On 16/06/2021 11:18 pm, David Lloyd wrote:
On Mon, Jun 14, 2021 at 6:47 PM Peter Firmstone
<peter.firmst...@zeus.net.au> wrote:
Permission references can be replaced with Guard references (which
Permissions are instances of).
I guess you've got something fairly complex in mind, could you give
some practical examples of how this would work?
The same service provider mechanism encryption uses. So implementation
may utilize authorization access check points without any dependencies
on current SecurityManager, Policy or Permission API's.
It's completely up to the implementation to determine how to manage.
The Permission implementations of Guard::check call SecurityManager, so
checks will continue working as expected, but it allows us to intercept
them and do something different.
What do you envision these checks looking like? Where would the JDK
find these Guard instances?
GuardFactory socketGuardFactory = GuardFactory.getInstance("SOCKET");
Guard localhostConnectAccept = socketGuardFactory.orders("localhost",
"connect,accept");
// Permission check
localHostConnectAccept.check();
GuardFactory runtimeGuardFactory = GuardFactory.getInstance("RUNTIME");
Guard createClassLoader =
runtimeGuardFactory.orders("createClassLoader", null);
// Permission check
createClassLoader.check();
--
Regards,
Peter Firmstone
0498 286 363
Zeus Project Services Pty Ltd.
