Name

PrivateCredentialPermission

Synopsis

This Permission class protects access to private credential objects belonging to a Subject (as specified by a set of one or more Principal objects). Application programmers rarely need to use it. System programmers implementing new private credentials classes may need to use it, and system administrators configuring security policy files should be familiar with it.

The only defined action for PrivateCredentialPermssion is “read”. The target name for this permission has a complex syntax and specifies the name of the credential class and a list of one or more principals. Each principal is specified as the name of the Principal class followed by the principal name in quotes. For example, a security policy file might contain a statement like the following to allow permission to read the private KerberosKey credentials of a KerberosPrincipal named “david”.

permission javax.security.auth.PrivateCredentialPermission
    "javax.security.auth.kerberos.KerberosKey \
             javax.security.auth.kerberos.KerberosPrincipal \"david\"",
    "read";

The target name syntax for PrivateCredentialPermission also allows the use of the “*” wildcard in place of the credential class name or in place of the Principal class name and/or name.

javax.security.auth.PrivateCredentialPermission

Figure 19-2. javax.security.auth.PrivateCredentialPermission

public final class PrivateCredentialPermission extends java.security.Permission {
// ...

Get Java in a Nutshell, 5th Edition now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.