The static methods of this class implement the default access-control mechanism as of Java 1.2. checkPermission( ) traverses the call stack of the current thread and checks whether all classes in the call stack have the requested permission. If so, checkPermission( ) returns, and the operation can proceed. If not, checkPermission( ) tHRows an AccessControlException . As of Java 1.2, the checkPermission( ) method of the default java.lang.SecurityManager calls AccessController.checkPermission( ) . System-level code that needs to perform an access check should invoke the SecurityManager method rather than calling the AccessController method directly. Unless you are writing system-level code that must control access to system resources, you never need to use this class or the SecurityManager.checkPermission( ) method. The various doPrivileged( ) methods run blocks of privileged code encapsulated in a PrivilegedAction or PrivilegedExceptionAction object. When checkPermission( ) is traversing the call stack of a thread, it stops if it reaches a privileged block that was executed with doPrivileged( ) . This means that privileged code can run with a full set of privileges, even if it was invoked by untrusted or lower-privileged code. See PrivilegedAction for more details. The getContext( ) method returns an AccessControlContext that represents the current security context of the caller. Such a context might be saved and passed to a future call (perhaps a call made from a different thread). Use the two-argument version of doPrivileged( ) to force permission checks to check the AccessControlContext as well. public final class AccessController { // No Constructor // Public Class Methods public static void checkPermission (Permission perm ) throws AccessControlException; public static <T> T doPrivileged (PrivilegedExceptionAction<T> action ) throws PrivilegedActionException; naopdtive public static <T> T doPrivileged (PrivilegedAction<T> action ); native public static <T> T doPrivileged (PrivilegedExceptionAction<T> action , AccessControlContext context ) throws PrivilegedActionException; native public static <T> T doPrivileged (PrivilegedAction<T> action , AccessControlContext context ); native public static AccessControlContext getContext ( ); } |