The Security Class

The Security class manages installed providers and security-wide properties. It contains only static methods and is never instantiated. The methods for adding or removing providers, and for setting Security properties, can be executed only by a trusted program. Currently, a trusted program is either
  • A local application not running under a security manager, or
  • An applet or application with permission to execute the specified method (see tables).
To determine if code is considered trusted to perform an attempted action (such as adding a provider), the applet must be granted permission for that particular action.

For example, in the Policy reference implementation, the policy configuration files for a SDK installation specify what permissions (which types of system resource accesses) are allowed by code from specified code sources. (See tables and the Default Policy Implementation and Policy File Syntax and Java™ 2 Platform Security Architecture files for more information.)

Code being executed is always considered to come from a particular code source. The code source includes not only the location (URL) where the applet originated from, but also a reference to the public keys corresponding to the private keys that is used to sign the code. Public keys in a code source are referenced by (symbolic) alias names from the user's keystore .

In a policy configuration file, a code source is represented by two components: a code base (URL) and an alias name (preceded by signedBy), where the alias name identifies the keystore entry containing the public key that must be used to verify the code's signature.

Each grant statement in such a file grants to a specified code source a set of permissions, specifying which actions are allowed.

Here is a sample policy configuration file:

grant codeBase "file:/home/sysadmin/", signedBy "sysadmin" {
 permission java.security.SecurityPermission "insertProvider.*";
 permission java.security.SecurityPermission "removeProvider.*";
 permission java.security.SecurityPermission "putProviderProperty.*";
};

This configuration file specifies that only code loaded from a signed JAR file from the /home/sysadmin/ directory on the local file system can add or remove providers or set provider properties. (Note that the signature of the JAR file can be verified using the public key referenced by the alias name sysadmin in the user's keystore.)

Either component of the code source (or both) can be missing. Here's an example of a configuration file where codeBase is missing:

grant signedBy "sysadmin" {
 permission java.security.SecurityPermission "insertProvider.*";
 permission java.security.SecurityPermission "removeProvider.*";
};

If this policy is in effect, code that comes in a JAR File signed by sysadmin can add or remove providers--regardless of where the JAR File originated.

Here's an example without a signer:

grant codeBase "file:/home/sysadmin/" {
 permission java.security.SecurityPermission "insertProvider.*";
 permission java.security.SecurityPermission "removeProvider.*";
};

In this case, code that comes from anywhere within the /home/sysadmin/ directory on the local filesystem can add or remove providers. The code does not need to be signed.

An example where neither codeBase nor signedBy is included is:

grant {
 permission java.security.SecurityPermission "insertProvider.*";
 permission java.security.SecurityPermission "removeProvider.*";
};

Here, with both code source components missing, any code (regardless of where it originates, or whether or not it is signed, or who signed it) can add or remove providers.

Managing Providers

The following tables summarize the methods in the Security class that you can use to query which providers are installed, and to install or remove providers at run time.

Table 1. Querying Providers
Method Description
static Provider[] getProviders() Returns an array containing all the installed providers (technically, the Provider subclass for each package provider). The order of the Provider in the array is their preference order.
static Provider getProvider (String providerName) Returns the Provider named providerName. It returns null if the Provider is not found.
Table 2. Adding Providers
Method Description
static int addProvider(Provider provider) Adds a Provider to the end of the list of installed Providers. It returns the preference position in which the Provider was added, or -1 if the Provider was not added because it was already installed.
static int insertProviderAt (Provider provider, int position) Adds a new Provider at a specified position. If the given provider is installed at the requested position, the provider formerly at that position and all providers with a position greater than position are shifted up one position (towards the end of the list). This method returns the preference position in which the Provider was added, or -1 if the Provider was not added because it was already installed.
Table 3. Removing Providers
Method Description
static void removeProvider(String name) Removes the Provider with the specified name. It returns silently if the provider is not installed. When the specified provider is removed, all providers located at a position greater than where the specified provider was located are shifted down one position (towards the head of the list of installed providers).
Note: If you want to change the preference position of a provider, you must first remove it, and then insert it back in at the new preference position.
Security Properties
The Security class maintains a list of system-wide security properties. These properties are accessible and ca be set by a trusted program using the following methods: 
static String getProperty(String key)
static void setProperty(String key, String datum)