1 Reply Latest reply on Dec 7, 2011 2:22 PM by 903882

    Rationale behind java.security.AccessController.doPrivileged(..) ?

      If I create a security policy and grant permissions say to read files to a certain codebase url etc then whether I have code in java.security.AccessController.doPrivileged(..) or not the code shall fail if permission is denied and succeed if permissions are granted.

      So what difference does it make if I dont put code in doPrivileged(...) block ?

      I understand from the docs that putting code in doPrivileged(..) stops the security manager from going to stack frames lower than this Privileged code's stack frame to check whether they have permissions. What's the advantage of this ?