Module java.sql
Package java.sql

Class SQLPermission

java.lang.Object
java.security.Permission
java.security.BasicPermission
java.sql.SQLPermission
All Implemented Interfaces:
Serializable,Guard
public final classSQLPermissionextendsBasicPermission
The permission for which theSecurityManager will check when code that is running an application with aSecurityManager enabled, calls theDriverManager.deregisterDriver method,DriverManager.setLogWriter method,DriverManager.setLogStream (deprecated) method,SyncFactory.setJNDIContext method,SyncFactory.setLogger method,Connection.setNetworkTimeout method, or theConnection.abort method. If there is noSQLPermission object, these methods throw ajava.lang.SecurityException as a runtime exception.

ASQLPermission object contains a name (also referred to as a "target name") but no actions list; there is either a named permission or there is not. The target name is the name of the permission (see below). The naming convention follows the hierarchical property naming convention. In addition, an asterisk may appear at the end of the name, following a ".", or by itself, to signify a wildcard match. For example:loadLibrary.* and* signify a wildcard match, while*loadLibrary anda*b do not.

The following table lists all the possibleSQLPermission target names. The table gives a description of what the permission allows and a discussion of the risks of granting code the permission.

permission target name, what the permission allows, and associated risks
Permission Target NameWhat the Permission AllowsRisks of Allowing this Permission
setLogSetting of the logging streamThis is a dangerous permission to grant. The contents of the log may contain usernames and passwords, SQL statements, and SQL data.
callAbortAllows the invocation of theConnection methodabortPermits an application to terminate a physical connection to a database.
setSyncFactoryAllows the invocation of theSyncFactory methodssetJNDIContext andsetLoggerPermits an application to specify the JNDI context from which theSyncProvider implementations can be retrieved from and the logging object to be used by theSyncProvider implementation.
setNetworkTimeoutAllows the invocation of theConnection methodsetNetworkTimeoutPermits an application to specify the maximum period aConnection or objects created from theConnection will wait for the database to reply to any one request.
deregisterDriverAllows the invocation of theDriverManager methodderegisterDriverPermits an application to remove a JDBC driver from the list of registered Drivers and release its resources.

Since:
1.3
See Also:

  • Constructor Details

    • SQLPermission

      public SQLPermission(String name)
      Creates a newSQLPermission object with the specified name. The name is the symbolic name of theSQLPermission.
      Parameters:
      name - the name of thisSQLPermission object, which must be either setLog,callAbort,setSyncFactory,deregisterDriver, orsetNetworkTimeout
      Throws:
      NullPointerException - ifname isnull.
      IllegalArgumentException - ifname is empty.

    • SQLPermission

      public SQLPermission(String name,String actions)
      Creates a newSQLPermission object with the specified name. The name is the symbolic name of theSQLPermission; the actionsString is currently unused and should benull.
      Parameters:
      name - the name of thisSQLPermission object, which must be either setLog,callAbort,setSyncFactory,deregisterDriver, orsetNetworkTimeout
      actions - should benull
      Throws:
      NullPointerException - ifname isnull.
      IllegalArgumentException - ifname is empty.