In the previous 6 notes, I outline Java Securty, this book's first three chapters. The essential meaning of them is to introduce the framework of Java Security Mechanism--sandbox and basic knowledge pertained with Java language.
Now, we enter the two critical portions--security manager and access controller. Because I suppose you are a good java programmer and at least are familar with Java language and basic classes, the detail information will be bypass and please refer to Sun Java documents. Here I only highlight the skeleton.
1. Security manager and Access controller are halfs of whole Java security interface. From calling view, core Java APIs call security manage interface and access controller takes charge of implementation of access control..
2. From evolution view, Security manager is the carry-over of pre-Java 2 program and works for being compatible with old version.
3. Both Security manager and Access controller are the parts of Java Virtual Machine.
4. There are four basic functionalities in security manager class methods. The method relating to file access, the method relating to network access, the method relating to Java Virutal Machine security and the method protecting program thread and the methods protecting system resources such as printer as well.
5. As for Access controller, it implements most of security manager's logics.(I will write context in Notes 8 for Access Controller.)