<< Previous <<
[Session1 Index]
>> Next >>
Revoking authority is straightforward using capability facades: tell the
facade to revoke itself, and it simply nulls out its reference to the object
it represents. Once the reference is gone, mandatory security is once again
enforced.
This mechanism also makes it easy to grant a once-only capability.
A once-only capability facade will, upon being used, automatically null out
its reference.