Examples of javax.security.auth.AuthPermission

javax.security.auth.AuthPermission

This class is for authentication permissions. An AuthPermission contains a name (also referred to as a "target name") but no actions list; you either have the named permission or you don't.

The target name is the name of a security configuration parameter (see below). Currently the AuthPermission object is used to guard access to the Policy, Subject, LoginContext, and Configuration objects.

The possible target names for an Authentication Permission are:

 doAs -                  allow the caller to invoke the {@code Subject.doAs} methods.doAsPrivileged -        allow the caller to invoke the {@code Subject.doAsPrivileged} methods.getSubject -            allow for the retrieval of the Subject(s) associated with the current Thread. getSubjectFromDomainCombiner -  allow for the retrieval of the Subject associated with the a  {@code SubjectDomainCombiner}. setReadOnly -           allow the caller to set a Subject to be read-only. modifyPrincipals -      allow the caller to modify the  {@code Set}of Principals associated with a {@code Subject}modifyPublicCredentials - allow the caller to modify the {@code Set} of public credentialsassociated with a  {@code Subject}modifyPrivateCredentials - allow the caller to modify the {@code Set} of private credentialsassociated with a  {@code Subject}refreshCredential -     allow code to invoke the  {@code refresh}method on a credential which implements the  {@code Refreshable} interface.destroyCredential -     allow code to invoke the  {@code destroy}method on a credential  {@code object}which implements the  {@code Destroyable}interface. createLoginContext.{name} -  allow code to instantiate a {@code LoginContext} with thespecified name.  name is used as the index into the installed login {@code Configuration}(that returned by {@code Configuration.getConfiguration()}). name can be wildcarded (set to '*') to allow for any name. getLoginConfiguration - allow for the retrieval of the system-wide login Configuration. createLoginConfiguration.{type} - allow code to obtain a Configuration object via {@code Configuration.getInstance}. setLoginConfiguration - allow for the setting of the system-wide login Configuration. refreshLoginConfiguration - allow for the refreshing of the system-wide login Configuration.

The following target name has been deprecated in favor of {@code} createLoginContext.name}}.

 createLoginContext -    allow code to instantiate a {@code LoginContext}.

{@code javax.security.auth.Policy} has beendeprecated in favor of {@code java.security.Policy}. Therefore, the following target names have also been deprecated:

 getPolicy -             allow the caller to retrieve the system-wide Subject-based access control policy. setPolicy -             allow the caller to set the system-wide Subject-based access control policy. refreshPolicy -         allow the caller to refresh the system-wide Subject-based access control policy.

     */
    public synchronized void refresh() {


        java.lang.SecurityManager sm = System.getSecurityManager();
        if (sm != null)
            sm.checkPermission(new AuthPermission("refreshLoginConfiguration"));


        java.security.AccessController.doPrivileged
            (new java.security.PrivilegedAction<Void>() {
            public Void run() {
                try {

View Full Code Here

        assertFalse(lookupAuthPermission(requests, otherPermName));
        //
        // now check whether 'other' was also checked
        //
        requests.clear();
        allowedPerms.add(new AuthPermission(dummyPermName));
        try {
            new LoginContext(dummyName);
            fail("must not pass here - 1.");
        } catch (LoginException _) {
            fail("no, no, no. Throw SecurityException instead");

View Full Code Here


  /**
   * Tests that setConfiguration() is properly secured via SecurityManager.
   */
  public void testSetConfiguration() {
        SecurityChecker checker = new SecurityChecker(new AuthPermission(
        "setLoginConfiguration"), true);
    System.setSecurityManager(checker);
    Configuration custom = new ConfTestProvider();
    Configuration.setConfiguration(custom);
    assertTrue(checker.checkAsserted);

View Full Code Here

  /**
   * Tests that getConfiguration() is properly secured via SecurityManager.
   */
  public void testGetConfiguration() {
    Configuration.setConfiguration(new ConfTestProvider());
        SecurityChecker checker = new SecurityChecker(new AuthPermission(
        "getLoginConfiguration"), true);
    System.setSecurityManager(checker);
    Configuration.getConfiguration();
    assertTrue(checker.checkAsserted);
    checker.reset();

View Full Code Here


public class AuthPermissionTest extends SerializationTest {


    @Override
    protected Object[] getData() {
        return new Object[] {new AuthPermission("name", "read")};
    }

View Full Code Here

        try {
            System.setProperty(LOGIN_CONFIG, 
                    new File(otherConfFile).getCanonicalPath());


        DefaultConfiguration dc = new DefaultConfiguration();
        MySecurityManager checker = new MySecurityManager(new AuthPermission(
                "refreshLoginConfiguration"), true);
        System.setSecurityManager(checker);
        dc.refresh();
        assertTrue(checker.checkAsserted);
        checker.reset();

View Full Code Here

        assertNotNull(new SubjectDomainCombiner(new Subject()).combine(new ProtectionDomain[] {null}, new ProtectionDomain[] {null}));
    }


    public final void testSecurityException() {


        denyPermission(new AuthPermission("getSubjectFromDomainCombiner"));


        try {
            new SubjectDomainCombiner(new Subject()).getSubject();
        } catch (AccessControlException e) {
            assertEquals(e, AuthPermission.class);

View Full Code Here

        assertEquals(in.getYear(), out.getYear());
    }


    public void testAuthPermission() throws Exception
    {
        AuthPermission in = new AuthPermission("foo");
        String json = MAPPER.writeValueAsString(in);
        assertNotNull(json);
        
        // actually, deserialization won't work by default. So let's just check
        // some lexical aspects

View Full Code Here

     */
    public synchronized void refresh() {


        java.lang.SecurityManager sm = System.getSecurityManager();
        if (sm != null)
            sm.checkPermission(new AuthPermission("refreshLoginConfiguration"));


        java.security.AccessController.doPrivileged
            (new java.security.PrivilegedAction<Void>() {
            public Void run() {
                try {

View Full Code Here

            } else {
                // use the default JAAS login configuration (file-based)
                SecurityManager sm = System.getSecurityManager();
                if (sm != null) {
                    sm.checkPermission(
                            new AuthPermission("createLoginContext." +
                                               LOGIN_CONFIG_NAME));
                }


                final String pf = passwordFile;
                try {

View Full Code Here

0 1 2 3 4 5

TOP

Related Classes of javax.security.auth.AuthPermission

com.fasterxml.jackson.module.afterburner.roundtrip.TestJavaxTypes

com.sun.jmx.remote.security.JMXPluggableAuthenticator

com.sun.security.auth.login.ConfigFile

gnu.javax.security.auth.login.GnuConfiguration

mx4j.remote.MX4JRemoteUtils

net.jini.jeri.kerberos.KerberosUtil

org.apache.felix.mosgi.jmx.rmiconnector.mx4j.remote.MX4JRemoteUtils

org.apache.harmony.auth.tests.javax.security.auth.login.ConfigurationTest

org.apache.harmony.auth.tests.javax.security.auth.login.LoginContext1Test

org.apache.harmony.auth.tests.javax.security.auth.serialization.AuthPermissionTest

All source code are property of their respective owners. Java is a trademark of Sun Microsystems, Inc and owned by ORACLE Inc. Contact coftware#gmail.com.