Path: blob/aarch64-shenandoah-jdk8u272-b10/jdk/src/share/classes/javax/security/auth/AuthPermission.java
38918 views
/*1* Copyright (c) 1998, 2013, Oracle and/or its affiliates. All rights reserved.2* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.3*4* This code is free software; you can redistribute it and/or modify it5* under the terms of the GNU General Public License version 2 only, as6* published by the Free Software Foundation. Oracle designates this7* particular file as subject to the "Classpath" exception as provided8* by Oracle in the LICENSE file that accompanied this code.9*10* This code is distributed in the hope that it will be useful, but WITHOUT11* ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or12* FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License13* version 2 for more details (a copy is included in the LICENSE file that14* accompanied this code).15*16* You should have received a copy of the GNU General Public License version17* 2 along with this work; if not, write to the Free Software Foundation,18* Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.19*20* Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA21* or visit www.oracle.com if you need additional information or have any22* questions.23*/2425package javax.security.auth;2627/**28* This class is for authentication permissions.29* An AuthPermission contains a name30* (also referred to as a "target name")31* but no actions list; you either have the named permission32* or you don't.33*34* <p> The target name is the name of a security configuration parameter35* (see below). Currently the AuthPermission object is used to36* guard access to the Policy, Subject, LoginContext,37* and Configuration objects.38*39* <p> The possible target names for an Authentication Permission are:40*41* <pre>42* doAs - allow the caller to invoke the43* {@code Subject.doAs} methods.44*45* doAsPrivileged - allow the caller to invoke the46* {@code Subject.doAsPrivileged} methods.47*48* getSubject - allow for the retrieval of the49* Subject(s) associated with the50* current Thread.51*52* getSubjectFromDomainCombiner - allow for the retrieval of the53* Subject associated with the54* a {@code SubjectDomainCombiner}.55*56* setReadOnly - allow the caller to set a Subject57* to be read-only.58*59* modifyPrincipals - allow the caller to modify the {@code Set}60* of Principals associated with a61* {@code Subject}62*63* modifyPublicCredentials - allow the caller to modify the64* {@code Set} of public credentials65* associated with a {@code Subject}66*67* modifyPrivateCredentials - allow the caller to modify the68* {@code Set} of private credentials69* associated with a {@code Subject}70*71* refreshCredential - allow code to invoke the {@code refresh}72* method on a credential which implements73* the {@code Refreshable} interface.74*75* destroyCredential - allow code to invoke the {@code destroy}76* method on a credential {@code object}77* which implements the {@code Destroyable}78* interface.79*80* createLoginContext.{name} - allow code to instantiate a81* {@code LoginContext} with the82* specified <i>name</i>. <i>name</i>83* is used as the index into the installed login84* {@code Configuration}85* (that returned by86* {@code Configuration.getConfiguration()}).87* <i>name</i> can be wildcarded (set to '*')88* to allow for any name.89*90* getLoginConfiguration - allow for the retrieval of the system-wide91* login Configuration.92*93* createLoginConfiguration.{type} - allow code to obtain a Configuration94* object via95* {@code Configuration.getInstance}.96*97* setLoginConfiguration - allow for the setting of the system-wide98* login Configuration.99*100* refreshLoginConfiguration - allow for the refreshing of the system-wide101* login Configuration.102* </pre>103*104* <p> The following target name has been deprecated in favor of105* {@code createLoginContext.{name}}.106*107* <pre>108* createLoginContext - allow code to instantiate a109* {@code LoginContext}.110* </pre>111*112* <p> {@code javax.security.auth.Policy} has been113* deprecated in favor of {@code java.security.Policy}.114* Therefore, the following target names have also been deprecated:115*116* <pre>117* getPolicy - allow the caller to retrieve the system-wide118* Subject-based access control policy.119*120* setPolicy - allow the caller to set the system-wide121* Subject-based access control policy.122*123* refreshPolicy - allow the caller to refresh the system-wide124* Subject-based access control policy.125* </pre>126*127*/128public final class AuthPermission extends129java.security.BasicPermission {130131private static final long serialVersionUID = 5806031445061587174L;132133/**134* Creates a new AuthPermission with the specified name.135* The name is the symbolic name of the AuthPermission.136*137* <p>138*139* @param name the name of the AuthPermission140*141* @throws NullPointerException if {@code name} is {@code null}.142* @throws IllegalArgumentException if {@code name} is empty.143*/144public AuthPermission(String name) {145// for backwards compatibility --146// createLoginContext is deprecated in favor of createLoginContext.*147super("createLoginContext".equals(name) ?148"createLoginContext.*" : name);149}150151/**152* Creates a new AuthPermission object with the specified name.153* The name is the symbolic name of the AuthPermission, and the154* actions String is currently unused and should be null.155*156* <p>157*158* @param name the name of the AuthPermission <p>159*160* @param actions should be null.161*162* @throws NullPointerException if {@code name} is {@code null}.163* @throws IllegalArgumentException if {@code name} is empty.164*/165public AuthPermission(String name, String actions) {166// for backwards compatibility --167// createLoginContext is deprecated in favor of createLoginContext.*168super("createLoginContext".equals(name) ?169"createLoginContext.*" : name, actions);170}171}172173174