IT. Expert System.

Java Standard Edition (SE)

DelegationPermission


compact3
javax.security.auth.kerberos

Class DelegationPermission

  • All Implemented Interfaces:
    Serializable, Guard


    public final class DelegationPermission
    extends BasicPermission
    implements Serializable
    This class is used to restrict the usage of the Kerberos delegation model, ie: forwardable and proxiable tickets.

    The target name of this Permission specifies a pair of kerberos service principals. The first is the subordinate service principal being entrusted to use the TGT. The second service principal designates the target service the subordinate service principal is to interact with on behalf of the initiating KerberosPrincipal. This latter service principal is specified to restrict the use of a proxiable ticket.

    For example, to specify the "host" service use of a forwardable TGT the target permission is specified as follows:

      DelegationPermission("\"host/foo.example.com@EXAMPLE.COM\" \"krbtgt/EXAMPLE.COM@EXAMPLE.COM\"");
     

    To give the "backup" service a proxiable nfs service ticket the target permission might be specified:

      DelegationPermission("\"backup/bar.example.com@EXAMPLE.COM\" \"nfs/home.EXAMPLE.COM@EXAMPLE.COM\"");
     
    Since:
    1.4
    See Also:
    Serialized Form
    • Constructor Detail

      • DelegationPermission

        public DelegationPermission(String principals)
        Create a new DelegationPermission with the specified subordinate and target principals.

        Parameters:
        principals - the name of the subordinate and target principals
        Throws:
        NullPointerException - if principals is null.
        IllegalArgumentException - if principals is empty.
      • DelegationPermission

        public DelegationPermission(String principals,
                                    String actions)
        Create a new DelegationPermission with the specified subordinate and target principals.

        Parameters:
        principals - the name of the subordinate and target principals

        actions - should be null.
        Throws:
        NullPointerException - if principals is null.
        IllegalArgumentException - if principals is empty.
    • Method Detail

      • implies

        public boolean implies(Permission p)
        Checks if this Kerberos delegation permission object "implies" the specified permission.

        If none of the above are true, implies returns false.

        Overrides:
        implies in class BasicPermission
        Parameters:
        p - the permission to check against.
        Returns:
        true if the specified permission is implied by this object, false if not.
      • equals

        public boolean equals(Object obj)
        Checks two DelegationPermission objects for equality.

        Overrides:
        equals in class BasicPermission
        Parameters:
        obj - the object to test for equality with this object.
        Returns:
        true if obj is a DelegationPermission, and has the same subordinate and service principal as this. DelegationPermission object.
        See Also:
        Object.hashCode(), HashMap
      • newPermissionCollection

        public PermissionCollection newPermissionCollection()
        Returns a PermissionCollection object for storing DelegationPermission objects.
        DelegationPermission objects must be stored in a manner that allows them to be inserted into the collection in any order, but that also enables the PermissionCollection implies method to be implemented in an efficient (and consistent) manner.
        Overrides:
        newPermissionCollection in class BasicPermission
        Returns:
        a new PermissionCollection object suitable for storing DelegationPermissions.


Content

Android Reference

Java basics

Java Enterprise Edition (EE)

Java Standard Edition (SE)

SQL

HTML

PHP

CSS

Java Script

MYSQL

JQUERY

VBS

REGEX

C

C++

C#

Design patterns

RFC (standard status)

RFC (proposed standard status)

RFC (draft standard status)

RFC (informational status)

RFC (experimental status)

RFC (best current practice status)

RFC (historic status)

RFC (unknown status)

IT dictionary

License.
All information of this service is derived from the free sources and is provided solely in the form of quotations. This service provides information and interfaces solely for the familiarization (not ownership) and under the "as is" condition.
Copyright 2016 © ELTASK.COM. All rights reserved.
Site is optimized for mobile devices.
Downloads: 1846 / 159424155. Delta: 0.03496 с