com.sun.identity.security
Class ISSecurityPermission

java.lang.Object
  |
  +--java.security.Permission
        |
        +--com.sun.identity.security.ISSecurityPermission
All Implemented Interfaces:
java.security.Guard, java.io.Serializable

public class ISSecurityPermission
extends java.security.Permission

This class ISSecurityPermission is used to protect the Access Manager resources which should be accessed only by trusted application. The resources this Permission is used to protect are: Access Manager administrator DN and password, and access to the encryption and decryption methods used to encrypt all passwords in Access Manager services. The supported permissions is "access" and supported actions are "adminpassword" and "crypt" . So in the Java security policy file which will define the security options to grant this permission to code bases, it should be done as below:

  
  grant codeBase "file:{directory where jars are located}/-" {
      com.sun.identity.security.ISSecurityPermission "access", 
                     "adminpassword,crypt";
 };
 
 Note: The property
   com.sun.identity.security.checkcaller
should be set to true in AMConfig properties file to enable the Java security permissions check.

See Also:
Serialized Form

Constructor Summary
ISSecurityPermission(java.lang.String access)
          Constructs ISSecurityPermission object.
ISSecurityPermission(java.lang.String access, java.lang.String action)
          Constructs ISSecurityPermission object.
 
Method Summary
 boolean equals(java.lang.Object o)
          Returns true if this object is equals to o.
 java.lang.String getActions()
           
 int hashCode()
          Returns hash code for this object.
 boolean implies(java.security.Permission p)
          This method checks to see if this instance of ISSecurityPermission implies the Permission being passed as the argument.
 
Methods inherited from class java.security.Permission
checkGuard, getName, newPermissionCollection, toString
 
Methods inherited from class java.lang.Object
getClass, notify, notifyAll, wait, wait, wait
 

Constructor Detail

ISSecurityPermission

public ISSecurityPermission(java.lang.String access,
                            java.lang.String action)
Constructs ISSecurityPermission object.
Parameters:
access - Has to be string "access"
action - Can be adminpassword or crypt.

ISSecurityPermission

public ISSecurityPermission(java.lang.String access)
Constructs ISSecurityPermission object. This constructor sets the action to "adminpassword" by default.
Parameters:
access - Has to be string "access"
Method Detail

implies

public boolean implies(java.security.Permission p)
This method checks to see if this instance of ISSecurityPermission implies the Permission being passed as the argument. For more information on this, see the Javadocs of java.security.Permission
Overrides:
implies in class java.security.Permission
Parameters:
p - Instance of com.sun.identity.security.ISSecurityPermission
Returns:
true if this instance of ISSecurityPermission implies the actions of the argument p. False otherwise java.security.Permission

hashCode

public int hashCode()
Returns hash code for this object.
Overrides:
hashCode in class java.security.Permission
Returns:
hash code representing this object
See Also:
Permission.hashCode()

equals

public boolean equals(java.lang.Object o)
Returns true if this object is equals to o.
Overrides:
equals in class java.security.Permission
Parameters:
o - object fro comparison.
Returns:
true if both object are similar.

getActions

public java.lang.String getActions()
Overrides:
getActions in class java.security.Permission
Returns:
String representation of actions supported by ISSecurityPermission
See Also:
Permission.getActions()


Copyright 2005 Sun Microsystems, Inc. All rights reserved. Use is subject to license terms.