A security policy provides access to a specific policy. SecurityManagers delegate access checking to security policies. Security policies must implement the following methods:
- validate(accessed, container, name, value, context)
- Validate access .
- the object that was being accessed
- the object the value was found in
- The name used to access the value
- The value returned by the access
- A SecurityContext, which provides access to information such as the context stack and AUTHENTICATED_USER.
- checkPermission(permission, object, context)
- Check whether the security context allows the given permission on
the given object.
- A permission name
- The object being accessed according to the permission
- A SecurityContext, which provides access to information shuch as the context stack and AUTHENTICATED_USER.