- java.lang.Object
-
- java.security.Permission
-
- javax.security.auth.PrivateCredentialPermission
-
- All Implemented Interfaces:
Serializable
,Guard
public final class PrivateCredentialPermission extends Permission
This class is used to protect access to private Credentials belonging to a particularSubject
. TheSubject
is represented by a Set of Principals.The target name of this
Permission
specifies a Credential class name, and a Set of Principals. The only valid value for this Permission's actions is, "read". The target name must abide by the following syntax:CredentialClass {PrincipalClass "PrincipalName"}*
For example, the following permission grants access to the com.sun.PrivateCredential owned by Subjects which have a com.sun.Principal with the name, "duke". Note that although this example, as well as all the examples below, do not contain Codebase, SignedBy, or Principal information in the grant statement (for simplicity reasons), actual policy configurations should specify that information when appropriate.grant { permission javax.security.auth.PrivateCredentialPermission "com.sun.PrivateCredential com.sun.Principal \"duke\"", "read"; };
If CredentialClass is "*", then access is granted to all private Credentials belonging to the specifiedSubject
. If "PrincipalName" is "*", then access is granted to the specified Credential owned by anySubject
that has the specifiedPrincipal
(the actual PrincipalName doesn't matter). For example, the following grants access to the a.b.Credential owned by anySubject
that has an a.b.Principal.grant { permission javax.security.auth.PrivateCredentialPermission "a.b.Credential a.b.Principal "*"", "read"; };
If both the PrincipalClass and "PrincipalName" are "*", then access is granted to the specified Credential owned by anySubject
.In addition, the PrincipalClass/PrincipalName pairing may be repeated:
grant { permission javax.security.auth.PrivateCredentialPermission "a.b.Credential a.b.Principal "duke" c.d.Principal "dukette"", "read"; };
The above grants access to the private Credential, "a.b.Credential", belonging to aSubject
with at least two associated Principals: "a.b.Principal" with the name, "duke", and "c.d.Principal", with the name, "dukette".- Since:
- 1.4
- See Also:
- Serialized Form
-
-
Constructor Summary
Constructors Constructor Description PrivateCredentialPermission(String name, String actions)
Creates a newPrivateCredentialPermission
with the specifiedname
.
-
Method Summary
All Methods Instance Methods Concrete Methods Modifier and Type Method Description boolean
equals(Object obj)
Checks twoPrivateCredentialPermission
objects for equality.String
getActions()
Returns the "canonical string representation" of the actions.String
getCredentialClass()
Returns the Class name of the Credential associated with thisPrivateCredentialPermission
.String[][]
getPrincipals()
Returns thePrincipal
classes and names associated with thisPrivateCredentialPermission
.int
hashCode()
Returns the hash code value for this object.boolean
implies(Permission p)
Checks if thisPrivateCredentialPermission
implies the specifiedPermission
.PermissionCollection
newPermissionCollection()
Return a homogeneous collection of PrivateCredentialPermissions in aPermissionCollection
.-
Methods inherited from class java.lang.Object
clone, finalize, getClass, notify, notifyAll, wait, wait, wait
-
Methods inherited from class java.security.Permission
checkGuard, getName, toString
-
-
-
-
Constructor Detail
-
PrivateCredentialPermission
public PrivateCredentialPermission(String name, String actions)
Creates a newPrivateCredentialPermission
with the specifiedname
. Thename
specifies both a Credential class and aPrincipal
Set.- Parameters:
name
- the name specifying the Credential class andPrincipal
Set.actions
- the actions specifying that the Credential can be read.- Throws:
IllegalArgumentException
- ifname
does not conform to the correct syntax or ifactions
is not "read".
-
-
Method Detail
-
getCredentialClass
public String getCredentialClass()
Returns the Class name of the Credential associated with thisPrivateCredentialPermission
.- Returns:
- the Class name of the Credential associated with this
PrivateCredentialPermission
.
-
getPrincipals
public String[][] getPrincipals()
Returns thePrincipal
classes and names associated with thisPrivateCredentialPermission
. The information is returned as a two-dimensional array (array[x][y]). The 'x' value corresponds to the number ofPrincipal
class and name pairs. When (y==0), it corresponds to thePrincipal
class value, and when (y==1), it corresponds to thePrincipal
name value. For example, array[0][0] corresponds to the class name of the firstPrincipal
in the array. array[0][1] corresponds to thePrincipal
name of the firstPrincipal
in the array.- Returns:
- the
Principal
class and names associated with thisPrivateCredentialPermission
.
-
implies
public boolean implies(Permission p)
Checks if thisPrivateCredentialPermission
implies the specifiedPermission
.This method returns true if:
-
p
is an instanceof PrivateCredentialPermission and - the target name for
p
is implied by this object's target name. For example:[* P1 "duke"] implies [a.b.Credential P1 "duke"]. [C1 P1 "duke"] implies [C1 P1 "duke" P2 "dukette"]. [C1 P2 "dukette"] implies [C1 P1 "duke" P2 "dukette"].
- Specified by:
implies
in classPermission
- Parameters:
p
- thePermission
to check against.- Returns:
- true if this
PrivateCredentialPermission
implies the specifiedPermission
, false if not.
-
-
equals
public boolean equals(Object obj)
Checks twoPrivateCredentialPermission
objects for equality. Checks thatobj
is aPrivateCredentialPermission
, and has the same credential class as this object, as well as the same Principals as this object. The order of the Principals in the respective Permission's target names is not relevant.- Specified by:
equals
in classPermission
- Parameters:
obj
- the object we are testing for equality with this object.- Returns:
- true if obj is a
PrivateCredentialPermission
, has the same credential class as this object, and has the same Principals as this object. - See Also:
Object.hashCode()
,HashMap
-
hashCode
public int hashCode()
Returns the hash code value for this object.- Specified by:
hashCode
in classPermission
- Returns:
- a hash code value for this object.
- See Also:
Object.equals(java.lang.Object)
,System.identityHashCode(java.lang.Object)
-
getActions
public String getActions()
Returns the "canonical string representation" of the actions. This method always returns the String, "read".- Specified by:
getActions
in classPermission
- Returns:
- the actions (always returns "read").
-
newPermissionCollection
public PermissionCollection newPermissionCollection()
Return a homogeneous collection of PrivateCredentialPermissions in aPermissionCollection
. No suchPermissionCollection
is defined, so this method always returnsnull
.- Overrides:
newPermissionCollection
in classPermission
- Returns:
- null in all cases.
-
-