An architecture for extending the Java security model to allow a user or
administrator to explicitly deny permissions. By itself, the Java 2
security model does not allow additions to the collections of policy
permissions after they have been loaded from the Java policy file. The
inventive architecture allows Java applets and applications to dynamically
prompt the user to deny a permission that does not exist in the Java
policy file. If the user denies the permission, the present invention
denies the permission for the ProtectionDomain to which the class asking
for the permission belongs. Attributes for the denied permission may be
set during runtime and saved across browser sessions.
