This package provides a framework for authentication and
authorization. The framework allows
authentication to be performed in pluggable fashion. Different
authentication modules can be plugged under an application without
requiring modifications to the application itself. The
authorization component allows specification of access controls
based on code location, code signers and code executors
(Subjects).
Interfaces
| Destroyable |
Objects such as credentials may optionally implement this interface
to provide the capability to destroy its contents. |
| Refreshable |
Objects such as credentials may optionally implement this
interface to provide the capability to refresh itself. |
Classes
| AuthPermission |
This class is for authentication permissions. |
| Policy |
This class is deprecated.
as of JDK version 1.4 -- Replaced by java.security.Policy.
java.security.Policy has a method:
public PermissionCollection getPermissions
(java.security.ProtectionDomain pd)
and ProtectionDomain has a constructor:
public ProtectionDomain
(CodeSource cs,
PermissionCollection permissions,
ClassLoader loader,
Principal[] principals)
These two APIs provide callers the means to query the
Policy for Principal-based Permission entries.
|
| PrivateCredentialPermission |
This class is used to protect access to private Credentials
belonging to a particular Subject. |
| Subject |
A Subject represents a grouping of related information
for a single entity, such as a person. |
| SubjectDomainCombiner |
A SubjectDomainCombiner updates ProtectionDomains
with Principals from the Subject associated with this
SubjectDomainCombiner. |
Exceptions