I have recently started experimenting with
java's security features.
I read quite a bit about method doPrivileged() in AccessController class , but I could not get its use.
The javadoc says that the caller of the code should have required permission , not the code which has doPrivileged() method.
For that I made a small infrastructure.
I created a service with the following method
Then I created another client class AccessTest.java to invoke this service. I have also made a policy file which is granting my client program all permissions , but have not granted any permissions to service class.Then I ran the AccessTest (my client program) with the security manager enabled.
But I got a AccessController exception.
why is that so ?