1. /*

  2.  * @(#)AuthPermission.java	1.48 03/01/23

  3.  *

  4.  * Copyright 2003 Sun Microsystems, Inc. All rights reserved.

  5.  * SUN PROPRIETARY/CONFIDENTIAL. Use is subject to license terms.

  6.  */

  7. 

  8. package javax.security.auth;

  9. 

  10. /**

  11.  * This class is for authentication permissions.

  12.  * An AuthPermission contains a name

  13.  * (also referred to as a "target name")

  14.  * but no actions list; you either have the named permission

  15.  * or you don't.

  16.  *

  17.  * <p> The target name is the name of a security configuration parameter

  18.  * (see below).  Currently the AuthPermission object is used to

  19.  * guard access to the Policy, Subject, LoginContext,

  20.  * and Configuration objects.

  21.  *

  22.  * <p> The possible target names for an Authentication Permission are:

  23.  *

  24.  * <pre>

  25.  *	doAs -			allow the caller to invoke the

  26.  *				<code>Subject.doAs</code> methods.

  27.  *

  28.  *	doAsPrivileged -	allow the caller to invoke the

  29.  *				<code>Subject.doAsPrivileged</code> methods.

  30.  *

  31.  *	getSubject -		allow for the retrieval of the

  32.  *				Subject(s) associated with the

  33.  *				current Thread.

  34.  *

  35.  *	getSubjectFromDomainCombiner -	allow for the retrieval of the

  36.  *				Subject associated with the

  37.  *				a <code>SubjectDomainCombiner</code>.

  38.  *

  39.  *	setReadOnly -		allow the caller to set a Subject

  40.  *				to be read-only.

  41.  *

  42.  *	modifyPrincipals -	allow the caller to modify the <code>Set</code>

  43.  *				of Principals associated with a

  44.  *				<code>Subject</code>

  45.  *

  46.  *	modifyPublicCredentials - allow the caller to modify the

  47.  *				<code>Set</code> of public credentials

  48.  *				associated with a <code>Subject</code>

  49.  *

  50.  *	modifyPrivateCredentials - allow the caller to modify the

  51.  *				<code>Set</code> of private credentials

  52.  *				associated with a <code>Subject</code>

  53.  *

  54.  *	refreshCredential -	allow code to invoke the <code>refresh</code>

  55.  *				method on a credential which implements

  56.  *				the <code>Refreshable</code> interface.

  57.  *

  58.  *	destroyCredential -	allow code to invoke the <code>destroy</code>

  59.  *				method on a credential <code>object</code>

  60.  *				which implements the <code>Destroyable</code>

  61.  *				interface.

  62.  *

  63.  *	createLoginContext.{name} -  allow code to instantiate a

  64.  *				<code>LoginContext</code> with the

  65.  *				specified <i>name</i>.  <i>name</i>

  66.  *				is used as the index into the login

  67.  *				<code>Configuration</code>.  <i>name</i>

  68.  *				can be wildcarded (set to '*') to allow

  69.  *				for any name.

  70.  *

  71.  *	getLoginConfiguration - allow for the retrieval of the system-wide

  72.  *				login Configuration.

  73.  *

  74.  *	setLoginConfiguration - allow for the setting of the system-wide

  75.  *				login Configuration.

  76.  *

  77.  *	refreshLoginConfiguration - allow for the refreshing of the system-wide

  78.  *				login Configuration.

  79.  * </pre>

  80.  *

  81.  * <p> The following target name has been deprecated in favor of

  82.  * <code>createLoginContext.{name}</code>.

  83.  *

  84.  * <pre>

  85.  *	createLoginContext -	allow code to instantiate a

  86.  *				<code>LoginContext</code>.

  87.  * </pre>

  88.  *

  89.  * <p> <code>javax.security.auth.Policy</code> has been

  90.  * deprecated in favor of <code>java.security.Policy</code>.

  91.  * Therefore, the following target names have also been deprecated:

  92.  *

  93.  * <pre>

  94.  *	getPolicy -		allow the caller to retrieve the system-wide

  95.  *				Subject-based access control policy.

  96.  *

  97.  *	setPolicy -		allow the caller to set the system-wide

  98.  *				Subject-based access control policy.

  99.  *

  100.  *	refreshPolicy -		allow the caller to refresh the system-wide

  101.  *				Subject-based access control policy.

  102.  * </pre>

  103.  *

  104.  * @version 1.48, 01/23/03

  105.  */

  106. public final class AuthPermission extends

  107. java.security.BasicPermission {

  108. 

  109.     /**

  110.      * Creates a new AuthPermission with the specified name.

  111.      * The name is the symbolic name of the AuthPermission.

  112.      *

  113.      * <p>

  114.      *

  115.      * @param name the name of the AuthPermission

  116.      */

  117.     public AuthPermission(String name) {

  118. 	// for backwards compatibility --

  119. 	// createLoginContext is deprecated in favor of createLoginContext.*

  120. 	super("createLoginContext".equals(name) ?

  121. 		"createLoginContext.*" : name);

  122.     }

  123. 

  124.     /**

  125.      * Creates a new AuthPermission object with the specified name.

  126.      * The name is the symbolic name of the AuthPermission, and the

  127.      * actions String is currently unused and should be null.

  128.      *

  129.      * <p>

  130.      *

  131.      * @param name the name of the AuthPermission <p>

  132.      *

  133.      * @param actions should be null.

  134.      */

  135.     public AuthPermission(String name, String actions) {

  136. 	// for backwards compatibility --

  137. 	// createLoginContext is deprecated in favor of createLoginContext.*

  138. 	super("createLoginContext".equals(name) ?

  139. 		"createLoginContext.*" : name, actions);

  140.     }

  141. }