Name
PrivateCredentialPermission
Synopsis
This
Permission
class
protects access to private
credential
objects belonging to a Subject
(as specified by a
set of one or more Principal
objects). Application
programmers rarely need to use it. System programmers implementing
new private credentials classes may need to use it, and system
administrators configuring security policy files should be familiar
with it.
The only defined action for
PrivateCredentialPermssion
is
“read”. The target name for this
permission has a complex syntax and specifies the name of the
credential class and a list of one or more principals. Each principal
is specified as the name of the Principal
class
followed by the principal name in quotes. For example, a security
policy file might contain a statement like the following to allow
permission to read the private KerberosKey
credentials of a KerberosPrincipal
named
“david”.
permission javax.security.auth.PrivateCredentialPermission "javax.security.auth.kerberos.KerberosKey \ javax.security.auth.kerberos.KerberosPrincipal \"david\"", "read";
The target name syntax for
PrivateCredentialPermission
also allows the use of
the “*” wildcard in place of the
credential class name or in place of the Principal
class name and/or name.
Figure 19-2. javax.security.auth.PrivateCredentialPermission
public final class PrivateCredentialPermission extends java.security.Permission { // ...
Get Java in a Nutshell, 5th Edition now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.