java.rmi
Class AuthenticationPermission

java.lang.Object
  |
  +--java.security.Permission
        |
        +--java.rmi.AuthenticationPermission
All Implemented Interfaces:
java.security.Guard, java.io.Serializable

public final class AuthenticationPermission
extends java.security.Permission

Represents permission to use the private credentials of subjects for the purpose of authenticating as any principal (or any set of principals) that matches the target name, during secure RMI communication (as a client or as a server). In general, RMI security providers check for this permission instead of checking for javax.security.auth.PrivateCredentialPermission.

An instance of this class contains a name (also referred to as a "target name") but no actions list; you either have the named permission or you don't. The target name consists of one or more principal specifications, each consisting of a principal class and a principal name. The syntax of the target name is:

PrincipalClass "PrincipalName" ...
That is, the target name consists of alternating principal classes and principal names, separated by spaces, with each principal name surrounded by quotes. The order in which principals are specified does not matter. In any given principal specification, a wildcard value of "*" can be used for both PrincipalClass and PrincipalName or for just PrincipalName, but it is illegal to use a wildcard value for just PrincipalClass.

A principal p matches the target name if the target name has any of the following principal specifications:

Some example policy file permission grants:

 grant principal com.sun.security.auth.X500Principal "CN=jack" {
     permission java.rmi.AuthenticationPermission
         "com.sun.security.auth.X500Principal \"CN=jack\"";
 };

 grant codebase "file:/code/mycode.jar" {
     permission java.rmi.AuthenticationPermission
         "com.sun.security.auth.X500Principal \"CN=jack\" com.sun.security.auth.X500Principal \"CN=jill\"";
 };

 grant codebase "file:/code/trusted.jar" {
     permission java.rmi.AuthenticationPermission
         "com.sun.security.auth.X500Principal \"*\"";
 };
 

Since:
1.4
See Also:
Serialized Form

Constructor Summary
AuthenticationPermission(java.security.Principal prin)
          Creates an instance with a name containing the specified principal.
AuthenticationPermission(java.lang.String name)
          Creates an instance with the specified name.
AuthenticationPermission(java.lang.String name, java.lang.String actions)
          Creates an instance with the specified name.
 
Method Summary
static boolean checkPermission(java.security.Principal prin)
          Returns false if there is a security manager installed and the security manager's checkPermission method throws a SecurityException when invoked with an instance of this class constructed from the specified principal; returns true otherwise.
 boolean equals(java.lang.Object obj)
          Two instances of this class are equal if they have the same target name.
 java.lang.String getActions()
          Always returns the empty string.
 int hashCode()
          Returns a hash code value for this object.
 boolean implies(java.security.Permission perm)
          Returns true if the specified permission is an instance of AuthenticationPermission and every principal that matches the target name of the specified permission also matches the target name of this permission; returns false otherwise.
 
Methods inherited from class java.security.Permission
checkGuard, getName, newPermissionCollection, toString
 
Methods inherited from class java.lang.Object
clone, finalize, getClass, notify, notifyAll, wait, wait, wait
 

Constructor Detail

AuthenticationPermission

public AuthenticationPermission(java.lang.String name)
Creates an instance with the specified name.
Parameters:
name - the target name
Throws:
NullPointerException - if the target name is null
java.lang.IllegalArgumentException - if the specified name does match the syntax specified in the comments at the beginning of this class

AuthenticationPermission

public AuthenticationPermission(java.lang.String name,
                                java.lang.String actions)
Creates an instance with the specified name. The actions parameter is ignored.
Parameters:
name - the target name
actions - ignored
Throws:
NullPointerException - if the target name is null
java.lang.IllegalArgumentException - if the specified name does match the syntax specified in the comments at the beginning of this class

AuthenticationPermission

public AuthenticationPermission(java.security.Principal prin)
Creates an instance with a name containing the specified principal.
Parameters:
prin - the principal
Throws:
NullPointerException - if the principal is null
Method Detail

checkPermission

public static boolean checkPermission(java.security.Principal prin)
Returns false if there is a security manager installed and the security manager's checkPermission method throws a SecurityException when invoked with an instance of this class constructed from the specified principal; returns true otherwise.
Parameters:
prin - the principal
Returns:
false if there is a security manager installed and the security manager's checkPermission method throws a SecurityException when invoked with an instance of this class constructed from the specified principal; true otherwise
Throws:
NullPointerException - if the principal is null

implies

public boolean implies(java.security.Permission perm)
Returns true if the specified permission is an instance of AuthenticationPermission and every principal that matches the target name of the specified permission also matches the target name of this permission; returns false otherwise.
Overrides:
implies in class java.security.Permission
Parameters:
perm - the permission to check
Returns:
true if the specified permission is an instance of AuthenticationPermission and every principal that matches the target name of the specified permission also matches the target name of this permission; false otherwise

getActions

public java.lang.String getActions()
Always returns the empty string.
Overrides:
getActions in class java.security.Permission

equals

public boolean equals(java.lang.Object obj)
Two instances of this class are equal if they have the same target name.
Overrides:
equals in class java.security.Permission

hashCode

public int hashCode()
Returns a hash code value for this object.
Overrides:
hashCode in class java.security.Permission


Copyright © 2000 Sun Microsystems, Inc. All rights reserved