hunt-security ~master (2022-05-10T21:21:26.2180491)

AuthPermission

hunt security AuthPermission

This class is for authentication permissions. An AuthPermission contains a name (also referred to as a "target name") but no actions list; you either have the named permission or you don't.

<p> The target name is the name of a security configuration parameter (see below). Currently the AuthPermission object is used to guard access to the Policy, Subject, LoginContext, and Configuration objects.

<p> The possible target names for an Authentication Permission are:

<pre> doAs - allow the caller to invoke the {@code Subject.doAs} methods.

doAsPrivileged - allow the caller to invoke the {@code Subject.doAsPrivileged} methods.

getSubject - allow for the retrieval of the Subject(s) associated with the current Thread.

getSubjectFromDomainCombiner - allow for the retrieval of the Subject associated with the a {@code SubjectDomainCombiner}.

setReadOnly - allow the caller to set a Subject to be read-only.

modifyPrincipals - allow the caller to modify the {@code Set} of Principals associated with a {@code Subject}

modifyPublicCredentials - allow the caller to modify the {@code Set} of public credentials associated with a {@code Subject}

modifyPrivateCredentials - allow the caller to modify the {@code Set} of private credentials associated with a {@code Subject}

refreshCredential - allow code to invoke the {@code refresh} method on a credential which implements the {@code Refreshable} interface.

destroyCredential - allow code to invoke the {@code destroy} method on a credential {@code object} which implements the {@code Destroyable} interface.

createLoginContext.{name} - allow code to instantiate a {@code LoginContext} with the specified <i>name</i>. <i>name</i> is used as the index into the installed login {@code Configuration} (that returned by {@code Configuration.getConfiguration()}). <i>name</i> can be wildcarded (set to '*') to allow for any name.

getLoginConfiguration - allow for the retrieval of the system-wide login Configuration.

createLoginConfiguration.{type} - allow code to obtain a Configuration object via {@code Configuration.getInstance}.

setLoginConfiguration - allow for the setting of the system-wide login Configuration.

refreshLoginConfiguration - allow for the refreshing of the system-wide login Configuration. </pre>

<p> The following target name has been deprecated in favor of {@code createLoginContext.{name}}.

<pre> createLoginContext - allow code to instantiate a {@code LoginContext}. </pre>

<p> {@code javax.security.auth.Policy} has been deprecated in favor of {@code java.security.Policy}. Therefore, the following target names have also been deprecated:

<pre> getPolicy - allow the caller to retrieve the system-wide Subject-based access control policy.

setPolicy - allow the caller to set the system-wide Subject-based access control policy.

refreshPolicy - allow the caller to refresh the system-wide Subject-based access control policy. </pre>

final
class AuthPermission : BasicPermission {
this(string name);
this(string name, string actions);
}

Constructors

this
this(string name)

Creates a new AuthPermission with the specified name. The name is the symbolic name of the AuthPermission.

this
this(string name, string actions)

Creates a new AuthPermission object with the specified name. The name is the symbolic name of the AuthPermission, and the actions string is currently unused and should be null.

Inherited Members

From BasicPermission

implies
bool implies(Permission p)

Checks if the specified permission is "implied" by this object. <P> More specifically, this method returns true if: <ul> <li> <i>p</i>'s class is the same as this object's class, and <li> <i>p</i>'s name equals or (in the case of wildcards) is implied by this object's name. For example, "a.b.*" implies "a.b.c". </ul>

opEquals
bool opEquals(Object obj)

Checks two BasicPermission objects for equality. Checks that <i>obj</i>'s class is the same as this object's class and has the same name as this object. <P> @param obj the object we are testing for equality with this object. @return true if <i>obj</i>'s class is the same as this object's class and has the same name as this BasicPermission object, false otherwise.

toHash
size_t toHash()

Returns the hash code value for this object. The hash code used is the hash code of the name, that is, {@code getName().hashCode()}, where {@code getName} is from the Permission superclass.

getActions
string getActions()

Returns the canonical string representation of the actions, which currently is the empty string "", since there are no actions for a BasicPermission.

newPermissionCollection
PermissionCollection newPermissionCollection()

Returns a new PermissionCollection object for storing BasicPermission objects.

getCanonicalName
string getCanonicalName()

Returns the canonical name of this BasicPermission. All internal invocations of getName should invoke this method, so that the pre-JDK 1.6 "exitVM" and current "exitVM.*" permission are equivalent in equals/hashCode methods.

Meta

Source

See Implementation

hunt security AuthPermission classes

Page generated by adrdox