| 
 | |||||||||
| PREV CLASS NEXT CLASS | FRAMES NO FRAMES | ||||||||
| SUMMARY: INNER | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD | ||||||||
java.lang.Object
  |
  +--java.security.Permission
        |
        +--com.sun.identity.policy.jaas.ISPermission
This class provides the support for JAAS Authorization service 
 Its a new JAAS Permission which extends the
 Permission class. This is the only
 API which gets used by an application/container to evaluate policy against
 the Access Manager Policy framework. This class provides implementations
 of all the required abstract methods of java.security.Permission, in a
 way that the policy evaluation is made against the Access Manager's
 Policy service.
 
For example, one would use this class as follows to evaluate policy permissions:
 ISPermission perm = new ISPermission("iPlanetAMWebAgentService",
                  "http://www.sun.com:80","GET");
 AccessController.checkPermission(perm);
 
 If Access Manager has the policy service
 iPlanetAMWebAgentService which has a Rule defined
 for resource http://www.sun.com:80
 with action "GET" with allow privilege, this call will return quietly, if
 such a policy is not found then access is denied and Exception thrown
 accordingly. Also these ISPermission co-exist with the 
 permissions specified in the JDK policy store ( by default file 
 com.sun.security.auth.PolicyFile or defined on the command line using
 the -D option.
 
Permission, 
Subject, 
| Constructor Summary | |
| ISPermission(java.lang.String serviceName,
             java.lang.String resourceName,
             java.lang.String actions)Constructs an ISPermissioninstance, with the specified
 service name, resource name and action name. | |
| ISPermission(java.lang.String serviceName,
             java.lang.String resourceName,
             java.lang.String actions,
             java.util.Map envParams)Constructs an ISPermissioninstance, with the specified
 service name, resource name and action name. | |
| ISPermission(javax.security.auth.Subject subject,
             java.security.CodeSource codesource)Constructs an ISPermissioninstance, with the specifiedSubjectand theCodeSource. | |
| Method Summary | |
|  boolean | equals(java.lang.Object obj)Returns true if two ISPermissionobjects for equality. | 
|  java.lang.String | getActions()returns a comma separated list of actions associated with this ISPermission. | 
|  java.security.CodeSource | getCodeSource()returns the CodeSourceassociated with thisISPermission. | 
|  java.util.Map | getEnvParams()returns environment parameters and their values associated with this ISPermission. | 
|  java.lang.String | getResourceName()returns the name of the resource associated with this ISPermission
 . | 
|  java.lang.String | getServiceName()returns the name of the service associated with this ISPermission
 . | 
|  javax.security.auth.Subject | getSubject()returns the Subjectassociated with thisISPermission
 . | 
|  int | hashCode()Returns the hash code value for this Permission object. | 
|  boolean | implies(java.security.Permission perm)Checks if the specified permission's actions are "implied by" this object's actions. | 
|  java.security.PermissionCollection | newPermissionCollection()Returns a java.security.PermissionCollectionto store this 
 kind of Permission. | 
|  java.lang.String | toString()Returns a string describing this Permission. | 
| Methods inherited from class java.security.Permission | 
| checkGuard, getName | 
| Methods inherited from class java.lang.Object | 
| getClass, notify, notifyAll, wait, wait, wait | 
| Constructor Detail | 
public ISPermission(javax.security.auth.Subject subject,
                    java.security.CodeSource codesource)
ISPermission instance, with the specified
 Subject and the CodeSource.subject - Subject for which this
        ISPermission is being created.codesource - CodeSource for which this permission is
 being created.
public ISPermission(java.lang.String serviceName,
                    java.lang.String resourceName,
                    java.lang.String actions)
ISPermission instance, with the specified
 service name, resource name and action name.serviceName - name of service for which this
        ISPermission is being created. This name needs to be
        one of the loaded services in the access manager's policy
        service. example: iPlanetAMWegAgentServiceresourceName - name of the resource for which this 
 ISPermission is being defined.actions - name of the action that needs to be checked for. It
 may be a String like "GET", "POST" in case of service name
 iPlanetAMWebAgentService.
public ISPermission(java.lang.String serviceName,
                    java.lang.String resourceName,
                    java.lang.String actions,
                    java.util.Map envParams)
ISPermission instance, with the specified
 service name, resource name and action name.serviceName - name of service for which this
        ISPermission is being created. This name needs to be
        one of the loaded policy services in the access manager. example:
        iPlanetAMWegAgentServiceresourceName - name of the resource for which this 
 ISPermission is being defined.actions - name of the action that needs to be checked for. It
 may be a String like "GET", "POST" in case of service name
 iPlanetAMWebAgentService.envParams - a java.util.Map of environment parameters
 which are used by the 
 com.sun.identity.policy.client.PolicyEvaluator
  to evaluate the com.sun.identity.policy.Conditions 
 associated with the policy. This is a Map of attribute-value pairs
 representing the environment under which the policy needs to be
 evaluated.| Method Detail | 
public java.lang.String getServiceName()
ISPermission
 .String representing the name of the service for this
 object.public java.lang.String getResourceName()
ISPermission
 .String representing the name of the resource for 
 this object.public java.util.Map getEnvParams()
ISPermission.Map representing the environment parameters of
 this object. The Map consists of attribute value pairs.public java.lang.String getActions()
ISPermission.getActions in class java.security.PermissionString representing the name 
 of the action for this object. For example for:
 
 ISPermission isp = new ISPermission("iPlanetAMWebAgentService, 
     "http://www.sun.com:80", "GET, POST");
 getActions() would return "GET,POST"
 public javax.security.auth.Subject getSubject()
Subjectassociated with this ISPermission
 .javax.security.auth.Subject representing the 
 subject of this permission.public java.security.CodeSource getCodeSource()
CodeSourceassociated with this 
 ISPermission.java.security.CodeSource representing the 
         codesource of this permission.public boolean equals(java.lang.Object obj)
ISPermission objects for equality.equals in class java.security.Permissionobj - ISPermission object.codesource, service name, resource
 name actions and environment parameters of both objects are equal.public int hashCode()
 The required hashCode behavior for Permission Objects is
 the following: 
hashCode method
     must consistently return the same integer. This integer need not 
     remain consistent from one execution of an application to another 
     execution of the same application. 
equals 
     method, then calling the hashCode method on each of the
     two Permission objects must produce the same integer result. 
 hashCode in class java.security.Permissionpublic boolean implies(java.security.Permission perm)
 The implies method is used by the
 AccessController to determine whether or not a requested
 permission is implied by another permission that is known to be valid
 in the current execution context.
implies in class java.security.Permissionperm - the permission to check against.public java.security.PermissionCollection newPermissionCollection()
java.security.PermissionCollection to store this 
 kind of Permission.newPermissionCollection in class java.security.PermissionISPermissionCollectionpublic java.lang.String toString()
toString in class java.security.PermissionString containing information about this Permission.| 
 | |||||||||
| PREV CLASS NEXT CLASS | FRAMES NO FRAMES | ||||||||
| SUMMARY: INNER | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD | ||||||||