12 Revision History

Various drafts on Java 2 Security Architecture, under different disguises, existed since August of 1996.

Java 2 Platform Security Architecture Specification v0.1 was drafted on March 12, 1997.

Revision 0.2 on March 27, 1997

Revision 0.3 on March 31, 1997

Revision 0.4 on June 3, 1997. Reflected changes in design and implementation based on comments and feedbacks of revision 0.3. Introduced SignedObject.

Revision 0.5 on July 10, 1997. Major reorganization. It now includes a detailed syntax and semantics for policy and permissions. The class java.lang.SecurityManager is changed from abstract to concrete, with a default implementation.

Revision 0.6 on September 3, 1997. Reorganized sections under clearer headings. Syntactical changes to policy file format, including adding an optional signer field to each permission entry. Introduced GuardedObject class and Guard interface. The Permission class is now Serializable and implements the Guard interface. Added a new AccessControlContext class that helps cross-thread access control decision making. Gave descriptions of keytool, policytool, and jarsigner. Revised Acknowledgements.

Revision 0.7 on October 1, 1997. Added description of a feature that automatically makes a new thread, at its creation time, inherit the parent thread's security context so that access control checking in the new child thread considers both the first current context and also the inherited context.

Revision 0.8 on March 9, 1998. The previously package private class java.security.ProtectionDomain is now made public, and suitable get, set, and define methods to use this class are added in java.lang.Class and java.security.SecureClassLoader. The class java.security.SignedObject is now immutable. Introduced a new class java.security.UnresolvedPermission. Added new method SecurityManager.checkPermission that, by default, invokes AccessController.checkPermission. Syntax change for FilePermission in the case of "*", "-", and introduced "<<ALL FILES>>". Other minor additions and changes, including two new options for jarsigner. Revised Acknowledgements.

Revision 0.9 on June 10, 1998. Some permission names have been modified to make permission naming clearer and more consistent. Added sections for Permission classes not previously documented herein. The evaluate method in Policy has been renamed getPermissions. Class.setProtectionDomain no longer exists. Corrected "file:" URL examples. The "-usepolicy" command-line argument for the "java" command has been replaced by "-Djava.security.manager" and "-Djava.security.policy". Updated command lists for the keytool and jarsigner tools. The AccessController beginPrivileged and endPrivileged methods have been replaced by the doPrivileged method.

Revision 1.0 on October 2, 1998. Updated description of the class loading mechanism with a new chapter. Rearranged some chapters and sections.

Revision 1.1 on December 20, 2000. Updated the document to reflect the new Policy and ProtectionDomain updates to support dynamic policies. Also added updates for the integration of the Java Authentication and Authorization Service (JAAS) into the core SDK. New policy syntax was described and examples were added.

Revision 1.2 (the current version) on March 22, 2002. Added notes on KeyStore Alias Replacement including an example of a grant statement with KeyStore alias replacement. Added new section 3.3 explaining generalized expansion in policy files including examples.