|
JavaTM 2 Platform Std. Ed. v1.4.1 |
||||||||||
PREV CLASS NEXT CLASS | FRAMES NO FRAMES | ||||||||||
SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD |
java.lang.Object | +--java.security.Permission | +--java.security.BasicPermission | +--javax.security.auth.kerberos.DelegationPermission
This class is used to restrict the usage of the Kerberos delegation model, ie: forwardable and proxiable tickets.
The target name of this Permission
specifies a pair of
kerberos service principals. The first is the subordinate service principal
being entrusted to use the TGT. The second service principal designates
the target service the subordinate service principal is to
interact with on behalf of the initiating KerberosPrincipal. This
latter service principal is specified to restrict the use of a
proxiable ticket.
For example, to specify the "host" service use of a forwardable TGT the target permission is specified as follows:
DelegationPermission("\"host/foo.example.com@EXAMPLE.COM\" \"krbtgt/EXAMPLE.COM@EXAMPLE.COM\"");
To give the "backup" service a proxiable nfs service ticket the target permission might be specified:
DelegationPermission("\"backup/bar.example.com@EXAMPLE.COM\" \"nfs/home.EXAMPLE.COM@EXAMPLE.COM\"");
Constructor Summary | |
DelegationPermission(String principals)
Create a new DelegationPermission
with the specified subordinate and target principals. |
|
DelegationPermission(String principals,
String actions)
Create a new DelegationPermission
with the specified subordinate and target principals. |
Method Summary | |
boolean |
equals(Object obj)
Checks two DelegationPermission objects for equality. |
int |
hashCode()
Returns the hash code value for this object. |
boolean |
implies(Permission p)
Checks if this Kerberos delegation permission object "implies" the specified permission. |
PermissionCollection |
newPermissionCollection()
Returns a PermissionCollection object for storing DelegationPermission objects. |
Methods inherited from class java.security.BasicPermission |
getActions |
Methods inherited from class java.security.Permission |
checkGuard, getName, toString |
Methods inherited from class java.lang.Object |
clone, finalize, getClass, notify, notifyAll, wait, wait, wait |
Constructor Detail |
public DelegationPermission(String principals)
DelegationPermission
with the specified subordinate and target principals.
principals
- the name of the subordinate and target principalspublic DelegationPermission(String principals, String actions)
DelegationPermission
with the specified subordinate and target principals.
principals
- the name of the subordinate and target principals
actions
- should be null.Method Detail |
public boolean implies(Permission p)
If none of the above are true, implies
returns false.
implies
in class BasicPermission
p
- the permission to check against.
public boolean equals(Object obj)
equals
in class BasicPermission
obj
- the object to test for equality with this object.
public int hashCode()
hashCode
in class BasicPermission
public PermissionCollection newPermissionCollection()
newPermissionCollection
in class BasicPermission
|
JavaTM 2 Platform Std. Ed. v1.4.1 |
||||||||||
PREV CLASS NEXT CLASS | FRAMES NO FRAMES | ||||||||||
SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD |
Copyright 2002 Sun Microsystems, Inc. All rights reserved. Use is subject to license terms.