java.security

Class Permission

Implemented Interfaces:
Guard, Serializable
Known Direct Subclasses:
AllPermission, BasicPermission, DaemonPermission, FilePermission, HibernatePermission, MBeanPermission, PrivateCredentialPermission, ServicePermission, SocketPermission, UnresolvedPermission

public abstract class Permission
extends Object
implements Guard, Serializable

Abstract class for representing access to a system resource. All permissions have a name (whose interpretation depends on the subclass), as well as abstract functions for defining the semantics of the particular Permission subclass.

Most Permission objects also include an "actions" list that tells the actions that are permitted for the object. For example, for a java.io.FilePermission object, the permission name is the pathname of a file (or directory), and the actions list (such as "read, write") specifies which actions are granted for the specified file (or for files in the specified directory). The actions list is optional for Permission objects, such as java.lang.RuntimePermission, that don't need such a list; you either have the named permission (such as "system.exit") or you don't.

An important method that must be implemented by each subclass is the implies method to compare Permissions. Basically, "permission p1 implies permission p2" means that if one is granted permission p1, one is naturally granted permission p2. Thus, this is not an equality test, but rather more of a subset test.

Permission objects are similar to String objects in that they are immutable once they have been created. Subclasses should not provide methods that can change the state of a permission once it has been created.

See Also:
Permissions, PermissionCollection, Serialized Form

Constructor Summary

Permission(String name)
Constructs a permission with the specified name.

Method Summary

void
checkGuard(Object object)
Implements the guard interface for a permission.
abstract boolean
equals(Object obj)
Checks two Permission objects for equality.
abstract String
getActions()
Returns the actions as a String.
String
getName()
Returns the name of this Permission.
abstract int
hashCode()
Returns the hash code value for this Permission object.
abstract boolean
implies(Permission permission)
Checks if the specified permission's actions are "implied by" this object's actions.
PermissionCollection
newPermissionCollection()
Returns an empty PermissionCollection for a given Permission object, or null if one is not defined.
String
toString()
Returns a string describing this Permission.

Methods inherited from class java.lang.Object

clone, equals, extends Object> getClass, finalize, hashCode, notify, notifyAll, toString, wait, wait, wait

Constructor Details

Permission

public Permission(String name)
Constructs a permission with the specified name.
Parameters:
name - name of the Permission object being created.

Method Details

checkGuard

public void checkGuard(Object object)
            throws SecurityException
Implements the guard interface for a permission. The SecurityManager.checkPermission method is called, passing this permission object as the permission to check. Returns silently if access is granted. Otherwise, throws a SecurityException.
Specified by:
checkGuard in interface Guard
Parameters:
object - the object being guarded (currently ignored).
Throws:
SecurityException - if a security manager exists and its checkPermission method doesn't allow access.
See Also:
Guard, GuardedObject, SecurityManager.checkPermission

equals

public abstract boolean equals(Object obj)
Checks two Permission objects for equality.

Do not use the equals method for making access control decisions; use the implies method.

Overrides:
equals in interface Object
Parameters:
obj - the object we are testing for equality with this object.
Returns:
true if both Permission objects are equivalent.

getActions

public abstract String getActions()
Returns the actions as a String. This is abstract so subclasses can defer creating a String representation until one is needed. Subclasses should always return actions in what they consider to be their canonical form. For example, two FilePermission objects created via the following:
   perm1 = new FilePermission(p1,"read,write");
   perm2 = new FilePermission(p2,"write,read"); 
 
both return "read,write" when the getActions method is invoked.
Returns:
the actions of this Permission.
Usages and Demos :

View More Examples of getActions()
   1: 
   2: import java.security.Permission;
   3: 
   4:         ...
   5: public class HibernatePermission extends Permission {
   6:     
   7:         ...
   8: 
   9:     public boolean implies(Permission permission) {
  10:         return ( "*".equals( getName() ) || getName().equals( permission.getName() ) ) &&
  11:         ...
  12:             ( "*".equals(actions) || actions.indexOf( permission.getActions() ) >= 0 );

View Full Code Here
   1: 
   2: import java.security.Permission;
   3: 
   4:         ...
   5: 
   6: public class DSODDecorator extends Permission {
   7: 
   8:         ...
   9:     private static final long serialVersionUID = 6660070267190082422L;
  10:     private Permission permission = null;
  11:     private WorkflowCheckerFactory wcf = null;
  12:         ...
  13:             if(this.permission.getName().equals(duration.getName())
  14:                 && this.permission.getActions().equals(duration.getActions())){

View Full Code Here
   1: 
   2: import java.security.Permission;
   3: import java.util.Date;
   4:         ...
   5: 
   6: public class DurationDecorator extends Permission {
   7: 
   8:         ...
   9:     private static final long serialVersionUID = 3085444057980849140L;
  10:     private Permission permission;
  11:     private Date begin;
  12:         ...
  13:             if(this.permission.getName().equals(duration.getName())
  14:                 && this.permission.getActions().equals(duration.getActions())){

View Full Code Here
   1: import java.io.Serializable;
   2: import java.security.Permission;
   3: import java.security.PermissionCollection;
   4:         ...
   5:        while(itPermissions.hasNext()){
   6:            Permission perm = (Permission)itPermissions.next();
   7:            String permName = perm.getName();
   8:         ...
   9:            String permActions = perm.getActions();
  10:            Class permClass = perm.getClass();

View Full Code Here
   1: import java.security.AccessControlException;
   2: import java.security.Permission;
   3: import java.security.Principal;
   4:         ...
   5: 
   6:     public AccessControlEntry grant(Principal principal, Permission permission) throws UMCException {
   7:         return create(principal, permission, false);
   8:         ...
   9:             statement.setString(3, ace.getPermission().getName());
  10:             statement.setString(4, ace.getPermission().getActions());
  11:             statement.setString(5, ace.isNegative() ? "D" : "G");
  12:         ...
  13:             statement.setString(4, permission.getName());
  14:             statement.setString(5, permission.getActions());

View Full Code Here

getName

public final String getName()
Returns the name of this Permission. For example, in the case of a java.io.FilePermission, the name will be a pathname.
Returns:
the name of this Permission.
Usages and Demos :

View More Examples of getName()
   1: 
   2: import java.security.Permission;
   3: 
   4:         ...
   5: public class HibernatePermission extends Permission {
   6:     
   7:         ...
   8: 
   9:     public boolean implies(Permission permission) {
  10:         ...
  11:         return ( "*".equals( getName() ) || getName().equals( permission.getName() ) ) &&

View Full Code Here
   1: import java.io.Serializable;
   2: import java.security.Permission;
   3: import java.security.PermissionCollection;
   4:         ...
   5:         Domain domain = (Domain)obj;
   6:         if(this.name.equals(domain.getName())){
   7:             return true;
   8:         ...
   9:        while(itPermissions.hasNext()){
  10:            Permission perm = (Permission)itPermissions.next();
  11:         ...
  12:            String permName = perm.getName();

View Full Code Here
   1: 
   2: import java.security.Permission;
   3: 
   4:         ...
   5: 
   6:         Permission permission = null;
   7:         try {
   8:         ...
   9:         } catch (AuthorizationException e) {
  10:             logger.error(" permission "+permission.getName()+ " in domain "+(String)dyna.get("domainName")+" not created ",e);
  11:         } catch (ClassNotFoundException e) {
  12:         ...
  13:               logger.error(" permission "+permission.getName()+ " in domain "+(String)dyna.get("domainName")+" not created ",e);

View Full Code Here
   1: import java.security.CodeSource;
   2: import java.security.Permission;
   3: import java.security.PermissionCollection;
   4:         ...
   5:         if (documentURL != null && perms != null) {
   6:             Permission p = null;
   7:         ...
   8:             Permission dirPerm = null;
   9:             try {
  10:         ...
  11:             if (p instanceof FilePermission){
  12:                 String path = p.getName();

View Full Code Here
   1: 
   2: import java.security.Permission;
   3: import java.util.Collections;
   4:         ...
   5: 
   6: public abstract class OntoGovPermission extends Permission {
   7:     private Set actionSet;
   8:         ...
   9:         }
  10:         Permission permission = (Permission) object;
  11:         boolean equals = true;
  12:         ...
  13:         String thisName = this.getName();

View Full Code Here

hashCode

public abstract int hashCode()
Returns the hash code value for this Permission object.

The required hashCode behavior for Permission Objects is the following:

  • Whenever it is invoked on the same Permission object more than once during an execution of a Java application, the hashCode method must consistently return the same integer. This integer need not remain consistent from one execution of an application to another execution of the same application.

  • If two Permission objects are equal according to the equals method, then calling the hashCode method on each of the two Permission objects must produce the same integer result.
Overrides:
hashCode in interface Object
Returns:
a hash code value for this object.

implies

public abstract boolean implies(Permission permission)
Checks if the specified permission's actions are "implied by" this object's actions.

This must be implemented by subclasses of Permission, as they are the only ones that can impose semantics on a Permission object.

The implies method is used by the AccessController to determine whether or not a requested permission is implied by another permission that is known to be valid in the current execution context.

Parameters:
permission - the permission to check against.
Returns:
true if the specified permission is implied by this object, false if not.
Usages and Demos :

View More Examples of implies(Permission permission)
   1: 
   2: import java.security.Permission;
   3: import java.security.PermissionCollection;
   4:         ...
   5: 
   6:    protected void shouldBeEqual(Permission p1, Permission p2)
   7:    {
   8:         ...
   9:       {
  10:          return p1.implies(p2);
  11:       }
  12:         ...
  13:       {
  14:          return pc.implies(p2);

View Full Code Here

newPermissionCollection

public PermissionCollection newPermissionCollection()
Returns an empty PermissionCollection for a given Permission object, or null if one is not defined. Subclasses of class Permission should override this if they need to store their permissions in a particular PermissionCollection object in order to provide the correct semantics when the PermissionCollection.implies method is called. If null is returned, then the caller of this method is free to store permissions of this type in any PermissionCollection they choose (one that uses a Hashtable, one that uses a Vector, etc).
Returns:
a new PermissionCollection object for this type of Permission, or null if one is not defined.
Usages and Demos :

View More Examples of newPermissionCollection()
   1: 
   2: import java.security.Permission;
   3: import java.security.PermissionCollection;
   4:         ...
   5: 
   6:    protected void shouldBeEqual(Permission p1, Permission p2)
   7:    {
   8:         ...
   9:    {
  10:       PermissionCollection pc = p1.newPermissionCollection();
  11:       if (pc == null)

View Full Code Here
   1: 
   2:     public void add(Permission perm) {
   3:     }
   4:         ...
   5: 
   6:     public boolean implies(Permission perm) {
   7:         if (hasAllPermission)
   8:         ...
   9:             if (collection == null) {
  10:                 collection = perm.newPermissionCollection();
  11:                 if (collection == null)

View Full Code Here

toString

public String toString()
Returns a string describing this Permission. The convention is to specify the class name, the permission name, and the actions in the following format: '("ClassName" "name" "actions")'.
Overrides:
toString in interface Object
Returns:
information about this Permission.
Usages and Demos :

View More Examples of toString()
   1: 
   2: import java.security.Permission;
   3: import org.eclipse.osgi.service.resolver.*;
   4:         ...
   5:         boolean success = false;
   6:         Permission producerPermission = null, consumerPermission = null;
   7:         Bundle producer = null, consumer = null;
   8:         ...
   9:                 }
  10:                 resolver.getState().addResolverError(vc.getBundle(), errorType, producerPermission.toString(), vc);
  11:             }
  12:         ...
  13:             if (!success)
  14:                 resolver.getState().addResolverError(vc.getBundle(), errorType, consumerPermission.toString(), vc);

View Full Code Here
   1:     private static WebResourcePermission allResources =
   2:     protected boolean checkPermission(Permission perm, Set principalSet) {   
   3:          
   4:         ...
   5:      } catch(Throwable t){
   6:          logger.log(Level.FINE, "[Web-Security] Web Permission Access Denied.",t);
   7:          return false;
   8:         ...
   9:         if(logger.isLoggable(Level.FINE)){
  10:             logger.log(Level.FINE,"[Web-Security] Generating a protection domain for Permission check.");
  11: 
  12:         ...
  13:                     for (int i=0; i<principals.length; i++){
  14:                         logger.log(Level.FINE, "[Web-Security] Checking with Principal : "+ principals[i].toString());

View Full Code Here