This class represents the source of a Java class, as defined by the URL from which the class was loaded and the set of digital signatures attached to the class. A CodeSource object is created by specifying a java.net.URL and an array of java.security.cert.Certificate objects. In Java 5.0, the class has been generalized to accept an array of CodeSigner objects instead of Certificate objects. Only applications that create custom ClassLoader objects should ever need to use or subclass this class. When a CodeSource represents a specific piece of Java code, it includes a fully qualified URL and the actual set of certificates used to sign the code. When a CodeSource object defines a ProtectionDomain , however, the URL may include wildcards, and the array of certificates is a minimum required set of signatures. The implies( ) method of such a CodeSource tests whether a particular Java class comes from a matching URL and has the required set of signatures. Figure 14-6. java.security.CodeSourcepublic class CodeSource implements Serializable { // Public Constructors 5.0 public CodeSource (java.net.URL url , CodeSigner[ ] signers ); public CodeSource (java.net.URL url , java.security.cert. Certificate[ ] certs ); // Public Instance Methods public final java.security.cert.Certificate[ ] getCertificates ( ); 5.0 public final CodeSigner[ ] getCodeSigners ( ); public final java.net.URL getLocation ( ); public boolean implies (CodeSource codesource ); // Public Methods Overriding Object public boolean equals (Object obj ); public int hashCode ( ); public String toString ( ); } Passed Tojava.net.URLClassLoader.getPermissions( ) , java.security.Policy.getPermissions( ) , ProtectionDomain.ProtectionDomain( ) , SecureClassLoader.{defineClass( ) , getPermissions( )} , javax.security.auth.Policy.getPermissions( ) Returned ByProtectionDomain.getCodeSource( ) |