| Wiki Markup |
|---|
According to the Java API \[[API 2006|AA. Bibliography#APIReferences#API 06]\], class {{SecurityManager}} documentation |
...
| Wiki Markup |
|---|
Regarding the implementation and use of custom security managers, as opposed to default ones, the Java Security Architecture Specification \[[SecuritySpec 2008|AA. Bibliography#SecuritySpecReferences#SecuritySpec 08]\] states |
We encourage the use of
AccessControllerin application code, while customization of a security manager (via subclassing) should be the last resort and should be done with extreme care. Moreover, a customized security manager, such as one that always checks the time of the day before invoking standard security checks, could and should utilize the algorithm provided byAccessControllerwhenever appropriate.
...
| Wiki Markup |
|---|
Note that the policy file specified in the argument is ignored when the {{policy.allowSystemProperty}} property in the security properties file ({{java.security}}) is set to {{false}}; the default value of this property is {{true}}. The document "Default Policy Implementation and Policy File Syntax" \[[Policy 2002|AA. Bibliography#PolicyReferences#Policy 02]\] discusses in depth the issues of and syntax for writing policy files. |
...
| Wiki Markup |
|---|
\[[API 2006|AA. Bibliography#APIReferences#API 06]\] [Class SecurityManager|http://java.sun.com/javase/6/docs/api/java/lang/SecurityManager.html], Class AccessControlContext, Class AccessController \[[Gong 2003|AA. Bibliography#GongReferences#Gong 03]\] Section 6.1, Security Manager \[[Pistoia 2004|AA. Bibliography#PistoiaReferences#Pistoia 04]\] Section 7.4, The Security Manager \[[Policy 2002|AA. Bibliography#PolicyReferences#Policy 02]\]\[[SecuritySpec 2008|AA. Bibliography#SecuritySpecReferences#SecuritySpec 08]\] 6.2 SecurityManager versus AccessController |
...