java.lang.SecurityManager
SecurityManager is the abstract superclass of the classes which can provide
security verification for a running program.
Summary
Fields
Public Constructors
Public Methods
Protected Methods
clone,
equals,
finalize,
getClass,
hashCode,
notify,
notifyAll,
toString,
wait,
wait,
wait
Details
Fields
protected
boolean
inCheck
Public Constructors
public
SecurityManager()
Constructs a new instance of this class.
Public Methods
public
void
checkAccept(String host, int port)
Checks whether the running program is allowed to accept socket
connections.
Parameters
host
| the address of the host which is attempting to connect |
port
| the port number to check
|
public
void
checkAccess(ThreadGroup group)
Checks whether the running program is allowed to modify the thread group.
Parameters
group
| the thread group we are attempting to modify
|
public
void
checkAccess(Thread thread)
Checks whether the running program is allowed to modify the thread.
Parameters
thread
| the thread we are attempting to modify
|
public
void
checkAwtEventQueueAccess()
Checks whether the running program is allowed to access the AWT Event
queue. Since we don't support AWT, the answer is no.
public
void
checkConnect(String host, int port, Object context)
Checks whether the given security context is allowed to establish socket
connections. A -1 port indicates the caller is trying to resolve the
hostname.
Parameters
host
| String the address of the host to connect to. |
port
| int the port number to check, or -1 for resolve. |
context
| Object the security context to use for the check.
|
public
void
checkConnect(String host, int port)
Checks whether the running program is allowed to establish socket
connections. A -1 port indicates the caller is trying to resolve the
hostname.
Parameters
host
| String the address of the host to connect to. |
port
| int the port number to check, or -1 for resolve.
|
public
void
checkCreateClassLoader()
Checks whether the running program is allowed to create a class loader.
public
void
checkDelete(String file)
Checks whether the running program is allowed to delete the file named by
the argument, which should be passed in canonical form.
Parameters
file
| the name of the file to check |
public
void
checkExec(String cmd)
Checks whether the running program is allowed to execute the specified
platform specific command.
public
void
checkExit(int status)
Checks whether the running program is allowed to terminate itself.
Parameters
status
| the status to return from the exit.
|
public
void
checkLink(String libName)
Checks whether the running program is allowed to load the specified
native library.
Parameters
libName
| the name of the library to load
|
public
void
checkListen(int port)
Checks whether the running program is allowed to listen on the specified
port.
Parameters
port
| int the port number to check
|
public
void
checkMemberAccess(Class<?> cls, int type)
Checks whether the running program is allowed to access members. The
default is to allow access to public members (i.e.
java.lang.reflect.PUBLIC) and to classes loaded by the same loader as the
original caller (i.e. the method that called the reflect API).
Due to the nature of the check, overriding implementations cannot call
super.checkMemberAccess() since the stack would no longer be of the
expected shape.
Parameters
cls
| ? |
type
| Either java.lang.reflect.Member.PUBLIC or DECLARED
|
public
void
checkMulticast(InetAddress maddr)
Checks whether the running program is allowed to join, leave or send to a
multicast address.
public
void
checkMulticast(InetAddress maddr, byte ttl)
public
void
checkPackageAccess(String packageName)
Checks whether the running program is allowed to access the specified
package.
Parameters
packageName
| the name of the package to be accessed.
|
public
void
checkPackageDefinition(String packageName)
Checks whether the running program is allowed to define new classes in
the specified package.
Parameters
packageName
| the name of the package to add a class to.
|
public
void
checkPermission(Permission permission)
Checks whether the running program is allowed to access the resource
being guarded by the given Permission argument.
Parameters
permission
| the permission to check
|
public
void
checkPermission(Permission permission, Object context)
Checks whether the running program is allowed to access the resource
being guarded by the given Permission argument.
Parameters
permission
| the permission to check
|
public
void
checkPrintJobAccess()
Checks whether the running program is allowed to start a new print job.
public
void
checkPropertiesAccess()
Checks whether the running program is allowed to access the system
properties.
public
void
checkPropertyAccess(String key)
Checks whether the running program is allowed to access a particular
system property.
Parameters
key
| the name of the property to be accessed.
|
Checks whether the running program is allowed to read from the file whose
descriptor is the argument.
Parameters
fd
| the file descriptor of the file to check
|
public
void
checkRead(String file, Object context)
Checks whether the given security context is allowed to read from the
file named by the argument, which should be passed in canonical form.
Parameters
file
| String the name of the file or directory to check. |
context
| Object the security context to use for the check.
|
public
void
checkRead(String file)
Checks whether the running program is allowed to read from the file named
by the argument, which should be passed in canonical form.
Parameters
file
| String the name of the file or directory to check.
|
public
void
checkSecurityAccess(String target)
Checks whether the running program is allowed to perform the security
operation named by the target.
Parameters
target
| String the name of the operation to perform.
|
public
void
checkSetFactory()
Checks whether the running program is allowed to set the net object
factories.
public
void
checkSystemClipboardAccess()
Checks whether the running program is allowed to access the system
clipboard.
public
boolean
checkTopLevelWindow(Object window)
Checks whether the running program is allowed to create a top level
window.
Parameters
window
| The non-null window for which to check access
|
public
void
checkWrite(String file)
Checks whether the running program is allowed to write to the file named
by the argument, which should be passed in canonical form.
Parameters
file
| the name of the file to check
|
Checks whether the running program is allowed to read from the file whose
descriptor is the argument.
Parameters
fd
| the file descriptor of the file to check
|
public
boolean
getInCheck()
This method is deprecated.
Use checkPermission(Permission)
Returns true if the security manager is currently checking something.
Returns
- boolean true if we are are in a security check method.
public
Object
getSecurityContext()
Returns an object which encapsulates the security state of the current
point in the execution. In our case, this is an AccessControlContext.
public
ThreadGroup
getThreadGroup()
Returns the thread group which should be used to instantiate new threads.
By default, this is the same as the thread group of the thread running
this method.
Returns
- ThreadGroup The thread group to create new threads in.
Protected Methods
protected
int
classDepth(String name)
This method is deprecated.
Use checkPermission(Permission)
Returns the index in the stack of the first method which is contained in
a class called
name
. If no methods from this class are in
the stack, return -1.
Parameters
name
| String the name of the class to look for. |
Returns
- int the depth in the stack of a the first method found.
protected
int
classLoaderDepth()
This method is deprecated.
Use checkPermission(Permission)
Returns the index in the stack of three first class whose class loader is
not a system class loader.
Returns
- int the frame index of the first method whose class was loaded by
a non-system class loader.
protected
ClassLoader
currentClassLoader()
This method is deprecated.
Use checkPermission(Permission)
Returns the class loader of the first class in the stack whose class
loader is not a system class loader.
Returns
- ClassLoader the most recent non-system class loader.
protected
Class<?>
currentLoadedClass()
This method is deprecated.
Use checkPermission(Permission)
Returns the first class in the stack which was loaded by a class loader
which is not a system class loader.
Returns
- Class the most recent class loaded by a non-system class loader.
protected
Class[]
getClassContext()
Returns an array containing one entry for each method in the stack. Each
entry is the java.lang.Class which represents the class in which the
method is defined.
Returns
- Class[] all of the classes in the stack.
protected
boolean
inClass(String name)
This method is deprecated.
Use checkPermission(Permission)
Returns true if there is a method on the stack from the specified class,
and false otherwise.
Parameters
name
| String the name of the class to look for. |
Returns
- boolean true if we are running a method from the specified class.
protected
boolean
inClassLoader()
This method is deprecated.
Use checkPermission(Permission)
Returns true if there is a method on the stack from a class which was
defined by a non-system classloader.