The target name is the name of a security configuration parameter * (see below). Currently the AuthPermission object is used to * guard access to the Policy, Subject, LoginContext, * and Configuration objects. * *
The possible target names for an Authentication Permission are: * *
* doAs - allow the caller to invoke the ** *Subject.doAsmethods. * * doAsPrivileged - allow the caller to invoke the *Subject.doAsPrivilegedmethods. * * getSubject - allow for the retrieval of the * Subject(s) associated with the * current Thread. * * getSubjectFromDomainCombiner - allow for the retrieval of the * Subject associated with the * aSubjectDomainCombiner. * * setReadOnly - allow the caller to set a Subject * to be read-only. * * modifyPrincipals - allow the caller to modify theSet* of Principals associated with a *Subject* * modifyPublicCredentials - allow the caller to modify the *Setof public credentials * associated with aSubject* * modifyPrivateCredentials - allow the caller to modify the *Setof private credentials * associated with aSubject* * refreshCredential - allow code to invoke therefresh* method on a credential which implements * theRefreshableinterface. * * destroyCredential - allow code to invoke thedestroy* method on a credentialobject* which implements theDestroyable* interface. * * createLoginContext.{name} - allow code to instantiate a *LoginContextwith the * specified name. name * is used as the index into the installed login *Configuration* (that returned by *Configuration.getConfiguration()). * name can be wildcarded (set to '*') * to allow for any name. * * getLoginConfiguration - allow for the retrieval of the system-wide * login Configuration. * * createLoginConfiguration.{type} - allow code to obtain a Configuration * object via *Configuration.getInstance. * * setLoginConfiguration - allow for the setting of the system-wide * login Configuration. * * refreshLoginConfiguration - allow for the refreshing of the system-wide * login Configuration. *
The following target name has been deprecated in favor of
* createLoginContext.{name}.
*
*
* createLoginContext - allow code to instantiate a
* LoginContext.
*
*
* javax.security.auth.Policy has been
* deprecated in favor of java.security.Policy.
* Therefore, the following target names have also been deprecated:
*
*
* getPolicy - allow the caller to retrieve the system-wide * Subject-based access control policy. * * setPolicy - allow the caller to set the system-wide * Subject-based access control policy. * * refreshPolicy - allow the caller to refresh the system-wide * Subject-based access control policy. ** */ public final class AuthPermission extends java.security.BasicPermission { private static final long serialVersionUID = 5806031445061587174L; /** * Creates a new AuthPermission with the specified name. * The name is the symbolic name of the AuthPermission. * *
*
* @param name the name of the AuthPermission
*
* @throws NullPointerException if name is null.
* @throws IllegalArgumentException if name is empty.
*/
public AuthPermission(String name) {
// for backwards compatibility --
// createLoginContext is deprecated in favor of createLoginContext.*
super("createLoginContext".equals(name) ?
"createLoginContext.*" : name);
}
/**
* Creates a new AuthPermission object with the specified name.
* The name is the symbolic name of the AuthPermission, and the
* actions String is currently unused and should be null.
*
*
* * @param name the name of the AuthPermission
*
* @param actions should be null.
*
* @throws NullPointerException if name is null.
* @throws IllegalArgumentException if name is empty.
*/
public AuthPermission(String name, String actions) {
// for backwards compatibility --
// createLoginContext is deprecated in favor of createLoginContext.*
super("createLoginContext".equals(name) ?
"createLoginContext.*" : name, actions);
}
}