Chapter 18. The java.security.acl Package
The java.security.acl
package defines, but does not implement, an incomplete framework
for working with access control lists (ACLs). This package was added
in Java 1.1, but has been superseded in Java 1.2 by the access-control
mechanisms of the java.security package. In
particular, see the Permission and
Policy classes of that package. The use of this
package is not recommended. Figure 18-1 shows the class hierarchy of
this package.
Figure 18-1. The java.security.acl package
| Acl | Java 1.1 |
|
|
| java.security.acl | |
This interface represents an access control list, or ACL. An ACL
is a list of AclEntry objects; most of the
methods of this class manage that list. The exception is the
checkPermission() method that tests whether this
ACL grants a specified java.security.acl.Permission
to a specified java.security.Principal. Note that
Acl extends Owner. The methods
of the Owner interface maintain a list
of ACL owners. Only owners are allowed to modify an ACL.
| public interface Acl extends Owner { |
| // | Public Instance Methods |
| public abstract boolean addEntry (java.security.Principal caller, AclEntry entry) throws NotOwnerException; | |
| public abstract boolean checkPermission (java.security.Principal principal, java.security.acl.Permission permission); | |
| public abstract java.util.Enumeration entries (); | |
| public abstract String getName (); | |
| public abstract java.util.Enumeration getPermissions (java.security.Principal user); | |
| public abstract boolean removeEntry (java.security.Principal caller, AclEntry entry) throws NotOwnerException; | |
| public abstract void setName (java.security.Principal caller, String name) throws NotOwnerException; | |
| public abstract String toString (); | |
| } |
Hierarchy: (Acl(Owner))
| AclEntry | Java 1.1 |
|
|
| java.security.acl | cloneable |
This interface defines a single entry of an ACL. Each AclEntry represents a set of
java.security.acl.Permission objects either granted or
denied to a given java.security.Principal. By
default, an AclEntry represents permissions granted
to the principal. Call setNegativePermissions() if
you want the AclEntry to represent a set of
permissions to be denied.
| public interface AclEntry extends Cloneable { |
| // | Public Instance Methods |
| public abstract boolean addPermission (java.security.acl.Permission permission); | |
| public abstract boolean checkPermission (java.security.acl.Permission permission); | |
| public abstract Object clone (); | |
| public abstract java.security.Principal getPrincipal (); | |
| public abstract boolean isNegative (); | |
| public abstract java.util.Enumeration permissions (); | |
| public abstract boolean removePermission (java.security.acl.Permission permission); | |
| public abstract void setNegativePermissions (); | |
| public abstract boolean setPrincipal (java.security.Principal user); | |
| public abstract String toString (); | |
| } |
Hierarchy: (AclEntry(Cloneable))
Passed To: Acl.{addEntry(), removeEntry()}
| AclNotFoundException | Java 1.1 |
|
|
| java.security.acl | serializable checked |
Signals that the specified Acl could not be found. Note that none of the interfaces in
java.security.acl throw this exception; it is
provided for the benefit of Acl implementations.
| public class AclNotFoundException extends Exception { |
| // | Public Constructors |
| public AclNotFoundException (); | |
| } |
Hierarchy: Object-->Throwable(Serializable)-->Exception-->AclNotFoundException
| Group | Java 1.1 |
|
|
| java.security.acl | |
This interface represents a set, or group, of
java.security.Principal objects. The methods of
the interface serve to manage the membership of the group. Note that
Group extends the Principal
interface, and, therefore, you can use a Group
object wherever you would use a Principal object in
this package.
| public interface Group extends java.security.Principal { |
| // | Public Instance Methods |
| public abstract boolean addMember (java.security.Principal user); | |
| public abstract boolean isMember (java.security.Principal member); | |
| public abstract java.util.Enumeration members (); | |
| public abstract boolean removeMember (java.security.Principal user); | |
| } |
Hierarchy: (Group(java.security.Principal))
| LastOwnerException | Java 1.1 |
|
|
| java.security.acl | serializable checked |
Signals that an Acl or Owner has
only one Principal remaining in its ownership list
and that this single owner cannot be removed.
| public class LastOwnerException extends Exception { |
| // | Public Constructors |
| public LastOwnerException (); | |
| } |
Hierarchy: Object-->Throwable(Serializable)-->Exception-->LastOwnerException
Thrown By: Owner.deleteOwner()
| NotOwnerException | Java 1.1 |
|
|
| java.security.acl | serializable checked |
Thrown by various methods of Acl
and Owner when they are called by a
Principal that is not an owner.
| public class NotOwnerException extends Exception { |
| // | Public Constructors |
| public NotOwnerException (); | |
| } |
Hierarchy: Object-->Throwable(Serializable)-->Exception-->NotOwnerException
Thrown By: Acl.{addEntry(), removeEntry(), setName()}, Owner.{addOwner(), deleteOwner()}
| Owner | Java 1.1 |
|
|
| java.security.acl | |
This interface represents the owner or owners of an ACL. The interface defines methods for managing and checking
membership in the list of owners.
| public interface Owner { |
| // | Public Instance Methods |
| public abstract boolean addOwner (java.security.Principal caller, java.security.Principal owner) throws NotOwnerException; | |
| public abstract boolean deleteOwner (java.security.Principal caller, java.security.Principal owner) throws NotOwnerExceptionLastOwnerException; | |
| public abstract boolean isOwner (java.security.Principal owner); | |
| } |
Implementations: Acl
| Permission | Java 1.1 |
|
|
| java.security.acl | |
This interface represents a permission. The meaning of the permission
is entirely up to the implementation. Do not confuse this interface
with the newer java.security.Permission class. Also note that this interface does not have the
implies() method of
java.security.Permission and is therefore
significantly less versatile.
| public interface Permission { |
| // | Public Instance Methods |
| public abstract boolean equals (Object another); | |
| public abstract String toString (); | |
| } |
Passed To: Acl.checkPermission(), AclEntry.{addPermission(), checkPermission(), removePermission()}
 |  |  |
| 17.1. The java.security Package |  | 19. The java.security.cert Package |
Copyright © 2001 O'Reilly & Associates. All rights reserved.
