文档

Java™ 教程-Java Tutorials 中文版

路径:Java SE 中的安全功能

In this trail you'll learn how the built-in Java™ security features protect you from malevolent programs. You'll see how to use tools to control access to resources, to generate and to check digital signatures, and to create and to manage keys needed for signature generation and checking. You'll also see how to incorporate cryptography services, such as digital signature generation and checking, into your programs.

The security features provided by the Java Development Kit (JDK™) are intended for a variety of audiences:


注意: For developers that want to create applets and Java Web Start applications, see Java Applets for security information.

路径课程

Trail icon  创建策略文件shows how resource accesses can be controlled by a policy file. For latest information on policy configuration files, see Policy Guide page.

Trail icon  快速浏览控制应用程序builds on the previous lesson, showing how resource accesses, such as reading or writing a file, are not permitted for applications that are run under a security manager unless explicitly allowed by a permission in a policy file.

Trail icon  API 和工具用于安全代码和文件交换defines digital signatures, certificates, and keystores and discusses why they are needed. It also reviews information applicable to the next three lessons regarding the steps commonly needed for using the tools or the API to generate signatures, export/import certificates, and so on.

Trail icon  签名代码并授予权限illustrates the use of all the security-related tools. It shows the steps that a developer would take to sign and to distribute code for others to run. The lesson also shows how someone who will run the code (or a system administrator) could add an entry in a policy file to grant the code permission for the resource accesses it needs.

Trail icon  交换文件shows use of the tools by one person to sign an important document, such as a contract, and to export the public key certificate for the public key corresponding to the private key used to sign the contract. Then the lesson shows how another person, who receives the contract, the signature, and the public key certificate, can import the certificate and verify the signature.

Trail icon  生成和验证签名walks you step by step through an example of writing a Java program using the JDK Security API to generate keys, to generate a digital signature for data using the private key, and to export the public key and the signature to files. Then the example shows writing a second program, which may be expected to run on a different person's computer, that imports the public key and verifies the authenticity of the signature. Finally, the example discusses potential weaknesses of the approach used by the basic programs and demonstrates possible alternative approaches and methods of supplying and importing keys, including in certificates.

Trail icon  实现自己的权限demonstrates how to write a class that defines its own special permission.

欲获得更多信息

JDK security release documentation can be found at the Security guides page. This index page lists Specifications which present detailed information about latest security features, including architecture specifications, usage guides, API documentation, and tool documentation.


Previous page: Beginning of Tutorial
Next page: Security Features Overview