overriding security manager

shahzad bhatti (shahzad@hubble.eecs.uic.edu)
Wed, 18 Aug 1999 18:01:29 -0500

From: "shahzad bhatti" <shahzad@hubble.eecs.uic.edu>
To: <java-security@java.sun.com>
Subject: overriding security manager
Date: Wed, 18 Aug 1999 18:01:29 -0500

------=_NextPart_000_017B_01BEE9A3.B27362C0
Content-Type: text/plain; charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable
X-Sun-Content-Length: 959

I read =
http://java.sun.com/products/jdk/1.2/docs/guide/security/smPortGuide.html=

and it shows how to override security manager. In the code, the derived =
method
invokes parent's method if security check fails.=20
I also found another guide from sun at =
http://developer.java.sun.com/developer/onlineTraining/Programming/JDCBoo=
k/signed2.html
that shows that the derived method does following
if security check fails
call parent's method
throw security exception
otherwise
build permission and call checkPermission

I am not sure which way is correct.=20
Another question I have is that in my application, I have two types of =
security checks,
hard-coded that cannot be configured and configureable from policy =
files. So if hardcoded
check fails I always want to throw security exception however if =
configurable check fails
then I can call parent's default method. Can you suggest a good =
procedure for such
checking.
Thanks.

------=_NextPart_000_017B_01BEE9A3.B27362C0
Content-Type: text/html; charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable
X-Sun-Content-Length: 2373

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN">

I read http://java.sun.com/products/jdk/1.2/docs/guide/security/smPort= Guide.html
and it shows how to override security = manager. In=20 the code, the derived method
invokes parent's method if security = check fails.=20
I also found another guide from sun at = http://developer.java.sun.com/developer/onlineTra= ining/Programming/JDCBook/signed2.html
that shows that the derived method does = following
  if security check = fails
     call parent's=20 method
     throw security = exception
  otherwise
     build = permission and call=20 checkPermission
 
I am not sure which way is correct. =
Another question I have is that in my = application,=20 I have two types of security checks,
hard-coded that cannot be configured = and=20 configureable from policy files. So if hardcoded
check fails I always want to throw = security=20 exception however if configurable check fails
then I can call parent's default = method. Can you=20 suggest a good procedure for such
checking.
Thanks.
 
 
------=_NextPart_000_017B_01BEE9A3.B27362C0--