About Me
Oracle Certified Professional Java SE 11 Developer
1 Java Fundamentals
1-1 Java Basics
1-1 1 Java Platform Overview
1-1 2 Java Development Environment
1-1 3 Java Program Structure
1-1 4 Java Virtual Machine (JVM)
1-1 5 Java Development Kit (JDK)
1-1 6 Java Runtime Environment (JRE)
1-2 Object-Oriented Programming (OOP) Concepts
1-2 1 Classes and Objects
1-2 2 Inheritance
1-2 3 Polymorphism
1-2 4 Encapsulation
1-2 5 Abstraction
1-2 6 Interfaces
1-2 7 Abstract Classes
1-3 Data Types and Variables
1-3 1 Primitive Data Types
1-3 2 Reference Data Types
1-3 3 Variable Declaration and Initialization
1-3 4 Type Conversion and Casting
1-3 5 Arrays
1-4 Control Flow
1-4 1 Conditional Statements (if, else, switch)
1-4 2 Looping Constructs (for, while, do-while)
1-4 3 Break and Continue Statements
1-4 4 Exception Handling
2 Java Collections Framework
2-1 Collections Overview
2-1 1 Collection Interfaces
2-1 2 Collection Classes
2-1 3 Collection Algorithms
2-2 Lists
2-2 1 ArrayList
2-2 2 LinkedList
2-2 3 List Operations
2-3 Sets
2-3 1 HashSet
2-3 2 TreeSet
2-3 3 LinkedHashSet
2-4 Maps
2-4 1 HashMap
2-4 2 TreeMap
2-4 3 LinkedHashMap
2-5 Queues and Deques
2-5 1 PriorityQueue
2-5 2 ArrayDeque
3 Java Streams and Lambda Expressions
3-1 Lambda Expressions
3-1 1 Lambda Syntax
3-1 2 Functional Interfaces
3-1 3 Method References
3-2 Streams
3-2 1 Stream Creation
3-2 2 Intermediate Operations
3-2 3 Terminal Operations
3-2 4 Parallel Streams
4 Java Concurrency
4-1 Threads
4-1 1 Thread Creation
4-1 2 Thread States
4-1 3 Thread Synchronization
4-1 4 Thread Communication
4-2 Concurrency Utilities
4-2 1 Executor Framework
4-2 2 Concurrent Collections
4-2 3 Atomic Variables
4-2 4 Locks
5 Java IO and NIO
5-1 Input and Output Streams
5-1 1 Byte Streams
5-1 2 Character Streams
5-1 3 Buffered Streams
5-2 File IO
5-2 1 File Class
5-2 2 FileReader and FileWriter
5-2 3 FileInputStream and FileOutputStream
5-3 NIO (New IO)
5-3 1 Path Interface
5-3 2 Files Class
5-3 3 Channels and Buffers
5-3 4 Asynchronous IO
6 Java Date and Time API
6-1 Date and Time Classes
6-1 1 LocalDate
6-1 2 LocalTime
6-1 3 LocalDateTime
6-1 4 ZonedDateTime
6-2 Period and Duration
6-2 1 Period Class
6-2 2 Duration Class
6-3 Time Zones and Calendars
6-3 1 TimeZone Class
6-3 2 Calendar Class
7 Java Modules
7-1 Module System Overview
7-1 1 Module Declaration
7-1 2 Module Path
7-1 3 Module Dependencies
7-2 Module Resolution
7-2 1 Automatic Modules
7-2 2 Named Modules
7-2 3 Unnamed Modules
7-3 Module Services
7-3 1 Service Provider Interface (SPI)
7-3 2 ServiceLoader Class
8 Java Security
8-1 Security Basics
8-1 1 Security Manager
8-1 2 Permissions
8-1 3 Policy Files
8-2 Cryptography
8-2 1 Key Generation
8-2 2 Encryption and Decryption
8-2 3 Digital Signatures
8-3 Secure Coding Practices
8-3 1 Input Validation
8-3 2 Secure Communication
8-3 3 Authentication and Authorization
9 Java Networking
9-1 Networking Basics
9-1 1 InetAddress Class
9-1 2 URL and URLConnection Classes
9-2 Sockets
9-2 1 Socket Class
9-2 2 ServerSocket Class
9-2 3 DatagramSocket Class
9-3 Networking Protocols
9-3 1 TCPIP
9-3 2 UDP
9-3 3 HTTP
10 Java Database Connectivity (JDBC)
10-1 JDBC Basics
10-1 1 JDBC Architecture
10-1 2 JDBC Drivers
10-1 3 Establishing a Connection
10-2 Executing SQL Statements
10-2 1 Statement Interface
10-2 2 PreparedStatement Interface
10-2 3 CallableStatement Interface
10-3 ResultSet
10-3 1 ResultSet Interface
10-3 2 ResultSetMetaData Interface
10-4 Transaction Management
10-4 1 Commit and Rollback
10-4 2 Savepoints
11 Java Annotations
11-1 Annotation Basics
11-1 1 Annotation Types
11-1 2 Meta-Annotations
11-1 3 Annotation Processing
11-2 Standard Annotations
11-2 1 @Override
11-2 2 @Deprecated
11-2 3 @SuppressWarnings
11-3 Custom Annotations
11-3 1 Annotation Creation
11-3 2 Annotation Usage
12 Java Reflection
12-1 Reflection Basics
12-1 1 Class Class
12-1 2 Field Class
12-1 3 Method Class
12-2 Dynamic Class Loading
12-2 1 ClassLoader Class
12-2 2 Dynamic Proxy
12-3 Reflection API
12-3 1 Accessing Class Members
12-3 2 Modifying Class Members
13 Java Internationalization (I18N)
13-1 I18N Basics
13-1 1 Locale Class
13-1 2 ResourceBundle Class
13-2 Formatting
13-2 1 NumberFormat Class
13-2 2 DateFormat Class
13-2 3 MessageFormat Class
13-3 Character Encoding
13-3 1 Charset Class
13-3 2 String Encoding and Decoding
14 Java Platform Module System (JPMS)
14-1 Module System Overview
14-1 1 Module Declaration
14-1 2 Module Path
14-1 3 Module Dependencies
14-2 Module Resolution
14-2 1 Automatic Modules
14-2 2 Named Modules
14-2 3 Unnamed Modules
14-3 Module Services
14-3 1 Service Provider Interface (SPI)
14-3 2 ServiceLoader Class
15 Java 11 New Features
15-1 New String Methods
15-1 1 isBlank()
15-1 2 lines()
15-1 3 repeat()
15-2 New File Methods
15-2 1 writeString()
15-2 2 readString()
15-3 Local-Variable Syntax for Lambda Parameters
15-3 1 var Keyword in Lambda Expressions
15-4 HTTP Client API
15-4 1 HttpClient Class
15-4 2 HttpRequest Class
15-4 3 HttpResponse Class
15-5 Nest-Based Access Control
15-5 1 Nest Host and Nest Members
15-5 2 Nest Access Control
15-6 Epsilon Garbage Collector
15-6 1 Epsilon GC Overview
15-6 2 Epsilon GC Use Cases
15-7 Flight Recorder
15-7 1 Flight Recorder Overview
15-7 2 Flight Recorder Use Cases
15-8 Application Class-Data Sharing (CDS)
15-8 1 CDS Overview
15-8 2 CDS Use Cases
15-9 Deprecations and Removals
15-9 1 Deprecated Features
15-9 2 Removed Features
8.1.2 Permissions Explained

8.1.2 Permissions Explained

Permissions in Java SE 11 are a crucial aspect of security management, allowing developers to control access to system resources and operations. Understanding permissions is essential for building secure and robust applications.

Key Concepts

1. Permission Classes

Permission classes in Java are used to define the type of access that is granted to a particular resource or operation. These classes extend the java.security.Permission class and implement methods such as implies, equals, and hashCode.

Example

        public class MyPermission extends Permission {
            public MyPermission(String name) {
                super(name);
            }
            
            @Override
            public boolean implies(Permission permission) {
                // Implementation
            }
            
            @Override
            public boolean equals(Object obj) {
                // Implementation
            }
            
            @Override
            public int hashCode() {
                // Implementation
            }
            
            @Override
            public String getActions() {
                return "";
            }
        }

2. Policy Files

Policy files are configuration files that specify the permissions granted to code from different sources. These files are used by the Java security manager to enforce security policies at runtime.

Example

        grant codeBase "file:/path/to/myapp.jar" {
            permission com.example.MyPermission "exampleAction";
        };

3. Security Manager

The Security Manager is a class that enforces security policies in a Java application. It checks for permissions before allowing access to restricted resources or operations.

Example

        System.setSecurityManager(new SecurityManager());

4. Access Control Context

The Access Control Context is a representation of the security context in which code is executed. It includes the permissions granted to the code and is used by the security manager to make access control decisions.

Example

        AccessControlContext acc = AccessController.getContext();

5. AccessController

The AccessController class is used to perform access control operations, such as checking permissions and executing privileged actions.

Example

        AccessController.checkPermission(new MyPermission("exampleAction"));

Examples and Analogies

Think of permissions as keys to a locked room. Each key (permission) grants access to a specific room (resource or operation). The security manager is like a guard who checks the keys before allowing access. Policy files are like a list of keys that the guard uses to verify access. The Access Control Context is like a keyring that holds all the keys the code has access to.

By understanding permissions, you can effectively control access to sensitive resources and operations in your Java SE 11 applications, ensuring they are secure and robust.

© 2024 Ahmed Baheeg Khorshid. All rights reserved.