jdk-sandbox: comparison jdk/src/jdk.security.auth/share/classes/com/sun/security/auth/PolicyFile.java

equal deleted inserted replaced

-:b0dd05ec3db1
+:bab15bbe2ca3
 import java.security.PermissionCollection;
 import javax.security.auth.Subject;
 /**
 * This class represents a default implementation for
-* <code>javax.security.auth.Policy</code>.
+* {@code javax.security.auth.Policy}.
 *
 * <p> This object stores the policy for entire Java runtime,
 * and is the amalgamation of multiple static policy
 * configurations that resides in files.
 * The algorithm for locating the policy file(s) and reading their
-* information into this <code>Policy</code> object is:
+* information into this {@code Policy} object is:
 *
 * <ol>
 * <li>
 *   Loop through the security properties,
 *   <i>auth.policy.url.1</i>, <i>auth.policy.url.2</i>, ...,
 *   <i>auth.policy.url.X</i>".
-*   Each property value specifies a <code>URL</code> pointing to a
+*   Each property value specifies a {@code URL} pointing to a
 *   policy file to be loaded.  Read in and load each policy.
 *
 * <li>
-*   The <code>java.lang.System</code> property <i>java.security.auth.policy</i>
+*   The {@code java.lang.System} property <i>java.security.auth.policy</i>
-*   may also be set to a <code>URL</code> pointing to another policy file
+*   may also be set to a {@code URL} pointing to another policy file
 *   (which is the case when a user uses the -D switch at runtime).
 *   If this property is defined, and its use is allowed by the
 *   security property file (the Security property,
 *   <i>policy.allowSystemProperty</i> is set to <i>true</i>),
 *   also load that policy.
 *
 * All non-bold items above must appear as is (although case
 * doesn't matter and some are optional, as noted below).
 * Italicized items represent variable values.
 *
-* <p> A grant entry must begin with the word <code>grant</code>.
+* <p> A grant entry must begin with the word {@code grant}.
-* The <code>signedBy</code> and <code>codeBase</code>
+* The {@code signedBy} and {@code codeBase}
 * name/value pairs are optional.
 * If they are not present, then any signer (including unsigned code)
 * will match, and any codeBase will match.  Note that the
-* <code>principal</code> name/value pair is not optional.
+* {@code principal} name/value pair is not optional.
-* This <code>Policy</code> implementation only permits
+* This {@code Policy} implementation only permits
 * Principal-based grant entries.  Note that the <i>principalClass</i>
 * may be set to the wildcard value, *, which allows it to match
-* any <code>Principal</code> class.  In addition, the <i>principalName</i>
+* any {@code Principal} class.  In addition, the <i>principalName</i>
 * may also be set to the wildcard value, *, allowing it to match
-* any <code>Principal</code> name.  When setting the <i>principalName</i>
+* any {@code Principal} name.  When setting the <i>principalName</i>
 * to the *, do not surround the * with quotes.
 *
-* <p> A permission entry must begin with the word <code>permission</code>.
+* <p> A permission entry must begin with the word {@code permission}.
-* The word <code><i>Type</i></code> in the template above is
+* The word <i>{@code Type}</i> in the template above is
-* a specific permission type, such as <code>java.io.FilePermission</code>
+* a specific permission type, such as {@code java.io.FilePermission}
-* or <code>java.lang.RuntimePermission</code>.
+* or {@code java.lang.RuntimePermission}.
 *
 * <p> The "<i>action</i>" is required for
-* many permission types, such as <code>java.io.FilePermission</code>
+* many permission types, such as {@code java.io.FilePermission}
 * (where it specifies what type of file access that is permitted).
 * It is not required for categories such as
-* <code>java.lang.RuntimePermission</code>
+* {@code java.lang.RuntimePermission}
 * where it is not necessary - you either have the
-* permission specified by the <code>"<i>name</i>"</code>
+* permission specified by the "<i>{@code name}</i>"
 * value following the type name or you don't.
 *
-* <p> The <code>signedBy</code> name/value pair for a permission entry
+* <p> The {@code signedBy} name/value pair for a permission entry
 * is optional. If present, it indicates a signed permission. That is,
 * the permission class itself must be signed by the given alias in
 * order for it to be granted. For example,
 * suppose you have the following grant entry:
 *
 *     permission Foo "foobar", signedBy "FooSoft";
 *   }
 * </pre>
 *
 * <p> Then this permission of type <i>Foo</i> is granted if the
-* <code>Foo.class</code> permission has been signed by the
+* {@code Foo.class} permission has been signed by the
-* "FooSoft" alias, or if <code>Foo.class</code> is a
+* "FooSoft" alias, or if {@code Foo.class} is a
 * system class (i.e., is found on the CLASSPATH).
 *
 * <p> Items that appear in an entry must appear in the specified order
-* (<code>permission</code>, <i>Type</i>, "<i>name</i>", and
+* ({@code permission}, <i>Type</i>, "<i>name</i>", and
 * "<i>action</i>"). An entry is terminated with a semicolon.
 *
-* <p> Case is unimportant for the identifiers (<code>permission</code>,
+* <p> Case is unimportant for the identifiers ({@code permission},
-* <code>signedBy</code>, <code>codeBase</code>, etc.) but is
+* {@code signedBy}, {@code codeBase}, etc.) but is
 * significant for the <i>Type</i>
-* or for any string that is passed in as a value. <p>
+* or for any string that is passed in as a value.
 *
 * <p> An example of two entries in a policy configuration file is
 * <pre>
 *   // if the code is comes from "foo.com" and is running as "Duke",
 *   // grant it read/write to all files in /tmp.
 *
 *   grant principal foo.com.Principal "Duke" {
 *         permission java.util.PropertyPermission "java.vendor";
 * </pre>
 *
-* <p> This <code>Policy</code> implementation supports
+* <p> This {@code Policy} implementation supports
 * special handling for PrivateCredentialPermissions.
 * If a grant entry is configured with a
-* <code>PrivateCredentialPermission</code>,
+* {@code PrivateCredentialPermission},
 * and the "Principal Class/Principal Name" for that
-* <code>PrivateCredentialPermission</code> is "self",
+* {@code PrivateCredentialPermission} is "self",
-* then the entry grants the specified <code>Subject</code> permission to
+* then the entry grants the specified {@code Subject} permission to
 * access its own private Credential.  For example,
-* the following grants the <code>Subject</code> "Duke"
+* the following grants the {@code Subject} "Duke"
 * access to its own a.b.Credential.
 *
 * <pre>
 *   grant principal foo.com.Principal "Duke" {
 *      permission javax.security.auth.PrivateCredentialPermission
 *              "a.b.Credential self",
 *              "read";
 *    };
 * </pre>
 *
-* The following grants the <code>Subject</code> "Duke"
+* The following grants the {@code Subject} "Duke"
 * access to all of its own private Credentials:
 *
 * <pre>
 *   grant principal foo.com.Principal "Duke" {
 *      permission javax.security.auth.PrivateCredentialPermission
 *              "read";
 *    };
 * </pre>
 *
 * The following grants all Subjects authenticated as a
-* <code>SolarisPrincipal</code> (regardless of their respective names)
+* {@code SolarisPrincipal} (regardless of their respective names)
 * permission to access their own private Credentials:
 *
 * <pre>
 *   grant principal com.sun.security.auth.SolarisPrincipal * {
 *      permission javax.security.auth.PrivateCredentialPermission
 *              "read";
 *    };
 * </pre>
 * @deprecated As of JDK&nbsp;1.4, replaced by
-*             <code>sun.security.provider.PolicyFile</code>.
+*             {@code sun.security.provider.PolicyFile}.
 *             This class is entirely deprecated.
 *
 * @see java.security.CodeSource
 * @see java.security.Permissions
 * @see java.security.ProtectionDomain
 }
 /**
 * Refreshes the policy object by re-reading all the policy files.
 *
-* <p>
-*
 * @exception SecurityException if the caller doesn't have permission
-*          to refresh the <code>Policy</code>.
+*          to refresh the {@code Policy}.
 */
 @Override
 public void refresh() {
 apf.refresh();
 }
 /**
-* Examines this <code>Policy</code> and returns the Permissions granted
+* Examines this {@code Policy} and returns the Permissions granted
-* to the specified <code>Subject</code> and <code>CodeSource</code>.
+* to the specified {@code Subject} and {@code CodeSource}.
 *
 * <p> Permissions for a particular <i>grant</i> entry are returned
-* if the <code>CodeSource</code> constructed using the codebase and
+* if the {@code CodeSource} constructed using the codebase and
-* signedby values specified in the entry <code>implies</code>
+* signedby values specified in the entry {@code implies}
-* the <code>CodeSource</code> provided to this method, and if the
+* the {@code CodeSource} provided to this method, and if the
-* <code>Subject</code> provided to this method contains all of the
+* {@code Subject} provided to this method contains all of the
 * Principals specified in the entry.
 *
-* <p> The <code>Subject</code> provided to this method contains all
+* <p> The {@code Subject} provided to this method contains all
 * of the Principals specified in the entry if, for each
-* <code>Principal</code>, "P1", specified in the <i>grant</i> entry
+* {@code Principal}, "P1", specified in the <i>grant</i> entry
 * one of the following two conditions is met:
 *
-* <p>
 * <ol>
-* <li> the <code>Subject</code> has a
+* <li> the {@code Subject} has a
-*      <code>Principal</code>, "P2", where
+*      {@code Principal}, "P2", where
-*      <code>P2.getClass().getName()</code> equals the
+*      {@code P2.getClass().getName()} equals the
 *      P1's class name, and where
-*      <code>P2.getName()</code> equals the P1's name.
+*      {@code P2.getName()} equals the P1's name.
 *
 * <li> P1 implements
-*      <code>com.sun.security.auth.PrincipalComparator</code>,
+*      {@code com.sun.security.auth.PrincipalComparator},
-*      and <code>P1.implies</code> the provided <code>Subject</code>.
+*      and {@code P1.implies} the provided {@code Subject}.
 * </ol>
 *
-* <p> Note that this <code>Policy</code> implementation has
+* <p> Note that this {@code Policy} implementation has
 * special handling for PrivateCredentialPermissions.
-* When this method encounters a <code>PrivateCredentialPermission</code>
+* When this method encounters a {@code PrivateCredentialPermission}
-* which specifies "self" as the <code>Principal</code> class and name,
+* which specifies "self" as the {@code Principal} class and name,
-* it does not add that <code>Permission</code> to the returned
+* it does not add that {@code Permission} to the returned
-* <code>PermissionCollection</code>.  Instead, it builds
+* {@code PermissionCollection}.  Instead, it builds
-* a new <code>PrivateCredentialPermission</code>
+* a new {@code PrivateCredentialPermission}
-* for each <code>Principal</code> associated with the provided
+* for each {@code Principal} associated with the provided
-* <code>Subject</code>.  Each new <code>PrivateCredentialPermission</code>
+* {@code Subject}.  Each new {@code PrivateCredentialPermission}
 * contains the same Credential class as specified in the
 * originally granted permission, as well as the Class and name
-* for the respective <code>Principal</code>.
+* for the respective {@code Principal}.
 *
-* <p>
+* @param subject the Permissions granted to this {@code Subject}
-*
+*          and the additionally provided {@code CodeSource}
-* @param subject the Permissions granted to this <code>Subject</code>
-*          and the additionally provided <code>CodeSource</code>
-*          are returned. <p>
-*
-* @param codesource the Permissions granted to this <code>CodeSource</code>
-*          and the additionally provided <code>Subject</code>
 *          are returned.
 *
-* @return the Permissions granted to the provided <code>Subject</code>
+* @param codesource the Permissions granted to this {@code CodeSource}
-*          <code>CodeSource</code>.
+*          and the additionally provided {@code Subject}
+*          are returned.
+*
+* @return the Permissions granted to the provided {@code Subject}
+*          {@code CodeSource}.
 */
 @Override
 public PermissionCollection getPermissions(final Subject subject,
 final CodeSource codesource) {
 return apf.getPermissions(subject, codesource);

changeset 30044	bab15bbe2ca3
parent 25859	3317bb8137f4
child 34894	3248b89d1921