| 
 | |||||||||
| PREV CLASS NEXT CLASS | FRAMES NO FRAMES | ||||||||
| SUMMARY: INNER | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD | ||||||||
java.lang.Object
  |
  +--javax.security.auth.Policy
        |
        +--com.sun.identity.policy.jaas.ISPolicy
This is an implementation of abstract class
 javax.security.auth.Policy for representing the system security
 policy for a Java application environment. It provides a custom policy
 implementation based on JAAS 1.0 and JDK 1.3.1. It makes policy evaluation
 against the Access Manager Policy Service instead of the default file based
 one: PolicyFile
It provides implementation of the abstract methods in Policy class.
In general the source location for the policy information utilized by the Policy object to make policy decisions is up to the Policy implementation. In the case of ISPolicy the source comes from the Access Manager's policy store, which is consulted to make the policy evaluation.
A Policy object can be queried for the set of Permissions 
 granted to code running as a Principal in the following manner: 
 
policy = Policy.getPolicy(); PermissionCollection perms = policy.getPermissions(subject, MyCodeSource);The
Policy object consults the local policy and returns the 
 appropriate PermissionCollection object
 com.sun.identity.policy.jaas.ISPermissionCollection containing
 the Permissions granted to the  Principals associated with the provided 
 subject, and granted to the code specified by the provided
 codeSource.
 The currently-installed Policy object can be obtained by
 calling the getPolicy method, and it can be
 changed by a call to the setPolicy method (by
 code with permission to reset the Policy).
 
The refresh method causes the policy
 object to refresh/reload its current configuration.
CodeSource, 
PermissionCollection| Constructor Summary | |
| ISPolicy()Constructs an ISPolicyinstance. | |
| Method Summary | |
|  java.security.PermissionCollection | getPermissions(javax.security.auth.Subject subject,
               java.security.CodeSource codesource)Evaluates the global policy and returns a PermissionCollectionobject specifying the set of
 permissions allowed for Principals associated with the specified code
 source. | 
|  void | refresh()Refreshes/reloads the policy configuration. | 
| Methods inherited from class javax.security.auth.Policy | 
| getPolicy, setPolicy | 
| Methods inherited from class java.lang.Object | 
| equals, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait | 
| Constructor Detail | 
public ISPolicy()
ISPolicy instance.
 Save the existing global policy , so that we can use that
 for evaluating permissions we do not support through our custom policy 
 implementation like FilePermission,
 SecurityPermission etc.| Method Detail | 
public java.security.PermissionCollection getPermissions(javax.security.auth.Subject subject,
                                                         java.security.CodeSource codesource)
PermissionCollection object specifying the set of
 permissions allowed for Principals associated with the specified code
 source. Here we always return the PermissionCollection after
 adding theISPermission object into it, so that policy
 determination is also based on Access Manager's policies.getPermissions in class javax.security.auth.Policysubject - the Subject whose associated Principals, in conjunction 
 with the provided codesource, determines the Permissions 
 returned by this method.  This parameter may be null.codesource - the CodeSource associated with the caller.
 This encapsulates the original location of the code (where the code
 came from) and the public key(s) of its signer.This parameter may be 
 null.codesource according to the policy.java.lang.SecurityException - if the current thread does not
 have permission to call getPermissions on the policy object.public void refresh()
defaultPolicy we saved in the
 ISPolicy constructor.refresh in class javax.security.auth.Policyjava.lang.SecurityException - if the current thread does not
            have permission to refresh this Policy object.| 
 | |||||||||
| PREV CLASS NEXT CLASS | FRAMES NO FRAMES | ||||||||
| SUMMARY: INNER | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD | ||||||||