39 * |
39 * |
40 * <p> The possible target names for an Authentication Permission are: |
40 * <p> The possible target names for an Authentication Permission are: |
41 * |
41 * |
42 * <pre> |
42 * <pre> |
43 * doAs - allow the caller to invoke the |
43 * doAs - allow the caller to invoke the |
44 * <code>Subject.doAs</code> methods. |
44 * {@code Subject.doAs} methods. |
45 * |
45 * |
46 * doAsPrivileged - allow the caller to invoke the |
46 * doAsPrivileged - allow the caller to invoke the |
47 * <code>Subject.doAsPrivileged</code> methods. |
47 * {@code Subject.doAsPrivileged} methods. |
48 * |
48 * |
49 * getSubject - allow for the retrieval of the |
49 * getSubject - allow for the retrieval of the |
50 * Subject(s) associated with the |
50 * Subject(s) associated with the |
51 * current Thread. |
51 * current Thread. |
52 * |
52 * |
53 * getSubjectFromDomainCombiner - allow for the retrieval of the |
53 * getSubjectFromDomainCombiner - allow for the retrieval of the |
54 * Subject associated with the |
54 * Subject associated with the |
55 * a <code>SubjectDomainCombiner</code>. |
55 * a {@code SubjectDomainCombiner}. |
56 * |
56 * |
57 * setReadOnly - allow the caller to set a Subject |
57 * setReadOnly - allow the caller to set a Subject |
58 * to be read-only. |
58 * to be read-only. |
59 * |
59 * |
60 * modifyPrincipals - allow the caller to modify the <code>Set</code> |
60 * modifyPrincipals - allow the caller to modify the {@code Set} |
61 * of Principals associated with a |
61 * of Principals associated with a |
62 * <code>Subject</code> |
62 * {@code Subject} |
63 * |
63 * |
64 * modifyPublicCredentials - allow the caller to modify the |
64 * modifyPublicCredentials - allow the caller to modify the |
65 * <code>Set</code> of public credentials |
65 * {@code Set} of public credentials |
66 * associated with a <code>Subject</code> |
66 * associated with a {@code Subject} |
67 * |
67 * |
68 * modifyPrivateCredentials - allow the caller to modify the |
68 * modifyPrivateCredentials - allow the caller to modify the |
69 * <code>Set</code> of private credentials |
69 * {@code Set} of private credentials |
70 * associated with a <code>Subject</code> |
70 * associated with a {@code Subject} |
71 * |
71 * |
72 * refreshCredential - allow code to invoke the <code>refresh</code> |
72 * refreshCredential - allow code to invoke the {@code refresh} |
73 * method on a credential which implements |
73 * method on a credential which implements |
74 * the <code>Refreshable</code> interface. |
74 * the {@code Refreshable} interface. |
75 * |
75 * |
76 * destroyCredential - allow code to invoke the <code>destroy</code> |
76 * destroyCredential - allow code to invoke the {@code destroy} |
77 * method on a credential <code>object</code> |
77 * method on a credential {@code object} |
78 * which implements the <code>Destroyable</code> |
78 * which implements the {@code Destroyable} |
79 * interface. |
79 * interface. |
80 * |
80 * |
81 * createLoginContext.{name} - allow code to instantiate a |
81 * createLoginContext.{name} - allow code to instantiate a |
82 * <code>LoginContext</code> with the |
82 * {@code LoginContext} with the |
83 * specified <i>name</i>. <i>name</i> |
83 * specified <i>name</i>. <i>name</i> |
84 * is used as the index into the installed login |
84 * is used as the index into the installed login |
85 * <code>Configuration</code> |
85 * {@code Configuration} |
86 * (that returned by |
86 * (that returned by |
87 * <code>Configuration.getConfiguration()</code>). |
87 * {@code Configuration.getConfiguration()}). |
88 * <i>name</i> can be wildcarded (set to '*') |
88 * <i>name</i> can be wildcarded (set to '*') |
89 * to allow for any name. |
89 * to allow for any name. |
90 * |
90 * |
91 * getLoginConfiguration - allow for the retrieval of the system-wide |
91 * getLoginConfiguration - allow for the retrieval of the system-wide |
92 * login Configuration. |
92 * login Configuration. |
93 * |
93 * |
94 * createLoginConfiguration.{type} - allow code to obtain a Configuration |
94 * createLoginConfiguration.{type} - allow code to obtain a Configuration |
95 * object via |
95 * object via |
96 * <code>Configuration.getInstance</code>. |
96 * {@code Configuration.getInstance}. |
97 * |
97 * |
98 * setLoginConfiguration - allow for the setting of the system-wide |
98 * setLoginConfiguration - allow for the setting of the system-wide |
99 * login Configuration. |
99 * login Configuration. |
100 * |
100 * |
101 * refreshLoginConfiguration - allow for the refreshing of the system-wide |
101 * refreshLoginConfiguration - allow for the refreshing of the system-wide |
102 * login Configuration. |
102 * login Configuration. |
103 * </pre> |
103 * </pre> |
104 * |
104 * |
105 * <p> The following target name has been deprecated in favor of |
105 * <p> The following target name has been deprecated in favor of |
106 * <code>createLoginContext.{name}</code>. |
106 * {@code createLoginContext.{name}}. |
107 * |
107 * |
108 * <pre> |
108 * <pre> |
109 * createLoginContext - allow code to instantiate a |
109 * createLoginContext - allow code to instantiate a |
110 * <code>LoginContext</code>. |
110 * {@code LoginContext}. |
111 * </pre> |
111 * </pre> |
112 * |
112 * |
113 * <p> <code>javax.security.auth.Policy</code> has been |
113 * <p> {@code javax.security.auth.Policy} has been |
114 * deprecated in favor of <code>java.security.Policy</code>. |
114 * deprecated in favor of {@code java.security.Policy}. |
115 * Therefore, the following target names have also been deprecated: |
115 * Therefore, the following target names have also been deprecated: |
116 * |
116 * |
117 * <pre> |
117 * <pre> |
118 * getPolicy - allow the caller to retrieve the system-wide |
118 * getPolicy - allow the caller to retrieve the system-wide |
119 * Subject-based access control policy. |
119 * Subject-based access control policy. |