org.ow2.proactive.permissions

Class PrincipalPermission

java.lang.Object

java.security.Permission

java.security.BasicPermission

org.ow2.proactive.permissions.ClientPermission

org.ow2.proactive.permissions.PrincipalPermission

All Implemented Interfaces:

Serializable, Guard

public class PrincipalPermission
extends ClientPermission

PrincipalPermission represents an access limitation to the private resource for a particular principal. This permission cannot be granted in java policy file and mostly is used in runtime.

For example this permission is checked in the scheduler when the user tries to remove the job to allow users remove only their own jobs.

Then user is authenticated in JAAS it automatically has all PrincipalPermissions of those principal it associated with. For example when a user named "Bob" is authenticated and it is a member of group "users" it will have 2 PrincipalPermission: PrincipalPermission(UserPrincipal("Bob")) and PrincipalPermission(GroupPrincipal("users")).

Then in the code if an action is limited to PrincipalPermission(UserPrincipal("Jon")) Bob cannot access it. If it's limited to PrincipalPermission(UserPrincipal("Bob")) or PrincipalPermission(GroupPrincipal("users")) or PrincipalPermission(none) it is authorized to execute it.

See Also:

Serialized Form

Field Summary

Fields

Modifier and Type	Field and Description
protected List<IdentityPrincipal>	principals

Constructor Summary

Constructors

Constructor and Description
PrincipalPermission(IdentityPrincipal principal)
PrincipalPermission(String name, Set<? extends IdentityPrincipal> principals)

Method Summary

Modifier and Type	Method and Description
void	addPermission(IdentityPrincipal tokenPrincipal)
boolean	equals(Object o)
List<String>	getAllTokens()
int	hashCode()
boolean	hasPrincipal(IdentityPrincipal principal)
boolean	implies(Permission permission)
boolean	isAnyToken()
PermissionCollection	newPermissionCollection()
void	removePermission(IdentityPrincipal tokenPrincipal)
void	setAllTokens(List<String> tokens)
String	toString()

Methods inherited from class java.security.BasicPermission

getActions

Methods inherited from class java.security.Permission

checkGuard, getName

Methods inherited from class java.lang.Object

clone, finalize, getClass, notify, notifyAll, wait, wait, wait

Field Detail

principals

protected List<IdentityPrincipal> principals

Constructor Detail

PrincipalPermission

public PrincipalPermission(IdentityPrincipal principal)

PrincipalPermission

public PrincipalPermission(String name,
                           Set<? extends IdentityPrincipal> principals)

Method Detail

implies

public boolean implies(Permission permission)

Overrides:

implies in class BasicPermission

equals

public boolean equals(Object o)

Overrides:

equals in class BasicPermission

hashCode

public int hashCode()

Overrides:

hashCode in class BasicPermission

toString

public String toString()

Overrides:

toString in class Permission

newPermissionCollection

public PermissionCollection newPermissionCollection()

Overrides:

newPermissionCollection in class BasicPermission

hasPrincipal

public boolean hasPrincipal(IdentityPrincipal principal)

addPermission

public void addPermission(IdentityPrincipal tokenPrincipal)

removePermission

public void removePermission(IdentityPrincipal tokenPrincipal)

isAnyToken

public boolean isAnyToken()

getAllTokens

public List<String> getAllTokens()

setAllTokens

public void setAllTokens(List<String> tokens)