|
|
Optimize with a SATA RAID Storage Solution
Range of capacities as low as $1250 per TB. Ideal if you currently rely on servers/disks/JBODs
Page 4 of 4
Associated with every instance of the GuardedObject class is a Guard instance. The Guard interface has only one method, the checkGuard() method. checkGuard() should make the appropriate check and throw a SecurityException if access to the guarded object is not allowed.
In creating the GuardedObject instance, I used an instance of the FilePermission class as the guard. The FilePermission class, and all classes that subclass the Permission class, implement the Guard interface and are therefore suitable for use as guards. The code>Permission class implements the checkGuard() method as follows:
public
void
checkGuard(Object object)
throws SecurityException
{
SecurityManager securitymanager = System.getSecurityManager();
if (securitymanager != null)
{
securitymanager.checkPermission(this);
}
}
That is the same logic used to implement normal security checks in the Java class libraries.
When reflecting on the use of the AccessControlContext and the GuardedObject classes, it's important to consider the benefits they ring to the table. Superficially, they allow you to solve a pair of
challenging programming tasks. Perhaps more importantly, they allow you to solve these tasks using tools that already exist
and that have already undergone public scrutiny and test. When building secure applications, this type of conservative strategy
is often the best bet.
Read more about Tools & Methods in JavaWorld's Tools & Methods section.
AccessControlConttext API documentation http://java.sun.com/j2se/1.3/docs/api/java/security/AccessControlContext.html
GuardedObject API documentationGuardedObject classAccessControlContext class