Subject JDK 1.6)

publicstatic T doAs (Subject subject, PrivilegedAction< T> action)

Perform work as a particular Subject.

This method first retrieves the current Thread's AccessControlContext via AccessController.getContext, and then instantiates a new AccessControlContext using the retrieved context along with a new SubjectDomainCombiner (constructed using the provided Subject). Finally, this method invokes AccessController.doPrivileged, passing it the provided PrivilegedAction, as well as the newly constructed AccessControlContext.

Returns: the value returned by the PrivilegedAction's run method.
Parameters:
- subject - the Subject that the specified action will run as. This parameter may be null.

- action - the code to be run as the specified Subject.

Throws:
- NullPointerException - if the PrivilegedAction is null.

- SecurityException - if the caller does not have permission to invoke this method.

publicstatic T doAs (Subject subject, PrivilegedExceptionAction< T> action) throws PrivilegedActionException

Perform work as a particular Subject.

This method first retrieves the current Thread's AccessControlContext via AccessController.getContext, and then instantiates a new AccessControlContext using the retrieved context along with a new SubjectDomainCombiner (constructed using the provided Subject). Finally, this method invokes AccessController.doPrivileged, passing it the provided PrivilegedExceptionAction, as well as the newly constructed AccessControlContext.

Returns: the value returned by the PrivilegedExceptionAction's run method.
Parameters:
- subject - the Subject that the specified action will run as. This parameter may be null.

- action - the code to be run as the specified Subject.

Throws:
- PrivilegedActionException - if the PrivilegedExceptionAction.run method throws a checked exception.

- NullPointerException - if the specified PrivilegedExceptionAction is null.

- SecurityException - if the caller does not have permission to invoke this method.

publicstatic T doAsPrivileged (Subject subject, PrivilegedAction< T> action, AccessControlContext acc)

Perform privileged work as a particular Subject.

This method behaves exactly as Subject.doAs, except that instead of retrieving the current Thread's AccessControlContext, it uses the provided AccessControlContext. If the provided AccessControlContext is null, this method instantiates a new AccessControlContext with an empty collection of ProtectionDomains.

Returns: the value returned by the PrivilegedAction's run method.
Parameters:
- subject - the Subject that the specified action will run as. This parameter may be null.

- action - the code to be run as the specified Subject.

- acc - the AccessControlContext to be tied to the specified subject and action.

Throws:
- NullPointerException - if the PrivilegedAction is null.

- SecurityException - if the caller does not have permission to invoke this method.

publicstatic T doAsPrivileged (Subject subject, PrivilegedExceptionAction< T> action, AccessControlContext acc) throws PrivilegedActionException

Perform privileged work as a particular Subject.

This method behaves exactly as Subject.doAs, except that instead of retrieving the current Thread's AccessControlContext, it uses the provided AccessControlContext. If the provided AccessControlContext is null, this method instantiates a new AccessControlContext with an empty collection of ProtectionDomains.

Returns: the value returned by the PrivilegedExceptionAction's run method.
Parameters:
- subject - the Subject that the specified action will run as. This parameter may be null.

- action - the code to be run as the specified Subject.

- acc - the AccessControlContext to be tied to the specified subject and action.

Throws:
- PrivilegedActionException - if the PrivilegedExceptionAction.run method throws a checked exception.

- NullPointerException - if the specified PrivilegedExceptionAction is null.

- SecurityException - if the caller does not have permission to invoke this method.

public boolean equals (Object o)

Compares the specified Object with this Subject for equality.

Compares the specified Object with this Subject for equality. Returns true if the given object is also a Subject and the two Subject instances are equivalent. More formally, two Subject instances are equal if their Principal and Credential Sets are equal.

Returns: true if the specified Object is equal to this Subject.
Parameters:
- o - Object to be compared for equality with this Subject.
Throws:
- SecurityException - if the caller does not have permission to access the private credentials for this Subject, or if the caller does not have permission to access the private credentials for the provided Subject.

public Set<Principal> getPrincipals ()

Return the Set of Principals associated with this Subject.

Return the Set of Principals associated with this Subject. Each Principal represents an identity for this Subject.

The returned Set is backed by this Subject's internal Principal Set. Any modification to the returned Set affects the internal Principal Set as well.

Returns: The Set of Principals associated with this Subject.

public Set< T> getPrincipals (Class< T> c)

Return a Set of Principals associated with this Subject that are instances or subclasses of the specified Class.

The returned Set is not backed by this Subject's internal Principal Set. A new Set is created and returned for each method invocation. Modifications to the returned Set will not affect the internal Principal Set.

Returns: a Set of Principals that are instances of the specified Class.
Parameters:
- c - the returned Set of Principals will all be instances of this class.
Throws:
- NullPointerException - if the specified Class is null.

public Set<Object> getPrivateCredentials ()

Return the Set of private credentials held by this Subject.

The returned Set is backed by this Subject's internal private Credential Set. Any modification to the returned Set affects the internal private Credential Set as well.

A caller requires permissions to access the Credentials in the returned Set, or to modify the Set itself. A SecurityException is thrown if the caller does not have the proper permissions.

While iterating through the Set, a SecurityException is thrown if the caller does not have permission to access a particular Credential. The Iterator is nevertheless advanced to next element in the Set.

Returns: A Set of private credentials held by this Subject.

public Set< T> getPrivateCredentials (Class< T> c)

Return a Set of private credentials associated with this Subject that are instances or subclasses of the specified Class.

The caller must have permission to access all of the requested Credentials, or a SecurityException will be thrown.

The returned Set is not backed by this Subject's internal private Credential Set. A new Set is created and returned for each method invocation. Modifications to the returned Set will not affect the internal private Credential Set.

Returns: a Set of private credentials that are instances of the specified Class.
Parameters:
- c - the returned Set of private credentials will all be instances of this class.
Throws:
- NullPointerException - if the specified Class is null.

public Set<Object> getPublicCredentials ()

Return the Set of public credentials held by this Subject.

The returned Set is backed by this Subject's internal public Credential Set. Any modification to the returned Set affects the internal public Credential Set as well.

Returns: A Set of public credentials held by this Subject.

public Set< T> getPublicCredentials (Class< T> c)

Return a Set of public credentials associated with this Subject that are instances or subclasses of the specified Class.

The returned Set is not backed by this Subject's internal public Credential Set. A new Set is created and returned for each method invocation. Modifications to the returned Set will not affect the internal public Credential Set.

Returns: a Set of public credentials that are instances of the specified Class.
Parameters:
- c - the returned Set of public credentials will all be instances of this class.
Throws:
- NullPointerException - if the specified Class is null.

publicstatic Subject getSubject (AccessControlContext acc)

Get the Subject associated with the provided AccessControlContext.

The AccessControlContext may contain many Subjects (from nested doAs calls). In this situation, the most recent Subject associated with the AccessControlContext is returned.

Returns: the Subject associated with the provided AccessControlContext, or null if no Subject is associated with the provided AccessControlContext.
Parameters:
- acc - the AccessControlContext from which to retrieve the Subject.
Throws:
- SecurityException - if the caller does not have permission to get the Subject.

- NullPointerException - if the provided AccessControlContext is null.

public int hashCode ()

Returns a hashcode for this Subject.

Returns: a hashcode for this Subject.
Throws:
- SecurityException - if the caller does not have permission to access this Subject's private credentials.

public boolean isReadOnly ()

Query whether this Subject is read-only.

Returns: true if this Subject is read-only, false otherwise.

public void setReadOnly ()

Set this Subject to be read-only.

Modifications (additions and removals) to this Subject's Principal Set and credential Sets will be disallowed. The destroy operation on this Subject's credentials will still be permitted.

Subsequent attempts to modify the Subject's Principal and credential Sets will result in an IllegalStateException being thrown. Also, once a Subject is read-only, it can not be reset to being writable again.

Throws:
- SecurityException - if the caller does not have permission to set this Subject to be read-only.

public String toString ()

Return the String representation of this Subject.

Returns: the String representation of this Subject.

pack-private String toString (boolean includePrivateCredentials)

package private convenience method to print out the Subject without firing off a security check when trying to access the Private Credentials