Java Platform, Standard Edition Tools Reference
Contents    Previous    Next

1 How Classes are Found

The java command is called the Java launcher because it launches Java applications. When the Java launcher is called, it gathers input from the user and the user's environment (such as the class path and the boot class path), interfaces with the Virtual Machine (VM), and gets it started via some bootstrapping. The Java Virtual Machine (JVM) does the rest of the work.

This chapter covers the following topics:

How the Java Runtime Finds Classes

The JVM searches for and loads classes in this order:

  1. Bootstrap classes, which are classes that comprise the Java platform, including the classes in rt.jar and several other important JAR files.

  2. Extension classes, which use the Java Extension mechanism. These classes are bundled as JAR files and located in the extensions directory.

  3. User classes are classes that are defined by developers and third parties and that do not take advantage of the extension mechanism. You identify the location of these classes with the -classpath option on the command line (preferred) or with the CLASSPATH environment variable. See Setting the Class Path.

In effect, the three search paths together form a simple class path. This is similar to the flat class path previously used, but the current model has the following improvements:

  • It is relatively difficult to accidentally hide or omit the bootstrap classes.

  • In general, you only have to specify the location of user classes. Bootstrap classes and extension classes are found automatically.

  • The tools classes are now in a separate archive (tools.jar) and can only be used if included in the user class path described in How the Java Runtime Finds Bootstrap Classes.

How the javac and javadoc Commands Find Classes

The javac and javadoc commands use class files in the following two ways:

  • To run, the javac and javadoc commands must load various class files.

  • To process the source code they operate on, the javac and javadoc commands must obtain information on object types used in the source code.

The class files used to resolve source code references are mostly the same class files used to run the javac and javadoc commands. But there are some important exceptions, as follows:

  • Both the javac and javadoc commands often resolve references to classes and interfaces that have nothing to do with the implementation of the javac or javadoc commands. Information on referenced user classes and interfaces might be present in the form of class files, source code files, or both.

  • The tools classes in the tools.jar file are only used to run the javac and javadoc commands. The tools classes are not used to resolve source code references unless the tools.jar file is in the user class path.

  • A programmer might want to resolve boot class or extension class references with an alternative Java platform implementation. Both the javac and javadoc commands support this with their -bootclasspath and -extdirs options. Use of these options does not modify the set of class files used to run the javac or javadoc commands themselves.

If a referenced class is defined in both a class file and a source file, the javadoc command always uses the source file. The javadoc command never compiles source files. In the same situation the javac command uses class files, but automatically recompiles any class files it determines to be out of date. The rules for automatic recompilation are documented in javac.

By default, the javac and javadoc commands search the user class path for both class files and source code files. If the -sourcepath option is specified, the javac and javadoc commands search for source files only on the specified source file path, while still searching the user class path for class files.

Class Loading and Security Policies

To be used, a class or interface must be loaded by a class loader. Use of a particular class loader determines a security policy associated with the class loader.

A program can load a class or interface by calling the loadClass method of a class loader object. But usually a program loads a class or interface by referring to it. This invokes an internal class loader, which can apply a security policy to extension and user classes. If the security policy has not been enabled, all classes are trusted. Even if the security policy is enabled, it does not apply to bootstrap classes, which are always trusted.

When enabled, security policy is configured by system and user policy files. The Java platform SDK includes a system policy file that grants trusted status to extension classes and places basic restrictions on user classes.

To enable or configure the security policy, refer to Security Features.

Note: Some security programming techniques that worked with earlier releases of Java SE are incompatible with the class loading model of the current release.

Contents    Previous    Next

Copyright © 1993, 2022, Oracle and/or its affiliates. All rights reserved.