| 摘要 |
In a multi-user application environment with Java, both codesource access checking and verification of the user who is executing code are employed for access checking. An end user uses a Web browser to access a Web server. An execution thread is established for an end user. The HTTP page and function requested by the user cause the Web application server to invoke a Java Virtual Machine (JVM) which in turn invokes a requested Java servlet. When the Secure Class Loader loads a Java class into the JVM, the code base Uniform URL and the Digital Certificate that was used to sign the class are used by the Secure Class Loader to create the codesource Java object. The JVM includes a Java Security Manager (JSM) class that invokes classes that invoke an underlying system security manager. Conditional access checking includes the capability to control access to resources based on the user and on the Java servlet classes being executed. If the codesource indicated by a Conditional Access List matches the codesource specified in the profile, the system security manager will allow access. |
