On this significance of a ProtectionDomain with a null CodeSource
Good day.
I am putting the finishing touches on a custom security manager that profiles an application's security needs at runtime
http://www.petrovic.org/content/SecMgrTutorial/sm.html
In short, the custom security manager extends java.lang.SecurityManager and overrides the two checkPermission() methods. In those overridden methods, I examine the AccessControlContext for purposes of building a "grant" rule in the generated policy file.
Occasionally I will find in the list of ProtectionDomains therein a ProtectionDomain whose CodeSource is null, a possibility pointed out in the Javadoc for ProtectionDomain.getCodeSource().
As I wrap this work up, my only question is under what conditions would a ProtectionDomain have a null CodeSource? I suspect this case represents a jvm system class of some sort, but that's just a guess. Printing the toString() form of a ProtectionDomain sheds no light on the question, so I'm sort of left guessing.
Can someone comment on this?
Thanks.
