CONTENTS | PREV | NEXT | Java Security Architecture |
Various drafts on Java 2 Security Architecture, under different disguises, existed since August of 1996.Java 2 Platform Security Architecture Specification v0.1 was drafted on March 12, 1997.
Revision 0.2 on March 27, 1997
Revision 0.3 on March 31, 1997
Revision 0.4 on June 3, 1997. Reflected changes in design and implementation based on comments and feedbacks of revision 0.3. Introduced SignedObject.
Revision 0.5 on July 10, 1997. Major reorganization. It now includes a detailed syntax and semantics for policy and permissions. The class java.lang.SecurityManager is changed from abstract to concrete, with a default implementation.
Revision 0.6 on September 3, 1997. Reorganized sections under clearer headings. Syntactical changes to policy file format, including adding an optional signer field to each permission entry. Introduced GuardedObject class and Guard interface. The Permission class is now Serializable and implements the Guard interface. Added a new AccessControlContext class that helps cross-thread access control decision making. Gave descriptions of keytool, policytool, and jarsigner. Revised Acknowledgements.
Revision 0.7 on October 1, 1997. Added description of a feature that automatically makes a new thread, at its creation time, inherit the parent thread's security context so that access control checking in the new child thread considers both the first current context and also the inherited context.
Revision 0.8 on March 9, 1998. The previously package private class java.security.ProtectionDomain is now made public, and suitable
get
,set
, anddefine
methods to use this class are added in java.lang.Class and java.security.SecureClassLoader. The class java.security.SignedObject is now immutable. Introduced a new class java.security.UnresolvedPermission. Added new methodSecurityManager.checkPermission
that, by default, invokesAccessController.checkPermission
. Syntax change for FilePermission in the case of "*", "-", and introduced "<<ALL FILES>>". Other minor additions and changes, including two new options for jarsigner. Revised Acknowledgements.Revision 0.9 on June 10, 1998. Some permission names have been modified to make permission naming clearer and more consistent. Added sections for Permission classes not previously documented herein. The
evaluate
method in Policy has been renamedgetPermissions
.Class.setProtectionDomain
no longer exists. Corrected "file:" URL examples. The "-usepolicy" command-line argument for the "java" command has been replaced by "-Djava.security.manager" and "-Djava.security.policy". Updated command lists for the keytool and jarsigner tools. The AccessControllerbeginPrivileged
andendPrivileged
methods have been replaced by thedoPrivileged
method.Revision 1.0 on October 2, 1998. Updated description of the class loading mechanism with a new chapter. Rearranged some chapters and sections.
Revision 1.1 (the current version) on December 20, 2000. Updated the document to reflect the new Policy and ProtectionDomain updates to support dynamic policies. Also added updates for the integration of the Java Authentication and Authorization Service (JAAS) into the core SDK. New policy syntax was described and examples were added.