AccessController | Java In A Nutshell, 5th Edition

AccessController

java.security

Java 1.2

The static methods of this class implement the default access-control mechanism as of Java 1.2. checkPermission( ) traverses the call stack of the current thread and checks whether all classes in the call stack have the requested permission. If so, checkPermission( ) returns, and the operation can proceed. If not, checkPermission( ) tHRows an AccessControlException . As of Java 1.2, the checkPermission( ) method of the default java.lang.SecurityManager calls AccessController.checkPermission( ) . System-level code that needs to perform an access check should invoke the SecurityManager method rather than calling the AccessController method directly. Unless you are writing system-level code that must control access to system resources, you never need to use this class or the SecurityManager.checkPermission( ) method.

The various doPrivileged( ) methods run blocks of privileged code encapsulated in a PrivilegedAction or PrivilegedExceptionAction object. When checkPermission( ) is traversing the call stack of a thread, it stops if it reaches a privileged block that was executed with doPrivileged( ) . This means that privileged code can run with a full set of privileges, even if it was invoked by untrusted or lower-privileged code. See PrivilegedAction for more details.

The getContext( ) method returns an AccessControlContext that represents the current security context of the caller. Such a context might be saved and passed to a future call (perhaps a call made from a different thread). Use the two-argument version of doPrivileged( ) to force permission checks to check the AccessControlContext as well.

 public final class  AccessController  {  // No Constructor   // Public Class Methods  public static void  checkPermission  (Permission  perm  )          throws AccessControlException;        public static <T> T  doPrivileged  (PrivilegedExceptionAction<T>  action  )          throws PrivilegedActionException;    naopdtive      public static <T> T  doPrivileged  (PrivilegedAction<T>  action  );  native  public static <T> T  doPrivileged  (PrivilegedExceptionAction<T>  action  ,          AccessControlContext  context  )          throws PrivilegedActionException;  native  public static <T> T  doPrivileged  (PrivilegedAction<T>  action  ,         AccessControlContext  context  );  native  public static AccessControlContext  getContext  ( );   }