java.lang.Object | +--javax.security.auth.Policy
This is an abstract class for representing the system policy for Subject-based authorization. A subclass implementation of this class provides a means to specify a Subject-based access controlPolicy.
APolicy object can be queried for the set of Permissions granted to code running as aPrincipal in the following manner:
policy = Policy.getPolicy();PermissionCollection perms = policy.getPermissions(subject,codeSource);The
Policy object consults the local policy and returns and appropriatePermissions object with the Permissions granted to the Principals associated with the providedsubject, and granted to the code specified by the providedcodeSource. APolicy contains the following information. Note that this example only represents the syntax for the defaultPolicy implementation. Subclass implementations of this class may implement alternative syntaxes and may retrieve thePolicy from any source such as files, databases, or servers.
Each entry in thePolicy is represented as agrant entry. Eachgrant entry specifies a codebase, code signers, and Principals triplet, as well as the Permissions granted to that triplet.
grant CodeBase ["URL"], Signedby ["signers"], Principal [Principal_Class] "Principal_Name" { Permission Permission_Class ["Target_Name"][, "Permission_Actions"][, signedBy "SignerName"];}; The CodeBase and Signedby components of the triplet name/value pairs are optional. If they are not present, then any any codebase will match, and any signer (including unsigned code) will match. For Example,grant CodeBase "foo.com", Signedby "foo", Principal com.sun.security.auth.SolarisPrincipal "duke" { permission java.io.FilePermission "/home/duke", "read, write";}; Thisgrant entry specifies that code from "foo.com", signed by "foo', and running as aSolarisPrincipal with the name, duke, has onePermission. ThisPermission permits the executing code to read and write files in the directory, "/home/duke". To "run" as a particularPrincipal, code invokes theSubject.doAs(subject, ...) method. After invoking that method, the code runs as all the Principals associated with the specifiedSubject. Note that thisPolicy (and the Permissions granted in thisPolicy) only become effective after the call toSubject.doAs has occurred.
Multiple Principals may be listed within onegrant entry. All the Principals in the grant entry must be associated with theSubject provided toSubject.doAs for thatSubject to be granted the specified Permissions.
grant Principal com.sun.security.auth.SolarisPrincipal "duke", Principal com.sun.security.auth.SolarisNumericUserPrincipal "0" { permission java.io.FilePermission "/home/duke", "read, write"; permission java.net.SocketPermission "duke.com", "connect";}; This entry grants any code running as both "duke" and "0" permission to read and write files in duke's home directory, as well as permission to make socket connections to "duke.com". Note that non Principal-based grant entries are not permitted in thisPolicy. Therefore, grant entries such as:
grant CodeBase "foo.com", Signedby "foo" { permission java.io.FilePermission "/tmp/scratch", "read, write";}; are rejected. Such permission must be listed in thejava.security.Policy. The defaultPolicy implementation can be changed by setting the value of the "auth.policy.provider" security property (in the Java security properties file) to the fully qualified name of the desiredPolicy implementation class. The Java security properties file is located in the file named <JAVA_HOME>/lib/security/java.security, where <JAVA_HOME> refers to the directory where the JDK was installed.
Policy()Sole constructor. | |
getPermissions(Subject subject, java.security.CodeSource cs)Retrieve the Permissions granted to the Principals associated with the specified CodeSource. | |
getPolicy()Returns the installed Policy object. | |
refresh()Refresh and reload the Policy. | |
setPolicy(Policy policy)Sets the system-wide Policy object. | |
| Methods inherited from class java.lang.Object |
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait |
protectedPolicy()
public staticPolicygetPolicy()
SecurityManager.checkPermission with theAuthPermission("getPolicy") permission to ensure the caller has permission to get the Policy object.null.java.lang.SecurityException - if the current thread does not have permission to get the Policy object.public static voidsetPolicy(Policy policy)
SecurityManager.checkPermission with theAuthPermission("setPolicy") permission to ensure the caller has permission to set the Policy.policy - the new system Policy object.java.lang.SecurityException - if the current thread does nothave permission to set the Policy.public abstract java.security.PermissionCollectiongetPermissions(Subject subject, java.security.CodeSource cs)
CodeSource.subject - theSubjectwhose associated Principals,in conjunction with the providedCodeSource, determines the Permissionsreturned by this method. This parametermay benull.cs - the code specified by itsCodeSourcethat determines, in conjunction with the providedSubject, the Permissionsreturned by this method. This parameter may benull.Subject and code specified inthe providedsubject andcsparameters.public abstract voidrefresh()
This method causes this object to refresh/reload its current Policy. This is implementation-dependent. For example, if the Policy object is stored in a file, callingrefresh will cause the file to be re-read.
java.lang.SecurityException - if the caller does not have permissionto refresh the Policy.