Sun OpenSSO Enterprise 8.0 Developer's Guide

com.sun.identity.policy.jaas

The com.sun.identity.policy.jaas package provides classes for performing policy evaluation against OpenSSO Enterprise using the Java Authentication and Authorization Service (JAAS) framework. JAAS is a set of APIs that enable services to authenticate and enforce access controls upon users. This package provides support for authorization only, making it possible to use JAAS interfaces to access the Policy Service. It contains the following implementations of JAAS classes:

For more information see Enabling Authorization Using the Java Authentication and Authorization Service (JAAS).

ISPermission

com.sun.identity.policy.jaas.ISPermission extends java.security.Permission, an abstract class for representing access to a resource. It represents the control of a sensitive operation, such as opening of a socket or accessing a file for a read or write operation. It does not grant permission for that operation, leaving that responsibility to the JAAS AccessController class which evaluates OpenSSO Enterprise policy against the Policy Service.

ISPermission covers the case when additional policy services are defined and imported provided they only have boolean action values as a JAAS permission only has a boolean result.

ISPolicy

com.sun.identity.policy.jaas.ISPolicy is an implementation of the JAAS abstract class java.security.Policy which represents the system policy for a Java application environment. It performs policy evaluation against the Policy Service instead of against the default file-based PolicyFile.