javax.security.auth
Class AuthPermission

java.lang.Object
  |
  +--java.security.Permission
        |
        +--java.security.BasicPermission
              |
              +--javax.security.auth.AuthPermission
All Implemented Interfaces:
java.security.Guard, java.io.Serializable

public final class AuthPermission
extends java.security.BasicPermission

This class is for authentication permissions. An AuthPermission contains a name (also referred to as a "target name") but no actions list; you either have the named permission or you don't.

The target name is the name of a security configuration parameter (see below). Currently the AuthPermission object is used to guard access to the Policy, Subject, LoginContext, and Configuration objects.

The possible target names for an Authentication Permission are:

	doAs -			allow the caller to invoke the
				Subject.doAs methods.

	doAsPrivileged -	allow the caller to invoke the
				Subject.doAsPrivileged methods.

	getSubject -		allow for the retrieval of the
				Subject(s) associated with the
				current Thread.

	getSubjectFromDomainCombiner -	allow for the retrieval of the
				Subject associated with the
				a SubjectDomainCombiner.

	setReadOnly -		allow the caller to set a Subject
				to be read-only.

	modifyPrincipals -	allow the caller to modify the Set
				of Principals associated with a
				Subject

	modifyPublicCredentials - allow the caller to modify the
				Set of public credentials
				associated with a Subject

	modifyPrivateCredentials - allow the caller to modify the
				Set of private credentials
				associated with a Subject

	getPolicy -		allow the caller to retrieve the system-wide
				Subject-based access control policy.

	setPolicy -		allow the caller to set the system-wide
				Subject-based access control policy.

	refreshPolicy -		allow the caller to refresh the system-wide
				Subject-based access control policy.

	refreshCredential -	allow code to invoke the refresh
				method on a credential which implements
				the Refreshable interface.

	destroyCredential -	allow code to invoke the destroy
				method on a credential object
				which implements the Destroyable
				interface.

	createLoginContext -	allow code to instantiate a
				LoginContext.

	getLoginConfiguration - allow for the retrieval of the system-wide
				login Configuration.

	setLoginConfiguration - allow for the setting of the system-wide
				login Configuration.

	refreshLoginConfiguration - allow for the refreshing of the system-wide
				login Configuration.
 

See Also:
Serialized Form

Constructor Summary
AuthPermission(java.lang.String name)
          Creates a new AuthPermission with the specified name.
AuthPermission(java.lang.String name, java.lang.String actions)
          Creates a new AuthPermission object with the specified name.
 
Methods inherited from class java.security.BasicPermission
equals, getActions, hashCode, implies, newPermissionCollection
 
Methods inherited from class java.security.Permission
checkGuard, getName, toString
 
Methods inherited from class java.lang.Object
clone, finalize, getClass, notify, notifyAll, wait, wait, wait
 

Constructor Detail

AuthPermission

public AuthPermission(java.lang.String name)
Creates a new AuthPermission with the specified name. The name is the symbolic name of the AuthPermission.

Parameters:
name - the name of the AuthPermission

AuthPermission

public AuthPermission(java.lang.String name,
                      java.lang.String actions)
Creates a new AuthPermission object with the specified name. The name is the symbolic name of the AuthPermission, and the actions String is currently unused and should be null. This constructor exists for use by the Policy object to instantiate new Permission objects.

Parameters:
name - the name of the AuthPermission

actions - should be null.