javax.security.auth.kerberos
Class DelegationPermission

java.lang.Object sample code for java.lang.Object definition code for java.lang.Object 
  extended by java.security.Permission sample code for java.security.Permission definition code for java.security.Permission 
      extended by java.security.BasicPermission sample code for java.security.BasicPermission definition code for java.security.BasicPermission 
          extended by javax.security.auth.kerberos.DelegationPermission
All Implemented Interfaces:
Serializable sample code for java.io.Serializable definition code for java.io.Serializable , Guard sample code for java.security.Guard definition code for java.security.Guard

public final class DelegationPermission
extends BasicPermission sample code for java.security.BasicPermission definition code for java.security.BasicPermission
implements Serializable sample code for java.io.Serializable definition code for java.io.Serializable

This class is used to restrict the usage of the Kerberos delegation model, ie: forwardable and proxiable tickets.

The target name of this Permission specifies a pair of kerberos service principals. The first is the subordinate service principal being entrusted to use the TGT. The second service principal designates the target service the subordinate service principal is to interact with on behalf of the initiating KerberosPrincipal. This latter service principal is specified to restrict the use of a proxiable ticket.

For example, to specify the "host" service use of a forwardable TGT the target permission is specified as follows:

  DelegationPermission("\"host/foo.example.com@EXAMPLE.COM\" \"krbtgt/EXAMPLE.COM@EXAMPLE.COM\"");
 

To give the "backup" service a proxiable nfs service ticket the target permission might be specified:

  DelegationPermission("\"backup/bar.example.com@EXAMPLE.COM\" \"nfs/home.EXAMPLE.COM@EXAMPLE.COM\"");
 

Since:
JDK1.4
See Also:
Serialized Form

Constructor Summary
DelegationPermission sample code for javax.security.auth.kerberos.DelegationPermission.DelegationPermission(java.lang.String) definition code for javax.security.auth.kerberos.DelegationPermission.DelegationPermission(java.lang.String) (String sample code for java.lang.String definition code for java.lang.String  principals)
          Create a new DelegationPermission with the specified subordinate and target principals.
DelegationPermission sample code for javax.security.auth.kerberos.DelegationPermission.DelegationPermission(java.lang.String, java.lang.String) definition code for javax.security.auth.kerberos.DelegationPermission.DelegationPermission(java.lang.String, java.lang.String) (String sample code for java.lang.String definition code for java.lang.String  principals, String sample code for java.lang.String definition code for java.lang.String  actions)
          Create a new DelegationPermission with the specified subordinate and target principals.
 
Method Summary
 boolean equals sample code for javax.security.auth.kerberos.DelegationPermission.equals(java.lang.Object) definition code for javax.security.auth.kerberos.DelegationPermission.equals(java.lang.Object) (Object sample code for java.lang.Object definition code for java.lang.Object  obj)
          Checks two DelegationPermission objects for equality.
 int hashCode sample code for javax.security.auth.kerberos.DelegationPermission.hashCode() definition code for javax.security.auth.kerberos.DelegationPermission.hashCode() ()
          Returns the hash code value for this object.
 boolean implies sample code for javax.security.auth.kerberos.DelegationPermission.implies(java.security.Permission) definition code for javax.security.auth.kerberos.DelegationPermission.implies(java.security.Permission) (Permission sample code for java.security.Permission definition code for java.security.Permission  p)
          Checks if this Kerberos delegation permission object "implies" the specified permission.
 PermissionCollection sample code for java.security.PermissionCollection definition code for java.security.PermissionCollection newPermissionCollection sample code for javax.security.auth.kerberos.DelegationPermission.newPermissionCollection() definition code for javax.security.auth.kerberos.DelegationPermission.newPermissionCollection() ()
          Returns a PermissionCollection object for storing DelegationPermission objects.
 
Methods inherited from class java.security.BasicPermission sample code for java.security.BasicPermission definition code for java.security.BasicPermission
getActions sample code for java.security.BasicPermission.getActions() definition code for java.security.BasicPermission.getActions()
 
Methods inherited from class java.security.Permission sample code for java.security.Permission definition code for java.security.Permission
checkGuard sample code for java.security.Permission.checkGuard(java.lang.Object) definition code for java.security.Permission.checkGuard(java.lang.Object) , getName sample code for java.security.Permission.getName() definition code for java.security.Permission.getName() , toString sample code for java.security.Permission.toString() definition code for java.security.Permission.toString()
 
Methods inherited from class java.lang.Object sample code for java.lang.Object definition code for java.lang.Object
clone sample code for java.lang.Object.clone() definition code for java.lang.Object.clone() , finalize sample code for java.lang.Object.finalize() definition code for java.lang.Object.finalize() , getClass sample code for java.lang.Object.getClass() definition code for java.lang.Object.getClass() , notify sample code for java.lang.Object.notify() definition code for java.lang.Object.notify() , notifyAll sample code for java.lang.Object.notifyAll() definition code for java.lang.Object.notifyAll() , wait sample code for java.lang.Object.wait() definition code for java.lang.Object.wait() , wait sample code for java.lang.Object.wait(long) definition code for java.lang.Object.wait(long) , wait sample code for java.lang.Object.wait(long, int) definition code for java.lang.Object.wait(long, int)
 

Constructor Detail

DelegationPermission sample code for javax.security.auth.kerberos.DelegationPermission(java.lang.String) definition code for javax.security.auth.kerberos.DelegationPermission(java.lang.String)

public DelegationPermission(String sample code for java.lang.String definition code for java.lang.String  principals)
Create a new DelegationPermission with the specified subordinate and target principals.

Parameters:
principals - the name of the subordinate and target principals

DelegationPermission sample code for javax.security.auth.kerberos.DelegationPermission(java.lang.String, java.lang.String) definition code for javax.security.auth.kerberos.DelegationPermission(java.lang.String, java.lang.String)

public DelegationPermission(String sample code for java.lang.String definition code for java.lang.String  principals,
                            String sample code for java.lang.String definition code for java.lang.String  actions)
Create a new DelegationPermission with the specified subordinate and target principals.

Parameters:
principals - the name of the subordinate and target principals

actions - should be null.
Method Detail

implies sample code for javax.security.auth.kerberos.DelegationPermission.implies(java.security.Permission) definition code for javax.security.auth.kerberos.DelegationPermission.implies(java.security.Permission)

public boolean implies(Permission sample code for java.security.Permission definition code for java.security.Permission  p)
Checks if this Kerberos delegation permission object "implies" the specified permission.

If none of the above are true, implies returns false.

Overrides:
implies sample code for java.security.BasicPermission.implies(java.security.Permission) definition code for java.security.BasicPermission.implies(java.security.Permission) in class BasicPermission sample code for java.security.BasicPermission definition code for java.security.BasicPermission
Parameters:
p - the permission to check against.
Returns:
true if the specified permission is implied by this object, false if not.

equals sample code for javax.security.auth.kerberos.DelegationPermission.equals(java.lang.Object) definition code for javax.security.auth.kerberos.DelegationPermission.equals(java.lang.Object)

public boolean equals(Object sample code for java.lang.Object definition code for java.lang.Object  obj)
Checks two DelegationPermission objects for equality.

Overrides:
equals sample code for java.security.BasicPermission.equals(java.lang.Object) definition code for java.security.BasicPermission.equals(java.lang.Object) in class BasicPermission sample code for java.security.BasicPermission definition code for java.security.BasicPermission
Parameters:
obj - the object to test for equality with this object.
Returns:
true if obj is a DelegationPermission, and has the same subordinate and service principal as this. DelegationPermission object.
See Also:
Object.hashCode() sample code for java.lang.Object.hashCode() definition code for java.lang.Object.hashCode() , Hashtable sample code for java.util.Hashtable definition code for java.util.Hashtable

hashCode sample code for javax.security.auth.kerberos.DelegationPermission.hashCode() definition code for javax.security.auth.kerberos.DelegationPermission.hashCode()

public int hashCode()
Returns the hash code value for this object.

Overrides:
hashCode sample code for java.security.BasicPermission.hashCode() definition code for java.security.BasicPermission.hashCode() in class BasicPermission sample code for java.security.BasicPermission definition code for java.security.BasicPermission
Returns:
a hash code value for this object.
See Also:
Object.equals(java.lang.Object) sample code for java.lang.Object.equals(java.lang.Object) definition code for java.lang.Object.equals(java.lang.Object) , Hashtable sample code for java.util.Hashtable definition code for java.util.Hashtable

newPermissionCollection sample code for javax.security.auth.kerberos.DelegationPermission.newPermissionCollection() definition code for javax.security.auth.kerberos.DelegationPermission.newPermissionCollection()

public PermissionCollection sample code for java.security.PermissionCollection definition code for java.security.PermissionCollection  newPermissionCollection()
Returns a PermissionCollection object for storing DelegationPermission objects.
DelegationPermission objects must be stored in a manner that allows them to be inserted into the collection in any order, but that also enables the PermissionCollection implies method to be implemented in an efficient (and consistent) manner.

Overrides:
newPermissionCollection sample code for java.security.BasicPermission.newPermissionCollection() definition code for java.security.BasicPermission.newPermissionCollection() in class BasicPermission sample code for java.security.BasicPermission definition code for java.security.BasicPermission
Returns:
a new PermissionCollection object suitable for storing DelegationPermissions.