PrivateCredentialPermission

This Permission class protects access to private credential objects belonging to a Subject (as specified by a set of one or more Principal objects). Application programmers rarely need to use it. System programmers implementing new private credentials classes may need to use it, and system administrators configuring security policy files should be familiar with it.

The only defined action for PrivateCredentialPermssion is "read". The target name for this permission has a complex syntax and specifies the name of the credential class and a list of one or more principals. Each principal is specified as the name of the Principal class followed by the principal name in quotes. For example, a security policy file might contain a statement like the following to allow permission to read the private KerberosKey credentials of a KerberosPrincipal named "david".

 permission javax.security.auth.PrivateCredentialPermission     "javax.security.auth.kerberos.KerberosKey \              javax.security.auth.kerberos.KerberosPrincipal \"david\"",     "read"; 

The target name syntax for PrivateCredentialPermission also allows the use of the "*" wildcard in place of the credential class name or in place of the Principal class name and/or name.

Figure 19-2. javax.security.auth.PrivateCredentialPermission

 public final class  PrivateCredentialPermission  extends java.security.Permission {  // Public Constructors  public  PrivateCredentialPermission  (String  name  , String  actions  );  // Public Instance Methods  public String  getCredentialClass  ( );        public String[ ][ ]  getPrincipals  ( );  // Public Methods Overriding Permission  public boolean  equals  (Object  obj  );        public String  getActions  ( );        public int  hashCode  ( );        public boolean  implies  (java.security.Permission  p  );        public java.security.PermissionCollection  newPermissionCollection  ( );  constant  }