站内搜索: 请输入搜索关键词
当前页面: 在线文档首页 > JDK 5 Documentation v1.4.1, Java 2 SDK 英文文档

DelegationPermission (Java 2 Platform SE v1.4.1) - JDK 5 Documentation v1.4.1, Java 2 SDK 英文文档

JavaTM 2 Platform
Std. Ed. v1.4.1

javax.security.auth.kerberos
Class DelegationPermission

java.lang.Object
  |
  +--java.security.Permission
        |
        +--java.security.BasicPermission
              |
              +--javax.security.auth.kerberos.DelegationPermission
All Implemented Interfaces:
Guard, Serializable

public final class DelegationPermission
extends BasicPermission
implements Serializable

This class is used to restrict the usage of the Kerberos delegation model, ie: forwardable and proxiable tickets.

The target name of this Permission specifies a pair of kerberos service principals. The first is the subordinate service principal being entrusted to use the TGT. The second service principal designates the target service the subordinate service principal is to interact with on behalf of the initiating KerberosPrincipal. This latter service principal is specified to restrict the use of a proxiable ticket.

For example, to specify the "host" service use of a forwardable TGT the target permission is specified as follows:

  DelegationPermission("\"host/foo.example.com@EXAMPLE.COM\" \"krbtgt/EXAMPLE.COM@EXAMPLE.COM\"");
 

To give the "backup" service a proxiable nfs service ticket the target permission might be specified:

  DelegationPermission("\"backup/bar.example.com@EXAMPLE.COM\" \"nfs/home.EXAMPLE.COM@EXAMPLE.COM\"");
 

Since:
JDK1.4
See Also:
Serialized Form

Constructor Summary
DelegationPermission(String principals)
          Create a new DelegationPermission with the specified subordinate and target principals.
DelegationPermission(String principals, String actions)
          Create a new DelegationPermission with the specified subordinate and target principals.
 
Method Summary
 boolean equals(Object obj)
          Checks two DelegationPermission objects for equality.
 int hashCode()
          Returns the hash code value for this object.
 boolean implies(Permission p)
          Checks if this Kerberos delegation permission object "implies" the specified permission.
 PermissionCollection newPermissionCollection()
          Returns a PermissionCollection object for storing DelegationPermission objects.
 
Methods inherited from class java.security.BasicPermission
getActions
 
Methods inherited from class java.security.Permission
checkGuard, getName, toString
 
Methods inherited from class java.lang.Object
clone, finalize, getClass, notify, notifyAll, wait, wait, wait
 

Constructor Detail

DelegationPermission

public DelegationPermission(String principals)
Create a new DelegationPermission with the specified subordinate and target principals.

Parameters:
principals - the name of the subordinate and target principals

DelegationPermission

public DelegationPermission(String principals,
                            String actions)
Create a new DelegationPermission with the specified subordinate and target principals.

Parameters:
principals - the name of the subordinate and target principals

actions - should be null.
Method Detail

implies

public boolean implies(Permission p)
Checks if this Kerberos delegation permission object "implies" the specified permission.

If none of the above are true, implies returns false.

Overrides:
implies in class BasicPermission
Parameters:
p - the permission to check against.
Returns:
true if the specified permission is implied by this object, false if not.

equals

public boolean equals(Object obj)
Checks two DelegationPermission objects for equality.

Overrides:
equals in class BasicPermission
Parameters:
obj - the object to test for equality with this object.
Returns:
true if obj is a DelegationPermission, and has the same subordinate and service principal as this. DelegationPermission object.

hashCode

public int hashCode()
Returns the hash code value for this object.

Overrides:
hashCode in class BasicPermission
Returns:
a hash code value for this object.

newPermissionCollection

public PermissionCollection newPermissionCollection()
Returns a PermissionCollection object for storing DelegationPermission objects.
DelegationPermission objects must be stored in a manner that allows them to be inserted into the collection in any order, but that also enables the PermissionCollection implies method to be implemented in an efficient (and consistent) manner.

Overrides:
newPermissionCollection in class BasicPermission
Returns:
a new PermissionCollection object suitable for storing DelegationPermissions.

JavaTM 2 Platform
Std. Ed. v1.4.1

Submit a bug or feature
For further API reference and developer documentation, see Java 2 SDK SE Developer Documentation. That documentation contains more detailed, developer-targeted descriptions, with conceptual overviews, definitions of terms, workarounds, and working code examples.

Copyright 2002 Sun Microsystems, Inc. All rights reserved. Use is subject to license terms.