|
|||||||||
PREV CLASS NEXT CLASS | FRAMES NO FRAMES | ||||||||
SUMMARY: INNER | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD |
java.lang.Object | +--java.security.Permission | +--java.rmi.AuthenticationPermission
Represents permission to use the private credentials of subjects for the
purpose of authenticating as any principal (or any set of principals) that
matches the target name, during secure RMI communication (as a client or as
a server). In general, RMI security providers check for this permission
instead of checking for
javax.security.auth.PrivateCredentialPermission
.
An instance of this class contains a name (also referred to as a "target name") but no actions list; you either have the named permission or you don't. The target name consists of one or more principal specifications, each consisting of a principal class and a principal name. The syntax of the target name is:
PrincipalClass "PrincipalName" ...That is, the target name consists of alternating principal classes and principal names, separated by spaces, with each principal name surrounded by quotes. The order in which principals are specified does not matter. In any given principal specification, a wildcard value of "*" can be used for both PrincipalClass and PrincipalName or for just PrincipalName, but it is illegal to use a wildcard value for just PrincipalClass.
A principal p
matches the target name if the target name has
any of the following principal specifications:
p.getClass().getName()
and a PrincipalName equal to "*"
p.getClass().getName()
and a PrincipalName equal to
the value of p.getName()
Some example policy file permission grants:
grant principal com.sun.security.auth.X500Principal "CN=jack" { permission java.rmi.AuthenticationPermission "com.sun.security.auth.X500Principal \"CN=jack\""; }; grant codebase "file:/code/mycode.jar" { permission java.rmi.AuthenticationPermission "com.sun.security.auth.X500Principal \"CN=jack\" com.sun.security.auth.X500Principal \"CN=jill\""; }; grant codebase "file:/code/trusted.jar" { permission java.rmi.AuthenticationPermission "com.sun.security.auth.X500Principal \"*\""; };
Constructor Summary | |
AuthenticationPermission(java.security.Principal prin)
Creates an instance with a name containing the specified principal. |
|
AuthenticationPermission(java.lang.String name)
Creates an instance with the specified name. |
|
AuthenticationPermission(java.lang.String name,
java.lang.String actions)
Creates an instance with the specified name. |
Method Summary | |
static boolean |
checkPermission(java.security.Principal prin)
Returns false if there is a security manager installed and
the security manager's checkPermission method throws a
SecurityException when invoked with an instance of this
class constructed from the specified principal; returns
true otherwise. |
boolean |
equals(java.lang.Object obj)
Two instances of this class are equal if they have the same target name. |
java.lang.String |
getActions()
Always returns the empty string. |
int |
hashCode()
Returns a hash code value for this object. |
boolean |
implies(java.security.Permission perm)
Returns true if the specified permission is an instance
of AuthenticationPermission and every principal that
matches the target name of the specified permission also matches
the target name of this permission; returns false
otherwise. |
Methods inherited from class java.security.Permission |
checkGuard, getName, newPermissionCollection, toString |
Methods inherited from class java.lang.Object |
clone, finalize, getClass, notify, notifyAll, wait, wait, wait |
Constructor Detail |
public AuthenticationPermission(java.lang.String name)
name
- the target nameNullPointerException
- if the target name is null
java.lang.IllegalArgumentException
- if the specified name does match the
syntax specified in the comments at the beginning of this classpublic AuthenticationPermission(java.lang.String name, java.lang.String actions)
name
- the target nameactions
- ignoredNullPointerException
- if the target name is null
java.lang.IllegalArgumentException
- if the specified name does match the
syntax specified in the comments at the beginning of this classpublic AuthenticationPermission(java.security.Principal prin)
prin
- the principalNullPointerException
- if the principal is null
Method Detail |
public static boolean checkPermission(java.security.Principal prin)
false
if there is a security manager installed and
the security manager's checkPermission
method throws a
SecurityException
when invoked with an instance of this
class constructed from the specified principal; returns
true
otherwise.prin
- the principalfalse
if there is a security manager installed and
the security manager's checkPermission
method throws a
SecurityException
when invoked with an instance of this
class constructed from the specified principal; true
otherwiseNullPointerException
- if the principal is null
public boolean implies(java.security.Permission perm)
true
if the specified permission is an instance
of AuthenticationPermission
and every principal that
matches the target name of the specified permission also matches
the target name of this permission; returns false
otherwise.implies
in class java.security.Permission
perm
- the permission to checktrue
if the specified permission is an instance
of AuthenticationPermission
and every principal that
matches the target name of the specified permission also matches
the target name of this permission; false
otherwisepublic java.lang.String getActions()
getActions
in class java.security.Permission
public boolean equals(java.lang.Object obj)
equals
in class java.security.Permission
public int hashCode()
hashCode
in class java.security.Permission
|
|||||||||
PREV CLASS NEXT CLASS | FRAMES NO FRAMES | ||||||||
SUMMARY: INNER | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD |