Known Direct Subclasses
AllPermission,
BasicPermission,
CardPermission,
ExecOptionPermission,
ExecPermission,
FilePermission,
MBeanPermission,
PrivateCredentialPermission,
ServicePermission,
SocketPermission,
UnresolvedPermission
AllPermission |
The AllPermission is a permission that implies all other permissions. |
BasicPermission |
The BasicPermission class extends the Permission class, and
can be used as the base class for permissions that want to
follow the same naming convention as BasicPermission. |
CardPermission |
A permission for Smart Card operations. |
ExecOptionPermission |
The ExecOptionPermission class represents permission for rmid to use
a specific command-line option when launching an activation group. |
ExecPermission |
The ExecPermission class represents permission for rmid to execute
a specific command to launch an activation group. |
FilePermission |
This class represents access to a file or directory. |
MBeanPermission |
Permission controlling access to MBeanServer operations. |
PrivateCredentialPermission |
This class is used to protect access to private Credentials
belonging to a particular Subject . |
ServicePermission |
This class is used to protect Kerberos services and the
credentials necessary to access those services. |
SocketPermission |
This class represents access to a network via sockets. |
UnresolvedPermission |
The UnresolvedPermission class is used to hold Permissions that
were "unresolved" when the Policy was initialized. |
|
Known Indirect Subclasses
AWTPermission,
AttachPermission,
AudioPermission,
AuthPermission,
DelegationPermission,
JDIPermission,
LoggingPermission,
MBeanServerPermission,
MBeanTrustPermission,
ManagementPermission,
NetPermission,
PropertyPermission,
ReflectPermission,
RuntimePermission,
SQLPermission,
SSLPermission,
SecurityPermission,
SerializablePermission,
SubjectDelegationPermission
AWTPermission |
This class is for AWT permissions. |
AttachPermission |
When a SecurityManager set, this
is the permission which will be checked when code invokes VirtalMachine.attach to attach to a target virtual
machine. |
AudioPermission |
The AudioPermission class represents access rights to the audio
system resources. |
AuthPermission |
This class is for authentication permissions. |
DelegationPermission |
This class is used to restrict the usage of the Kerberos
delegation model, ie: forwardable and proxiable tickets. |
JDIPermission |
The JDIPermission class represents access rights to
the VirtualMachineManager . |
LoggingPermission |
The permission which the SecurityManager will check when code
that is running with a SecurityManager calls one of the logging
control methods (such as Logger.setLevel). |
MBeanServerPermission |
A Permission to perform actions related to MBeanServers. |
MBeanTrustPermission |
This permission represents "trust" in a signer or codebase. |
ManagementPermission |
The permission which the SecurityManager will check when code
that is running with a SecurityManager calls methods defined
in the management interface for the Java platform. |
NetPermission |
This class is for various network permissions. |
PropertyPermission |
This class is for property permissions. |
ReflectPermission |
The Permission class for reflective operations. |
RuntimePermission |
This class is for runtime permissions. |
SQLPermission |
The permission for which the SecurityManager will check
when code that is running in an applet calls the
DriverManager.setLogWriter method or the
DriverManager.setLogStream (deprecated) method. |
SSLPermission |
This class is deprecated.
As of JDK 1.4, this implementation-specific class was
replaced by SSLPermission .
|
SecurityPermission |
This class is for security permissions. |
SerializablePermission |
This class is for Serializable permissions. |
SubjectDelegationPermission |
Permission required by an authentication identity to perform
operations on behalf of an authorization identity. |
|
Class Overview
Abstract class for representing access to a system resource.
All permissions have a name (whose interpretation depends on the subclass),
as well as abstract functions for defining the semantics of the
particular Permission subclass.
Most Permission objects also include an "actions" list that tells the actions
that are permitted for the object. For example,
for a java.io.FilePermission
object, the permission name is
the pathname of a file (or directory), and the actions list
(such as "read, write") specifies which actions are granted for the
specified file (or for files in the specified directory).
The actions list is optional for Permission objects, such as
java.lang.RuntimePermission
,
that don't need such a list; you either have the named permission (such
as "system.exit") or you don't.
An important method that must be implemented by each subclass is
the implies
method to compare Permissions. Basically,
"permission p1 implies permission p2" means that
if one is granted permission p1, one is naturally granted permission p2.
Thus, this is not an equality test, but rather more of a
subset test.
Permission objects are similar to String objects in that they
are immutable once they have been created. Subclasses should not
provide methods that can change the state of a permission
once it has been created.
Summary
Public Constructors |
|
Permission(String name)
Constructs a permission with the specified name.
|
Public Methods |
void
|
checkGuard(Object object)
Implements the guard interface for a permission.
|
abstract
boolean
|
equals(Object obj)
Checks two Permission objects for equality.
|
abstract
String
|
getActions()
Returns the actions as a String.
|
final
String
|
getName()
Returns the name of this Permission.
|
abstract
int
|
hashCode()
Returns the hash code value for this Permission object.
|
abstract
boolean
|
implies(Permission permission)
Checks if the specified permission's actions are "implied by"
this object's actions.
|
PermissionCollection
|
newPermissionCollection()
Returns an empty PermissionCollection for a given Permission object, or null if
one is not defined.
|
String
|
toString()
Returns a string describing this Permission.
|
[Expand]
Inherited Methods |
From class
java.lang.Object
Object
|
clone()
Creates and returns a copy of this object.
|
boolean
|
equals(Object obj)
Indicates whether some other object is "equal to" this one.
|
void
|
finalize()
Called by the garbage collector on an object when garbage collection
determines that there are no more references to the object.
|
final
Class<?>
|
getClass()
Returns the runtime class of this Object .
|
int
|
hashCode()
Returns a hash code value for the object.
|
final
void
|
notify()
Wakes up a single thread that is waiting on this object's
monitor.
|
final
void
|
notifyAll()
Wakes up all threads that are waiting on this object's monitor.
|
String
|
toString()
Returns a string representation of the object.
|
final
void
|
wait()
Causes the current thread to wait until another thread invokes the
notify() method or the
notifyAll() method for this object.
|
final
void
|
wait(long timeout, int nanos)
Causes the current thread to wait until another thread invokes the
notify() method or the
notifyAll() method for this object, or
some other thread interrupts the current thread, or a certain
amount of real time has elapsed.
|
final
void
|
wait(long timeout)
Causes the current thread to wait until either another thread invokes the
notify() method or the
notifyAll() method for this object, or a
specified amount of time has elapsed.
|
|
From interface
java.security.Guard
abstract
void
|
checkGuard(Object object)
Determines whether or not to allow access to the guarded object
object .
|
|
Public Constructors
public
Permission
(String name)
Constructs a permission with the specified name.
Parameters
name
| name of the Permission object being created.
|
Public Methods
public
void
checkGuard
(Object object)
Implements the guard interface for a permission. The
SecurityManager.checkPermission
method is called,
passing this permission object as the permission to check.
Returns silently if access is granted. Otherwise, throws
a SecurityException.
Parameters
object
| the object being guarded (currently ignored). |
Throws
SecurityException
| if a security manager exists and its
checkPermission method doesn't allow access. |
public
abstract
boolean
equals
(Object obj)
Checks two Permission objects for equality.
Do not use the equals
method for making access control
decisions; use the implies
method.
Parameters
obj
| the object we are testing for equality with this object. |
Returns
- true if both Permission objects are equivalent.
public
abstract
String
getActions
()
Returns the actions as a String. This is abstract
so subclasses can defer creating a String representation until
one is needed. Subclasses should always return actions in what they
consider to be their
canonical form. For example, two FilePermission objects created via
the following:
perm1 = new FilePermission(p1,"read,write");
perm2 = new FilePermission(p2,"write,read");
both return
"read,write" when the
getActions
method is invoked.
Returns
- the actions of this Permission.
public
final
String
getName
()
Returns the name of this Permission.
For example, in the case of a java.io.FilePermission
,
the name will be a pathname.
Returns
- the name of this Permission.
public
abstract
int
hashCode
()
Returns the hash code value for this Permission object.
The required hashCode
behavior for Permission Objects is
the following:
- Whenever it is invoked on the same Permission object more than
once during an execution of a Java application, the
hashCode
method
must consistently return the same integer. This integer need not
remain consistent from one execution of an application to another
execution of the same application.
- If two Permission objects are equal according to the
equals
method, then calling the hashCode
method on each of the
two Permission objects must produce the same integer result.
Returns
- a hash code value for this object.
public
abstract
boolean
implies
(Permission permission)
Checks if the specified permission's actions are "implied by"
this object's actions.
This must be implemented by subclasses of Permission, as they are the
only ones that can impose semantics on a Permission object.
The implies
method is used by the AccessController to determine
whether or not a requested permission is implied by another permission that
is known to be valid in the current execution context.
Parameters
permission
| the permission to check against. |
Returns
- true if the specified permission is implied by this object,
false if not.
Returns an empty PermissionCollection for a given Permission object, or null if
one is not defined. Subclasses of class Permission should
override this if they need to store their permissions in a particular
PermissionCollection object in order to provide the correct semantics
when the PermissionCollection.implies
method is called.
If null is returned,
then the caller of this method is free to store permissions of this
type in any PermissionCollection they choose (one that uses a Hashtable,
one that uses a Vector, etc).
Returns
- a new PermissionCollection object for this type of Permission, or
null if one is not defined.
public
String
toString
()
Returns a string describing this Permission. The convention is to
specify the class name, the permission name, and the actions in
the following format: '("ClassName" "name" "actions")'.
Returns
- information about this Permission.