This course covers the details of code security explaining how the SecurityManager and the AccessController work together to grant permissions to code in the current call stack. We cover how to grant permissions based on policy and how to create your own permissions and also cover how to limit the stack walk so that privileged code can run.
Java security is built around the idea of permissions and policy. Code is granted permissions based on the currently in-force policy. In this course, we look at how the security manager and access controller work hand-in-hand to provide this security. The course covers how to set a security manager and how to set up and edit a policy file to grant the levels of permissions that code needs. Permissions are typically based on where code is loaded from but we also look at how to sign code, so that permissions can be based on who created a library. The course also looks at how the AccessController walk the call stack to check that a permission can be granted. While the JRE comes with a set of permissions, these are not always enough so the class covers creating and using your own permissions. Finally we cover the idea of 'privileged scope' which allows code to be granted some permission even when code around them should cause the grant to fail.
Course Overview Hi, everyone. My name is Kevin Jones, and welcome to my course, Understanding the Java virtual Machine: Security. I am a developer and owner at Rock Solid Knowledge, a software development company based in the United Kingdom. One of the original selling points of Java was its code security model and how it allows you to load code from anywhere but limit what that code could do. You can base the security on the location the code was loaded from or on who created the JAR that you are loading. Some of the major topics we'll cover in this course include understanding how the Java SecurityManager and AccessController work together to secure your code, examining how and why the stack is walked when security decisions are made, see the classes involved in code security, and learning how to limit the stack walk if necessary to always allow certain code to run. By the end of this course, you'll understand how Java can limit your code's privileges based on security information. Before beginning the course, you should be familiar with the Java language. I hope you'll join me on this journey to understand code security with the Understanding the Java Virtual Machine Security course, at Pluralsight.
Introduction [Autogenerated] Hi, everyone. My name is Kevin Jones. Welcome to my course. Understanding the Java virtual machine Security. I am a developer and owner of Rock Solid Knowledge, a software development company based in the United Kingdom. One of the original selling point of Java was its code security model and how it allows you to load code from anywhere that limit what that code could do. You can base the security on the location the code was loaded from on who created the jar that you are loading. Some of the major topics we're covering this course include understanding how the job security manager on access controller work together. Secure your code, examining how and why this stock is walked when security decisions are made. See the class is involved in co security on learning how to limit this stock walk if necessary, to always allow certain co two run By the end of this course, you'll understand. Java can limit your codes privileges based on security information before beginning the course. You should be familiar with the Java language. I hope you'll join me on this journey to understand code security with the understanding that Java virtual machine security course plural site