1. /*
  2. * @(#)AuthPermission.java 1.51 03/12/19
  3. *
  4. * Copyright 2004 Sun Microsystems, Inc. All rights reserved.
  5. * SUN PROPRIETARY/CONFIDENTIAL. Use is subject to license terms.
  6. */
  7. package javax.security.auth;
  8. /**
  9. * This class is for authentication permissions.
  10. * An AuthPermission contains a name
  11. * (also referred to as a "target name")
  12. * but no actions list; you either have the named permission
  13. * or you don't.
  14. *
  15. * <p> The target name is the name of a security configuration parameter
  16. * (see below). Currently the AuthPermission object is used to
  17. * guard access to the Policy, Subject, LoginContext,
  18. * and Configuration objects.
  19. *
  20. * <p> The possible target names for an Authentication Permission are:
  21. *
  22. * <pre>
  23. * doAs - allow the caller to invoke the
  24. * <code>Subject.doAs</code> methods.
  25. *
  26. * doAsPrivileged - allow the caller to invoke the
  27. * <code>Subject.doAsPrivileged</code> methods.
  28. *
  29. * getSubject - allow for the retrieval of the
  30. * Subject(s) associated with the
  31. * current Thread.
  32. *
  33. * getSubjectFromDomainCombiner - allow for the retrieval of the
  34. * Subject associated with the
  35. * a <code>SubjectDomainCombiner</code>.
  36. *
  37. * setReadOnly - allow the caller to set a Subject
  38. * to be read-only.
  39. *
  40. * modifyPrincipals - allow the caller to modify the <code>Set</code>
  41. * of Principals associated with a
  42. * <code>Subject</code>
  43. *
  44. * modifyPublicCredentials - allow the caller to modify the
  45. * <code>Set</code> of public credentials
  46. * associated with a <code>Subject</code>
  47. *
  48. * modifyPrivateCredentials - allow the caller to modify the
  49. * <code>Set</code> of private credentials
  50. * associated with a <code>Subject</code>
  51. *
  52. * refreshCredential - allow code to invoke the <code>refresh</code>
  53. * method on a credential which implements
  54. * the <code>Refreshable</code> interface.
  55. *
  56. * destroyCredential - allow code to invoke the <code>destroy</code>
  57. * method on a credential <code>object</code>
  58. * which implements the <code>Destroyable</code>
  59. * interface.
  60. *
  61. * createLoginContext.{name} - allow code to instantiate a
  62. * <code>LoginContext</code> with the
  63. * specified <i>name</i>. <i>name</i>
  64. * is used as the index into the installed login
  65. * <code>Configuration</code>
  66. * (that returned by
  67. * <code>Configuration.getConfiguration()</code>).
  68. * <i>name</i> can be wildcarded (set to '*')
  69. * to allow for any name.
  70. *
  71. * getLoginConfiguration - allow for the retrieval of the system-wide
  72. * login Configuration.
  73. *
  74. * setLoginConfiguration - allow for the setting of the system-wide
  75. * login Configuration.
  76. *
  77. * refreshLoginConfiguration - allow for the refreshing of the system-wide
  78. * login Configuration.
  79. * </pre>
  80. *
  81. * <p> The following target name has been deprecated in favor of
  82. * <code>createLoginContext.{name}</code>.
  83. *
  84. * <pre>
  85. * createLoginContext - allow code to instantiate a
  86. * <code>LoginContext</code>.
  87. * </pre>
  88. *
  89. * <p> <code>javax.security.auth.Policy</code> has been
  90. * deprecated in favor of <code>java.security.Policy</code>.
  91. * Therefore, the following target names have also been deprecated:
  92. *
  93. * <pre>
  94. * getPolicy - allow the caller to retrieve the system-wide
  95. * Subject-based access control policy.
  96. *
  97. * setPolicy - allow the caller to set the system-wide
  98. * Subject-based access control policy.
  99. *
  100. * refreshPolicy - allow the caller to refresh the system-wide
  101. * Subject-based access control policy.
  102. * </pre>
  103. *
  104. * @version 1.51, 12/19/03
  105. */
  106. public final class AuthPermission extends
  107. java.security.BasicPermission {
  108. private static final long serialVersionUID = 5806031445061587174L;
  109. /**
  110. * Creates a new AuthPermission with the specified name.
  111. * The name is the symbolic name of the AuthPermission.
  112. *
  113. * <p>
  114. *
  115. * @param name the name of the AuthPermission
  116. */
  117. public AuthPermission(String name) {
  118. // for backwards compatibility --
  119. // createLoginContext is deprecated in favor of createLoginContext.*
  120. super("createLoginContext".equals(name) ?
  121. "createLoginContext.*" : name);
  122. }
  123. /**
  124. * Creates a new AuthPermission object with the specified name.
  125. * The name is the symbolic name of the AuthPermission, and the
  126. * actions String is currently unused and should be null.
  127. *
  128. * <p>
  129. *
  130. * @param name the name of the AuthPermission <p>
  131. *
  132. * @param actions should be null.
  133. */
  134. public AuthPermission(String name, String actions) {
  135. // for backwards compatibility --
  136. // createLoginContext is deprecated in favor of createLoginContext.*
  137. super("createLoginContext".equals(name) ?
  138. "createLoginContext.*" : name, actions);
  139. }
  140. }