Course info
Jul 18, 2015
1h 21m

Java security is built around the idea of permissions and policy. Code is granted permissions based on the currently in-force policy. In this course, we look at how the security manager and access controller work hand-in-hand to provide this security. The course covers how to set a security manager and how to set up and edit a policy file to grant the levels of permissions that code needs. Permissions are typically based on where code is loaded from but we also look at how to sign code, so that permissions can be based on who created a library. The course also looks at how the AccessController walk the call stack to check that a permission can be granted. While the JRE comes with a set of permissions, these are not always enough so the class covers creating and using your own permissions. Finally we cover the idea of 'privileged scope' which allows code to be granted some permission even when code around them should cause the grant to fail.

About the author
About the author

Kevin has spent way too many years in the software industry. Starting on PL/1 on IBM mainframes then graduating through dBase IV to Windows and eventually onto Java, .Net and now JavaScript where he finally thinks he has found a home until the next new shiny comes along.

More from the author
Java Web Fundamentals
3h 22m
Jun 5, 2019
Building Web Applications in Kotlin Using Ktor
2h 13m
May 31, 2019
Kotlin: Using Coroutines
3h 50m
Aug 10, 2018
More courses by Kevin Jones