JDOPermission class is for operations that are reserved for JDO implementations and should not be called by other code. A JDOPermission is a named permission and has no actions. There are two names currently defined. Each named permission has a corresponding public static final field which contains an instance of the named permission. The following table provides a summary description of what each named permission allows, and discusses the risks of granting code the permission.
| Permission Target Name | What the Permission Allows | Risks of Allowing this Permission |
|---|---|---|
setStateManager | This allows setting the StateManager for an instance of PersistenceCapable. The StateManager has unlimited access to get and set persistent and transactional fields of the PersistenceCapable instance. | This is dangerous in that information (possibly confidential) normally unavailable would be accessible to malicious code. |
getMetadata | This allows getting metadata for any PersistenceCapable class that has registered with JDOImplHelper. | This is dangerous in that metadata information (possibly confidential) normally unavailable would be accessible to malicious code. |
manageMetadata | This allows managing metadata for any PersistenceCapable class that has registered with JDOImplHelper. | This is dangerous in that metadata information (possibly confidential) normally unavailable would be manageable (modifiable) by malicious code. |
closePersistenceManagerFactory | This allows closing a PersistenceManagerFactory, thereby releasing resources. | This is dangerous in that resources bound to the PersistenceManagerFactory would be releaseable by malicious code. |
| |