The Security Manager

The security manager component of the core Java security architecture is responsible for determining whether certain requests to access particular valued resources are to be allowed. It is up to the security manager to determine which operations are allowed or rejected. In Java 2, some of the work for checking the permissions and comparing with the resources are offloaded to the access controller. The security manager will not be used unless it is explicitly defined. The application will be used when specifying the -Djava.security.manager option when running the application.

The security manager provides the mechanism to validate if the class has access to a system resource. If access is denied , a java.lang.SecurityException is thrown. If access is permitted, the call proceeds as normal. Each Java virtual machine process instance allows only one security manager to be installed at a given time. If a security manager is installed, access is required for resources loading up into the class. An example is the source code for initializing a FileInputStream . The source from Java for the FileInputStream can be displayed as shown in Listing 18-1.

Listing 18-1: The FileInputStream

 public FileInputStream(String name) throws   FileNotFoundException {  SecurityManager security = System.getSecurityManager();  if (security != null) {      security.checkRead(name);  }  fd = new FileDescriptor();  open(name); } 

 

The security.checkRead(name) method, in turn , calls the java.security.AccessController.checkPermission(perm) passing in a runtime permission for reading the file descriptor. There are many methods in the security manager commonly starting with check and the operation to validate, such as the checkConnect ( ) method, and they call the AccessController class in a similar manner. The reason that the AccessController is not called directly is because it is used for backward capability with Java 1.1.

The SecurityManager becomes a wrapper around the AccessController . The AccessController works with several other classes to look up the permission set from a grant entry in a policy file. Each permission entry works only with operations specified for the particular Permission class. This is discussed in more detail in the following sections; however, the point is that actual checking of the permission and the control of the access is handed off to the AccessController from the SecurityManager .