From: "J.D. Fagan" <jfagan@2bridge.com>
To: <java-security@java.Sun.COM>
Subject: Object level security
Date: Fri, 17 Jul 1998 10:21:55 -0700
Hello all,
I'm still learning JDK's 1.2 security model and understand its ability to
protect certain classes from being loaded up by the VM. However, I was
wondering if it had the capacity for checking security on particular
instances of a class, such as in the following situation:
I'll be storing object instances of particular classes in an object oriented
database. I want some some of these objects (secure type classes that I
designate) to be accessible via some Users/Groups (objects in system).
Some of the permissions I need for a particular User/Group on a particular
secure object include: read (i.e., view), write (i.e., update), delete,
change permission.
Is it wise that I use my own SecurityManager implementation to achieve this
facility? Or does Java 1.2 handle these capabilities via
SecurityManager.checkPermission(java.security.Permission perm, Object
context) method??
Appreciate your feedback,
J.D. Fagan
2Bridge Software