java.security
Class Policy

java.lang.Object sample code for java.lang.Object definition code for java.lang.Object 
  extended by java.security.Policy

public abstract class Policy
extends Object sample code for java.lang.Object definition code for java.lang.Object

This is an abstract class for representing the system security policy for a Java application environment (specifying which permissions are available for code from various sources). That is, the security policy is represented by a Policy subclass providing an implementation of the abstract methods in this Policy class.

There is only one Policy object in effect at any given time.

The source location for the policy information utilized by the Policy object is up to the Policy implementation. The policy configuration may be stored, for example, as a flat ASCII file, as a serialized binary file of the Policy class, or as a database.

The currently-installed Policy object can be obtained by calling the getPolicy method, and it can be changed by a call to the setPolicy method (by code with permission to reset the Policy).

The refresh method causes the policy object to refresh/reload its current configuration.

This is implementation-dependent. For example, if the policy object stores its policy in configuration files, calling refresh will cause it to re-read the configuration policy files. The refreshed policy may not have an effect on classes in a particular ProtectionDomain. This is dependent on the Policy provider's implementation of the implies sample code for java.security.Policy.implies(java.security.ProtectionDomain, java.security.Permission) definition code for java.security.Policy.implies(java.security.ProtectionDomain, java.security.Permission) method and the PermissionCollection caching strategy.

The default Policy implementation can be changed by setting the value of the "policy.provider" security property (in the Java security properties file) to the fully qualified name of the desired Policy implementation class. The Java security properties file is located in the file named <JAVA_HOME>/lib/security/java.security, where <JAVA_HOME> refers to the directory where the JDK was installed.

See Also:
CodeSource sample code for java.security.CodeSource definition code for java.security.CodeSource , PermissionCollection sample code for java.security.PermissionCollection definition code for java.security.PermissionCollection , SecureClassLoader sample code for java.security.SecureClassLoader definition code for java.security.SecureClassLoader

Constructor Summary
Policy sample code for java.security.Policy.Policy() definition code for java.security.Policy.Policy() ()
           
 
Method Summary
abstract  PermissionCollection sample code for java.security.PermissionCollection definition code for java.security.PermissionCollection getPermissions sample code for java.security.Policy.getPermissions(java.security.CodeSource) definition code for java.security.Policy.getPermissions(java.security.CodeSource) (CodeSource sample code for java.security.CodeSource definition code for java.security.CodeSource  codesource)
          Evaluates the global policy and returns a PermissionCollection object specifying the set of permissions allowed for code from the specified code source.
 PermissionCollection sample code for java.security.PermissionCollection definition code for java.security.PermissionCollection getPermissions sample code for java.security.Policy.getPermissions(java.security.ProtectionDomain) definition code for java.security.Policy.getPermissions(java.security.ProtectionDomain) (ProtectionDomain sample code for java.security.ProtectionDomain definition code for java.security.ProtectionDomain  domain)
          Evaluates the global policy and returns a PermissionCollection object specifying the set of permissions allowed given the characteristics of the protection domain.
static Policy sample code for java.security.Policy definition code for java.security.Policy getPolicy sample code for java.security.Policy.getPolicy() definition code for java.security.Policy.getPolicy() ()
          Returns the installed Policy object.
 boolean implies sample code for java.security.Policy.implies(java.security.ProtectionDomain, java.security.Permission) definition code for java.security.Policy.implies(java.security.ProtectionDomain, java.security.Permission) (ProtectionDomain sample code for java.security.ProtectionDomain definition code for java.security.ProtectionDomain  domain, Permission sample code for java.security.Permission definition code for java.security.Permission  permission)
          Evaluates the global policy for the permissions granted to the ProtectionDomain and tests whether the permission is granted.
abstract  void refresh sample code for java.security.Policy.refresh() definition code for java.security.Policy.refresh() ()
          Refreshes/reloads the policy configuration.
static void setPolicy sample code for java.security.Policy.setPolicy(java.security.Policy) definition code for java.security.Policy.setPolicy(java.security.Policy) (Policy sample code for java.security.Policy definition code for java.security.Policy  p)
          Sets the system-wide Policy object.
 
Methods inherited from class java.lang.Object sample code for java.lang.Object definition code for java.lang.Object
clone sample code for java.lang.Object.clone() definition code for java.lang.Object.clone() , equals sample code for java.lang.Object.equals(java.lang.Object) definition code for java.lang.Object.equals(java.lang.Object) , finalize sample code for java.lang.Object.finalize() definition code for java.lang.Object.finalize() , getClass sample code for java.lang.Object.getClass() definition code for java.lang.Object.getClass() , hashCode sample code for java.lang.Object.hashCode() definition code for java.lang.Object.hashCode() , notify sample code for java.lang.Object.notify() definition code for java.lang.Object.notify() , notifyAll sample code for java.lang.Object.notifyAll() definition code for java.lang.Object.notifyAll() , toString sample code for java.lang.Object.toString() definition code for java.lang.Object.toString() , wait sample code for java.lang.Object.wait() definition code for java.lang.Object.wait() , wait sample code for java.lang.Object.wait(long) definition code for java.lang.Object.wait(long) , wait sample code for java.lang.Object.wait(long, int) definition code for java.lang.Object.wait(long, int)
 

Constructor Detail

Policy sample code for java.security.Policy() definition code for java.security.Policy()

public Policy()
Method Detail

getPolicy sample code for java.security.Policy.getPolicy() definition code for java.security.Policy.getPolicy()

public static Policy sample code for java.security.Policy definition code for java.security.Policy  getPolicy()
Returns the installed Policy object. This value should not be cached, as it may be changed by a call to setPolicy. This method first calls SecurityManager.checkPermission with a SecurityPermission("getPolicy") permission to ensure it's ok to get the Policy object..

Returns:
the installed Policy.
Throws:
SecurityException sample code for java.lang.SecurityException definition code for java.lang.SecurityException - if a security manager exists and its checkPermission method doesn't allow getting the Policy object.
See Also:
SecurityManager.checkPermission(Permission) sample code for java.lang.SecurityManager.checkPermission(java.security.Permission) definition code for java.lang.SecurityManager.checkPermission(java.security.Permission) , setPolicy(java.security.Policy) sample code for java.security.Policy.setPolicy(java.security.Policy) definition code for java.security.Policy.setPolicy(java.security.Policy)

setPolicy sample code for java.security.Policy.setPolicy(java.security.Policy) definition code for java.security.Policy.setPolicy(java.security.Policy)

public static void setPolicy(Policy sample code for java.security.Policy definition code for java.security.Policy  p)
Sets the system-wide Policy object. This method first calls SecurityManager.checkPermission with a SecurityPermission("setPolicy") permission to ensure it's ok to set the Policy.

Parameters:
p - the new system Policy object.
Throws:
SecurityException sample code for java.lang.SecurityException definition code for java.lang.SecurityException - if a security manager exists and its checkPermission method doesn't allow setting the Policy.
See Also:
SecurityManager.checkPermission(Permission) sample code for java.lang.SecurityManager.checkPermission(java.security.Permission) definition code for java.lang.SecurityManager.checkPermission(java.security.Permission) , getPolicy() sample code for java.security.Policy.getPolicy() definition code for java.security.Policy.getPolicy()

getPermissions sample code for java.security.Policy.getPermissions(java.security.CodeSource) definition code for java.security.Policy.getPermissions(java.security.CodeSource)

public abstract PermissionCollection sample code for java.security.PermissionCollection definition code for java.security.PermissionCollection  getPermissions(CodeSource sample code for java.security.CodeSource definition code for java.security.CodeSource  codesource)
Evaluates the global policy and returns a PermissionCollection object specifying the set of permissions allowed for code from the specified code source.

Parameters:
codesource - the CodeSource associated with the caller. This encapsulates the original location of the code (where the code came from) and the public key(s) of its signer.
Returns:
the set of permissions allowed for code from codesource according to the policy.The returned set of permissions must be a new mutable instance and it must support heterogeneous Permission types.

getPermissions sample code for java.security.Policy.getPermissions(java.security.ProtectionDomain) definition code for java.security.Policy.getPermissions(java.security.ProtectionDomain)

public PermissionCollection sample code for java.security.PermissionCollection definition code for java.security.PermissionCollection  getPermissions(ProtectionDomain sample code for java.security.ProtectionDomain definition code for java.security.ProtectionDomain  domain)
Evaluates the global policy and returns a PermissionCollection object specifying the set of permissions allowed given the characteristics of the protection domain.

Parameters:
domain - the ProtectionDomain associated with the caller.
Returns:
the set of permissions allowed for the domain according to the policy.The returned set of permissions must be a new mutable instance and it must support heterogeneous Permission types.
Since:
1.4
See Also:
ProtectionDomain sample code for java.security.ProtectionDomain definition code for java.security.ProtectionDomain , SecureClassLoader sample code for java.security.SecureClassLoader definition code for java.security.SecureClassLoader

implies sample code for java.security.Policy.implies(java.security.ProtectionDomain, java.security.Permission) definition code for java.security.Policy.implies(java.security.ProtectionDomain, java.security.Permission)

public boolean implies(ProtectionDomain sample code for java.security.ProtectionDomain definition code for java.security.ProtectionDomain  domain,
                       Permission sample code for java.security.Permission definition code for java.security.Permission  permission)
Evaluates the global policy for the permissions granted to the ProtectionDomain and tests whether the permission is granted.

Parameters:
domain - the ProtectionDomain to test
permission - the Permission object to be tested for implication.
Returns:
true if "permission" is a proper subset of a permission granted to this ProtectionDomain.
Since:
1.4
See Also:
ProtectionDomain sample code for java.security.ProtectionDomain definition code for java.security.ProtectionDomain

refresh sample code for java.security.Policy.refresh() definition code for java.security.Policy.refresh()

public abstract void refresh()
Refreshes/reloads the policy configuration. The behavior of this method depends on the implementation. For example, calling refresh on a file-based policy will cause the file to be re-read.