DelegationPermission

Class Overview

This class is used to restrict the usage of the Kerberos delegation model, ie: forwardable and proxiable tickets.

The target name of this Permission specifies a pair of kerberos service principals. The first is the subordinate service principal being entrusted to use the TGT. The second service principal designates the target service the subordinate service principal is to interact with on behalf of the initiating KerberosPrincipal. This latter service principal is specified to restrict the use of a proxiable ticket.

For example, to specify the "host" service use of a forwardable TGT the target permission is specified as follows:

  DelegationPermission("\"host/foo.example.com@EXAMPLE.COM\" \"krbtgt/EXAMPLE.COM@EXAMPLE.COM\"");
 

To give the "backup" service a proxiable nfs service ticket the target permission might be specified:

  DelegationPermission("\"backup/bar.example.com@EXAMPLE.COM\" \"nfs/home.EXAMPLE.COM@EXAMPLE.COM\"");
 

Summary

[Expand] Inherited Methods
From class java.security.BasicPermission boolean equals(Object obj) Checks two BasicPermission objects for equality. String getActions() Returns the canonical string representation of the actions, which currently is the empty string "", since there are no actions for a BasicPermission. int hashCode() Returns the hash code value for this object. boolean implies(Permission p) Checks if the specified permission is "implied" by this object. PermissionCollection newPermissionCollection() Returns a new PermissionCollection object for storing BasicPermission objects.
From class java.security.Permission void checkGuard(Object object) Implements the guard interface for a permission. abstract boolean equals(Object obj) Checks two Permission objects for equality. abstract String getActions() Returns the actions as a String. final String getName() Returns the name of this Permission. abstract int hashCode() Returns the hash code value for this Permission object. abstract boolean implies(Permission permission) Checks if the specified permission's actions are "implied by" this object's actions. PermissionCollection newPermissionCollection() Returns an empty PermissionCollection for a given Permission object, or null if one is not defined. String toString() Returns a string describing this Permission.
From class java.lang.Object Object clone() Creates and returns a copy of this object. boolean equals(Object obj) Indicates whether some other object is "equal to" this one. void finalize() Called by the garbage collector on an object when garbage collection determines that there are no more references to the object. final Class<?> getClass() Returns the runtime class of this Object. int hashCode() Returns a hash code value for the object. final void notify() Wakes up a single thread that is waiting on this object's monitor. final void notifyAll() Wakes up all threads that are waiting on this object's monitor. String toString() Returns a string representation of the object. final void wait() Causes the current thread to wait until another thread invokes the notify() method or the notifyAll() method for this object. final void wait(long timeout, int nanos) Causes the current thread to wait until another thread invokes the notify() method or the notifyAll() method for this object, or some other thread interrupts the current thread, or a certain amount of real time has elapsed. final void wait(long timeout) Causes the current thread to wait until either another thread invokes the notify() method or the notifyAll() method for this object, or a specified amount of time has elapsed.
From interface java.security.Guard abstract void checkGuard(Object object) Determines whether or not to allow access to the guarded object object.