will actually need to be done from within a
 <i>different</i> context (for example, from within a worker thread).
 The <A HREF="../../java/lang/SecurityManager.html#getSecurityContext()"><CODE>getSecurityContext</CODE></A> method 
 and the <A HREF="../../java/lang/SecurityManager.html#checkPermission(java.security.Permission, java.lang.Object)"><CODE>checkPermission</CODE></A>
 method that includes a context argument are provided 
 for this situation. The 
 <code>getSecurityContext</code> method returns a "snapshot"
 of the current calling context. (The default implementation 
 returns an AccessControlContext object.) A sample call is
 the following:
 
 <pre>
   Object context = null;
   SecurityManager sm = System.getSecurityManager();
   if (sm != null) context = sm.getSecurityContext(); 
 </pre>
 
 <p>
 The <code>checkPermission</code> method
 that takes a context object in addition to a permission 
 makes access decisions based on that context,
 rather than on that of the current execution thread.
 Code within a different context can thus call that method,
 passing the permission and the
 previously-saved context object. A sample call, using the
 SecurityManager <code>sm</code> obtained as in the previous example, 
 is the following:
 
 <pre>
   if (sm != null) sm.checkPermission(permission, context);
 </pre> 

 <p>Permissions fall into these categories: File, Socket, Net, 
 Security, Runtime, Property, AWT, Reflect, and Serializable. 
 The classes managing these various
 permission categories are <code>java.io.FilePermission</code>,
 <code>java.net.SocketPermission</code>, 
 <code>java.net.NetPermission</code>, 
 <code>java.security.SecurityPermission</code>,
 <code>java.lang.RuntimePermission</code>, 
 <code>java.util.PropertyPermission</code>, 
 <code>java.awt.AWTPermission</code>,
 <code>java.lang.reflect.ReflectPermission</code>, and
 <code>java.io.SerializablePermission</code>. 
 
 <p>All but the first two (FilePermission and SocketPermission) are 
 subclasses of <code>java.security.BasicPermission</code>, which itself 
 is an abstract subclass of the
 top-level class for permissions, which is 
 <code>java.security.Permission</code>. BasicPermission defines the 
 functionality needed for all permissions that contain a name 
 that follows the hierarchical property naming convention 
 (for example, "exitVM", "setFactory", "queuePrintJob", etc). 
 An asterisk 
 may appear at the end of the name, following a ".", or by itself, to 
 signify a wildcard match. For example: "a.*" or "*" is valid, 
 "*a" or "a*b" is not valid.

 <p>FilePermission and SocketPermission are subclasses of the
 top-level class for permissions 
 (<code>java.security.Permission</code>). Classes like these
 that have a more complicated name syntax than that used by
 BasicPermission subclass directly from Permission rather than from
 BasicPermission. For example, 
 for a <code>java.io.FilePermission</code> object, the permission name is
 the pathname of a file (or directory).

 <p>Some of the permission classes have an "actions" list that tells 
 the actions that are permitted for the object.  For example, 
 for a <code>java.io.FilePermission</code> object, the actions list
 (such as "read, write") specifies which actions are granted for the
 specified file (or for files in the specified directory).
 
 <p>Other permission classes are for "named" permissions - 
 ones that contain a name but no actions list; you either have the
 named permission or you don't.
 
 <p>Note: There is also a <code>java.security.AllPermission</code>
 permission that implies all permissions. It exists to simplify the work
 of system administrators who might need to perform multiple
 tasks that require all (or numerous) permissions.
 <p>
 See <a href ="../../../guide/security/permissions.html">
 Permissions in the Java 2 SDK</a> for permission-related information.
 This document includes, for example, a table listing the various SecurityManager
 <code>check</code> methods and the permission(s) the default 
 implementation of each such method requires. 
 It also contains a table of all the version 1.2 methods
 that require permissions, and for each such method tells 
 which permission it requires.
 <p>
 For more information about <code>SecurityManager</code> changes made in 
 the Java 2 SDK and advice regarding porting of 1.1-style security managers,
 see the <a href="../../../guide/security/index.html">security documentation</a>.
<P>
<DL>
<DT><B>Since: </B><DD>JDK1.0</DD>
<DT><B>See Also: </B><DD><A HREF="../../java/lang/ClassLoader.html"><CODE>ClassLoader</CODE></A>, 
<A HREF="../../java/lang/SecurityException.html"><CODE>SecurityException</CODE></A>, 
<A HREF="../../java/lang/SecurityManager.html#checkTopLevelWindow(java.lang.Object)"><CODE>checkTopLevelWindow</CODE></A>, 
<A HREF="../../java/lang/System.html#getSecurityManager()"><CODE>getSecurityManager</CODE></A>, 
<A HREF="../../java/lang/System.html#setSecurityManager(java.lang.SecurityManager)"><CODE>setSecurityManager</CODE></A>, 
<A HREF="../../java/security/AccessController.html"><CODE>AccessController</CODE></A>, 
<A HREF="../../java/security/AccessControlContext.html"><CODE>AccessControlContext</CODE></A>, 
<A HREF="../../java/security/AccessControlException.html"><CODE>AccessControlException</CODE></A>, 
<A HREF="../../java/security/Permission.html"><CODE>Permission</CODE></A>, 
<A HREF="../../java/security/BasicPermission.html"><CODE>BasicPermission</CODE></A>, 
<A HREF="../../java/io/FilePermission.html"><CODE>FilePermission</CODE></A>, 
<A HREF="../../java/net/SocketPermission.html"><CODE>SocketPermission</CODE></A>, 
<A HREF="../../java/util/PropertyPermission.html"><CODE>PropertyPermission</CODE></A>, 
<A HREF="../../java/lang/RuntimePermission.html"><CODE>RuntimePermission</CODE></A>, 
<A HREF="../../java/awt/AWTPermission.html"><CODE>AWTPermission</CODE></A>, 
<A HREF="../../java/security/Policy.html"><CODE>Policy</CODE></A>, 
<A HREF="../../java/security/SecurityPermission.html"><CODE>SecurityPermission</CODE></A>, 
<A HREF="../../java/security/ProtectionDomain.html"><CODE>ProtectionDomain</CODE></A></DL>
<HR>

<P>
<!-- ======== INNER CLASS SUMMARY ======== -->


<!-- =========== FIELD SUMMARY =========== -->

<A NAME="field_summary"><!-- --></A>
<TABLE BORDER="1" CELLPADDING="3" CELLSPACING="0" WIDTH="100%">
<TR BGCOLOR="#CCCCFF" CLASS="TableHeadingColor">
<TD COLSPAN=2><FONT SIZE="+2">
<B>Field Summary</B></FONT></TD>
</TR>
<TR BGCOLOR="white" CLASS="TableRowColor">