Method and system for run-time dynamic and interactive identification software authorization requirements and privileged code locations, and for validation of other software program analysis results

What is claimed is: 1. A method for detecting and verifying security authorization and privileged-code requirements in a run-time execution environment in which a software program is executing, said method comprising: implementing reflection objects for—making reflection calls to one or more classes of objects in said executing program to identify from said classes and objects all methods where authorization failures may occur in response to the program's attempted access of resources requiring authorizations as enforced by a particular security subsystem, said methods including methods of said one or more classes that take object parameters having different permission and privileged-code requirements that can arise when the methods are invoked with parameters to be passed determined at run-time, providing a listing of all said identified class methods for display via a user interface; implementing reflection objects to enable a user, via said interface, to select a displayed method, determine one or more types and number of the parameters that need to be passed to said method being invoked, create one or more customized object parameters and pass customized object parameters to said selected displayed method and invoke said method in real-time in a restricted execution environment where said program is prevented from performing security-sensitive operations; in response to invoking said method, determining whether a security exception is raised if a required authorization has not been expressly granted, and, reporting existence of said security exception via said user interface; enabling a user to select, via said user interface, the security exception; and, for each required authorization that should be granted, granting, by said user, the necessary permission via said user interface, and, automatically updating a security policy in response to a user granting a particular authorization without the need for restarting execution of the program, wherein local system, fine-grained access of resources requiring authorization is provided. 2. The method as claimed in claim 1 , wherein an authorization includes one or more of the following: a permission, a role. 3. The method as claimed in claim 1 , wherein said local-system, fine-grained access is provided independent of a particular security subsystem implemented. 4. The method as claimed in claim 1 , wherein said reflection objects includes Java reflection objects that enables instantiation of selected objects of the program. 5. The method as claimed in claim 4 , wherein said methods are listed as a hierarchical stack of method invocations. 6. The method as claimed in claim 4 , wherein, in response to invoking said method, generating a security exception if a required authorization has not been expressly granted, said method further comprising: reporting existence of said security exception via said user interface, and, enabling user selection of the security exception via said user interface; and, generating information for display concerning said required authorization via said user interface. 7. The method as claimed in claim 6 , wherein said generating information concerning a required authorization comprises: invoking a security function that performs a stack trace for determining all callers on a stack tracking program execution; and, determining which stack frames do not have the required authorization; and, generating information about the code that has not been granted the authorization. 8. The method as claimed in claim 7 , wherein said information generated about the code includes one or more of: a component name, a class name, a method name, a line number, a code origin, and those authorizations that have already been granted to the program's code. 9. The method as claimed in claim 4 , wherein said method in executed in a separate thread, isolated from said execution environment. 10. The method as claimed in claim 1 , wherein said program is one selected from the group comprising: a Java application, a component-based program; a C++ application, a C# application, a Web service application program, a Service Oriented Application (SOA) application, a C application, a Microsoft .NET Common Language Runtime (CLR) application, an application developed using a scripting language. 11. A program storage device tangibly embodying software instructions which are adapted to be executed by a computing device to perform a method of verifying security authorizations in a run-time execution environment in which a software program is executing according to claim 1 . 12. A run-time authorization requirement discovery tool for a computing device executing software programs requiring security authorizations comprising: a memory storage device; a programmed processor unit in communication with said memory storage device and configured to: provide a restricted execution environment where said program is prevented from performing security-sensitive operations; implement reflection objects for making reflection calls to one or more classes of objects in said executing program to identify from said classes and objects all methods in said executing program where authorization failures may occur in response to the program's attempt to access resources requiring permissions as enforced by a particular security subsystem, said methods including methods of said class that take object parameters having different permission and privileged-code requirements that can arise when the methods are invoked with parameters to be passed determined at run-time; provide a listing of all said identified methods for display via a user interface device; select, by a user, a displayed method via said interface device; implementing reflection objects to create customized object parameters that are passed to said selected displayed method and invoking said method in real-time in said restricted execution environment; determine, responsive to invoking said method, whether a security exception is raised if a required authorization has not been expressly granted, and, reporting existence of said security exception via said user interface device, enable a user to select, via said user interface, the security exception; and, enable said user to grant, via said user interface, for each required authorization that should be granted, the necessary permission, and, automatically update a security policy in response to a user granting a particular authorization without the need for restarting execution of the program, wherein local system, fine-grained access of resources requiring permissions is provided. 13. The authorization requirement discovery tool as claimed in claim 12 , wherein said local-system, fine-grained access is provided independent of a particular security subsystem implemented. 14. The authorization requirement discovery tool as claimed in claim 12 , wherein said reflection objects includes one or more Java reflection objects that enables instantiation of selected objects of the program. 15. The authorization requirement discovery tool as claimed in claim 12 , wherein said methods are listed as a hierarchical stack of method invocations. 16. The authorization requirement discovery tool as claimed in claim 14 , wherein, in response to invoking said method, said execution environment generating a security exception if a required authorization has not been expressly granted, said processor device further: reporting existence of said security exception via said user interface; enabling user selection of the security exception via said user interface; and