|
Oracle Fusion Middleware Java API Reference for Oracle Platform Security Services 11g Release 1 (11.1.1) E14650-03 |
|||||||||
PREV CLASS NEXT CLASS | FRAMES NO FRAMES | |||||||||
SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD |
java.lang.Object
oracle.security.jps.util.JpsAuth
public final class JpsAuth
An Authorization related utility class
Nested Class Summary | |
---|---|
static interface |
JpsAuth.Authorizer |
Constructor Summary | |
---|---|
JpsAuth() |
Method Summary | |
---|---|
static void |
checkPermission(java.security.Permission perm) Utility method to perform checkPermission. |
static java.util.Set |
getGrantedResources(javax.security.auth.Subject subject, boolean isAuthorized) Returns resource-actions that have been granted to a Subject. |
static JpsAuth.Authorizer |
getSystemAuthorizer() Returns the system-level Authorizer |
static boolean |
hasPermission(javax.security.auth.Subject subject, java.security.Permission perm) |
Methods inherited from class java.lang.Object |
---|
equals, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait |
Constructor Detail |
---|
public JpsAuth()
Method Detail |
---|
public static JpsAuth.Authorizer getSystemAuthorizer()
public static void checkPermission(java.security.Permission perm) throws java.security.AccessControlException
SecurityManager
is set, call SecurityManager.checkPermission
AccessController.checkPermission
perm
- permission to be checkedjava.security.AccessControlException
- if the specified permission is not permitted, based on the current security policy.public static boolean hasPermission(javax.security.auth.Subject subject, java.security.Permission perm)
public static java.util.Set getGrantedResources(javax.security.auth.Subject subject, boolean isAuthorized) throws JpsRuntimeException
Set
of ResourceActionsEntry
.<p/> Please note that only permissions associated with resource types (directly or indirectly through permission sets) will be returned by this method.If the subject is given java.security.AllPermission permission, then the returned resource actions entry will contain "<all actions>" action and "<all permissions>" resource where the resource type is "AllPermission".<p/>subject
- The Subject instance. This Subject instance can contain user identity, enterprise roles, or application roles. This method will not compute application roles for the given subject. The subject must be read-only.isAuthorized
- A boolean flag to indicate if it also needs to perform checkPermission
for the subject on all the granted resources. Set to true to perform a checkPermission for the subject on the resource actions entries. If set to false, no checkPermission is performed. Please note that in certain cases, a subject is granted for a permission does not necessary mean that the subject is authorized. An example would be, say, we have a custom permission which implements its own implies
method, and it adds one more condition to return imply true only if the access time is between 9 AM and 5 PM. In this case, a subject is granted the permission, but will only be authorized during 9 AM and 5 PM. If authorize is set to false, we will not evaluate the permissions and just return the entire set of permissions in ResourceActionsEntry.JpsRuntimeException
- If the policy provider does not implement getGrantedResources
.
|
Oracle Fusion Middleware Java API Reference for Oracle Platform Security Services 11g Release 1 (11.1.1) E14650-03 |
|||||||||
PREV CLASS NEXT CLASS | FRAMES NO FRAMES | |||||||||
SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD |