File APIs for Java Developers
Manipulate DOC, XLS, PPT, PDF and many others from your application.
The moose likes Security and the fly likes What's Java API's Intention? Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login

Win a copy of REST with Spring (video course) this week in the Spring forum!
JavaRanch » Java Forums » Engineering » Security
Bookmark "What Watch "What New topic

What's Java API's Intention?

Robert Paris
Ranch Hand

Joined: Jul 28, 2002
Posts: 585
Originally, Java security was such that they (Sun's Java team) expected different implementations of SecurityManager (this is why it is not a final class). However, they seem to have overestimated people's love for security. As a result, they created the AccessController, their own implementation and a final class. Now most of what the SecurityManager does is simply call the AccessController.
The problem and shift in security here is that there is no longer ONE manager of security, or rather no FINAL voice on security access. People can and do call AccessController directly (which does not check with the security manager)! Imagine that someone calls the security manager (and it's our implementation called OurSecurityManager) and is rejected (because of its particular implementation RULES). So what do they do? They go to Daddy ( AccessController ) since Mommy said he couldn't do the action and since Daddy has different rules, he allows the action. Gulp. (Or you're using someone else's code and they have no security manager checks, just accesscontroller.checkpermission() - diff. rules!)
My problem is (as other people have discovered) that Java 2 Security implementation is currently inadequate for numerous situations. That is why I wish to create my own SecurityManager implementation. However, what do I do if they call the AccessController directly? Is there anything to intercept that? And why is this API so convoluted/dishonest (since it seems to state that SecurityManager controls access rules, but then puts in a final class that can do that WITHOUT consulting the security manager)?
In my opinion, there should be ONE manager of the whole application that handles permissions/rights, etc. Can anyone help me here? What should I do to correctly implement a real security manager that truly manages all access and will work in any JVM (with Java 2)?
[ February 11, 2003: Message edited by: Robert Paris ]
Cindy Glass
"The Hood"

Joined: Sep 29, 2000
Posts: 8521
Moving to the Security forum.

"JavaRanch, where the deer and the Certified play" - David O'Meara
I agree. Here's the link:
subject: What's Java API's Intention?
It's not a secret anymore!