Relationship with the SecurityManager
The JAXP properties will be checked first before a connection is attempted whether or not a
SecurityManager is present. This means that a connection may be blocked even if it is granted permission by the
SecurityManager . For example, if the JAXP properties are set to disallow the http protocol, they will effectively block any connection attempt even when an application has
For the purpose of restricting connections, the
SecurityManager can be views as being at a lower level. Permissions will be checked after the JAXP properties are evaluated. If an application does not have
SocketPermission for example, then a
SecurityException will be thrown even if the JAXP properties are set to allow a http connection.
SecurityManager is present, the
JAXP FEATURE_SECURE_PROCESSING is set to true. This behavior will not turn on the new restrictions.