DelegationPermission JDK 1.6)

Description

publicfinal class DelegationPermission

This class is used to restrict the usage of the Kerberos delegation model, ie: forwardable and proxiable tickets.

The target name of this Permission specifies a pair of kerberos service principals. The first is the subordinate service principal being entrusted to use the TGT. The second service principal designates the target service the subordinate service principal is to interact with on behalf of the initiating KerberosPrincipal. This latter service principal is specified to restrict the use of a proxiable ticket.

For example, to specify the "host" service use of a forwardable TGT the target permission is specified as follows:

  DelegationPermission("\"host/foo.example.com@EXAMPLE.COM\" \"krbtgt/EXAMPLE.COM@EXAMPLE.COM\"");

To give the "backup" service a proxiable nfs service ticket the target permission might be specified:

  DelegationPermission("\"backup/bar.example.com@EXAMPLE.COM\" \"nfs/home.EXAMPLE.COM@EXAMPLE.COM\"");

See also:

Constructors

public DelegationPermission (String principals)

Create a new DelegationPermission with the specified subordinate and target principals.

Parameters:
- principals - the name of the subordinate and target principals
Throws:
- NullPointerException - if principals is null.
- IllegalArgumentException - if principals is empty.

public DelegationPermission (String principals, String actions)

Create a new DelegationPermission with the specified subordinate and target principals.

Parameters:
- principals - the name of the subordinate and target principals

- actions - should be null.
Throws:
- NullPointerException - if principals is null.
- IllegalArgumentException - if principals is empty.

Methods

Hide/Show inherited methods

public void checkGuard (Object object) throws SecurityException [Inherited From Permission]

Implements the guard interface for a permission.

Implements the guard interface for a permission. The
SecurityManager.checkPermission method is called,
passing this permission object as the permission to check.
Returns silently if access is granted. Otherwise, throws
a SecurityException.
Parameters:
- object - the object being guarded (currently ignored).
Throws:
- SecurityException - if a security manager exists and its checkPermission method doesn't allow access.
See Also: Guard, GuardedObject, SecurityManager.checkPermission(java.security.Permission),

public boolean equals (Object obj) [Overrides BasicPermission] [Specified in Permission]

Checks two DelegationPermission objects for equality.

public String getActions () [Inherited From BasicPermission] [Specified in Permission]

Returns the canonical string representation of the actions, which currently is the empty string "", since there are no actions for a BasicPermission.

publicfinal String getName () [Inherited From Permission]

Returns the name of this Permission.

Returns the name of this Permission.
For example, in the case of a java.io.FilePermission,
the name will be a pathname.
Returns: the name of this Permission.

public int hashCode () [Overrides BasicPermission] [Specified in Permission]

Returns the hash code value for this object.

public boolean implies (Permission p) [Overrides BasicPermission] [Specified in Permission]

Checks if this Kerberos delegation permission object "implies" the specified permission.

public PermissionCollection newPermissionCollection () [Overrides BasicPermission]

Returns a PermissionCollection object for storing DelegationPermission objects.

public String toString () [Inherited From Permission]

Returns a string describing this Permission.