public abstract class

Policy

extends Object
java.lang.Object
   ↳ java.security.Policy

Class Overview

Policy is the common super type of classes which represent a system security policy. The Policy specifies which permissions apply to which code sources.

The system policy can be changed by setting the 'policy.provider' property in the file named JAVA_HOME/lib/security/java.security to the fully qualified class name of the desired Policy.

Only one instance of a Policy is active at any time.

Summary

Nested Classes
interface Policy.Parameters A marker interface for Policy parameters. 
Fields
public static final PermissionCollection UNSUPPORTED_EMPTY_COLLECTION A read-only empty PermissionCollection instance.
Public Constructors
Policy()
Public Methods
static Policy getInstance(String type, Policy.Parameters params)
Answers a Policy object with the specified type and the specified parameter.
static Policy getInstance(String type, Policy.Parameters params, String provider)
Answers a Policy object of the specified type.
static Policy getInstance(String type, Policy.Parameters params, Provider provider)
Answers a Policy object of the specified type.
Policy.Parameters getParameters()
Answers Policy parameters.
PermissionCollection getPermissions(CodeSource cs)
Returns a PermissionCollection describing what permissions are allowed for the specified CodeSource based on the current security policy.
PermissionCollection getPermissions(ProtectionDomain domain)
Returns a PermissionCollection describing what permissions are allowed for the specified ProtectionDomain (more specifically, its CodeSource) based on the current security policy.
static Policy getPolicy()
Returns the current system security policy.
Provider getProvider()
Answers the Provider of this Policy.
String getType()
Answers the type of this Policy.
boolean implies(ProtectionDomain domain, Permission permission)
Indicates whether the specified Permission is implied by the PermissionCollection of the specified ProtectionDomain.
void refresh()
Reloads the policy configuration for this Policy instance.
static void setPolicy(Policy policy)
Sets the system wide policy.
[Expand]
Inherited Methods
From class java.lang.Object

Fields

public static final PermissionCollection UNSUPPORTED_EMPTY_COLLECTION

Since: API Level 9

A read-only empty PermissionCollection instance.

Public Constructors

public Policy ()

Since: API Level 1

Public Methods

public static Policy getInstance (String type, Policy.Parameters params)

Since: API Level 9

Answers a Policy object with the specified type and the specified parameter. Traverses the list of registered security providers, beginning with the most preferred Provider. A new Policy object encapsulating the PolicySpi implementation from the first Provider that supports the specified type is returned. Note that the list of registered providers may be retrieved via the Security.getProviders() method.

Parameters
type the specified Policy type. See Appendix A in the Java Cryptography Architecture API Specification & Reference for a list of standard Policy types.
params parameters for the Policy, which may be null.
Returns
  • the new Policy object.
Throws
NoSuchAlgorithmException if no Provider supports a PolicySpi implementation for the specified type.
SecurityException if the caller does not have permission to get a Policy instance for the specified type.
NullPointerException if the specified type is null.
IllegalArgumentException if the specified parameters' type are not allowed by the PolicySpi implementation from the selected Provider.

public static Policy getInstance (String type, Policy.Parameters params, String provider)

Since: API Level 9

Answers a Policy object of the specified type. A new Policy object encapsulating the PolicySpi implementation from the specified provider is returned. The specified provider must be registered in the provider list via the Security.getProviders() method, otherwise NoSuchProviderException will be thrown.

Parameters
type the specified Policy type. So far in Java 6, only 'JavaPolicy' supported.
params the Policy.Parameter object, which may be null.
provider the provider.
Returns
  • the new Policy object.
Throws
NoSuchProviderException if the specified provider is not registered in the security provider list.
NoSuchAlgorithmException if the specified provider does not support a PolicySpi implementation for the specified type.
SecurityException if the caller does not have permission to get a Policy instance for the specified type.
NullPointerException if the specified type is null.
IllegalArgumentException if the specified Provider is null, or if the specified parameters' type are not allowed by the PolicySpi implementation from the specified Provider.

public static Policy getInstance (String type, Policy.Parameters params, Provider provider)

Since: API Level 9

Answers a Policy object of the specified type. A new Policy object encapsulating the PolicySpi implementation from the specified Provider object is returned. Note that the specified Provider object does not have to be registered in the provider list.

Parameters
type the specified Policy type. So far in Java 6, only 'JavaPolicy' supported.
params the Policy.Parameter object, which may be null.
provider the Policy service Provider.
Returns
  • the new Policy object.
Throws
NoSuchAlgorithmException if the specified Provider does not support a PolicySpi implementation for the specified type.
IllegalArgumentException if the specified Provider is null, or if the specified parameters' type are not allowed by the PolicySpi implementation from the specified Provider.
NullPointerException if the specified type is null.
SecurityException if the caller does not have permission to get a Policy instance for the specified type.

public Policy.Parameters getParameters ()

Since: API Level 9

Answers Policy parameters. This method will only answer non-null parameters if it was obtained via a call to Policy.getInstance. Otherwise this method returns null.

Returns
  • Policy parameters, or null.

public PermissionCollection getPermissions (CodeSource cs)

Since: API Level 1

Returns a PermissionCollection describing what permissions are allowed for the specified CodeSource based on the current security policy.

Note that this method is not called for classes which are in the system domain (i.e. system classes). System classes are always given full permissions (i.e. AllPermission). This can not be changed by installing a new policy.

Parameters
cs the CodeSource to compute the permissions for.
Returns
  • the permissions that are granted to the specified CodeSource.

public PermissionCollection getPermissions (ProtectionDomain domain)

Since: API Level 1

Returns a PermissionCollection describing what permissions are allowed for the specified ProtectionDomain (more specifically, its CodeSource) based on the current security policy.

Note that this method is not< called for classes which are in the system domain (i.e. system classes). System classes are always given full permissions (i.e. AllPermission). This can not be changed by installing a new policy.

Parameters
domain the ProtectionDomain to compute the permissions for.
Returns
  • the permissions that are granted to the specified CodeSource.

public static Policy getPolicy ()

Since: API Level 1

Returns the current system security policy. If no policy has been instantiated then this is done using the security property "policy.provider".

If a SecurityManager is installed, code calling this method needs the SecurityPermission getPolicy to be granted, otherwise a SecurityException will be thrown.

Returns
  • the current system security policy.
Throws
SecurityException if a SecurityManager is installed and the caller does not have permission to invoke this method.

public Provider getProvider ()

Since: API Level 9

Answers the Provider of this Policy. This method will only answer non-null Provider if it was obtained via a call to Policy.getInstance. Otherwise this method returns null.

Returns
  • the Provider of this Policy, or null.

public String getType ()

Since: API Level 9

Answers the type of this Policy. This method will only answer non-null type if it was obtained via a call to Policy.getInstance. Otherwise this method returns null.

Returns
  • the type of this Policy, or null.

public boolean implies (ProtectionDomain domain, Permission permission)

Since: API Level 1

Indicates whether the specified Permission is implied by the PermissionCollection of the specified ProtectionDomain.

Parameters
domain the ProtectionDomain for which the permission should be granted.
permission the Permission for which authorization is to be verified.
Returns
  • true if the Permission is implied by the ProtectionDomain, false otherwise.

public void refresh ()

Since: API Level 1

Reloads the policy configuration for this Policy instance.

public static void setPolicy (Policy policy)

Since: API Level 1

Sets the system wide policy.

If a SecurityManager is installed, code calling this method needs the SecurityPermission setPolicy to be granted, otherwise a SecurityException will be thrown.

Parameters
policy the Policy to set.
Throws
SecurityException if a SecurityManager is installed and the caller does not have permission to invoke this method.