javax.security.auth Documentation Differences

This file contains all the changes in documentation in the package javax.security.auth as colored differences. Deletions are shown like this, and additions are shown like this.

If no deletions or additions are shown in an entry, the HTML tags will be what has changed. The new HTML tags are shown in the differences. If no documentation existed, and then some was added in a later version, this change is noted in the appropriate class pages of differences, but the change is not shown on this page. Only changes in existing text are shown here. Similarly, documentation which was inherited from another class or interface is not shown here.

Note that an HTML error in the new documentation may cause the display of other documentation changes to be presented incorrectly. For instance, failure to close a <code> tag will cause all subsequent paragraphs to be displayed differently.

This class is for authentication permissions. An AuthPermission contains a name (also referred to as a "target name") but no actions list; you either have the named permission or you don't.

The target name is the name of a security configuration parameter (see below). Currently the AuthPermission object is used to guard access to the Policy Subject LoginContext and Configuration objects.

The possible target names for an Authentication Permission are:

 doAs - allow the caller to invoke the Subject.doAs methods. doAsPrivileged - allow the caller to invoke the Subject.doAsPrivileged methods. getSubject - allow for the retrieval of the Subject(s) associated with the current Thread. getSubjectFromDomainCombiner - allow for the retrieval of the Subject associated with the a SubjectDomainCombiner. setReadOnly - allow the caller to set a Subject to be read-only. modifyPrincipals - allow the caller to modify the Set of Principals associated with a Subject modifyPublicCredentials - allow the caller to modify the Set of public credentials associated with a Subject modifyPrivateCredentials - allow the caller to modify the Set of private credentials associated with a Subject refreshCredential - allow code to invoke the refresh method on a credential which implements the Refreshable interface. destroyCredential - allow code to invoke the destroy method on a credential object which implements the Destroyable interface. createLoginContext.{name} - allow code to instantiate a LoginContext with the specified name. name is used as the index into the login Configuration. name can be wildcarded (set to '*') to allow for any name. getLoginConfiguration - allow for the retrieval of the system-wide login Configuration. setLoginConfiguration - allow for the setting of the system-wide login Configuration. refreshLoginConfiguration - allow for the refreshing of the system-wide login Configuration. 

The following target name has been deprecated in favor of createLoginContext.{name}.

 createLoginContext - allow code to instantiate a LoginContext. 

javax.security.auth.Policy has been deprecated in favor of java.security.Policy. Therefore the following target names have also been deprecated:

 getPolicy - allow the caller to retrieve the system-wide Subject-based access control policy. setPolicy - allow the caller to set the system-wide Subject-based access control policy. refreshPolicy - allow the caller to refresh the system-wide Subject-based access control policy. 

@version 1.46 1247 02/03/01/02

Creates a new AuthPermission object with the specified name. The name is the symbolic name of the AuthPermission and the actions String is currently unused and should be null. This constructor exists for use by the Policy object to instantiate new Permission objects.

@param name the name of the AuthPermission

@param actions should be null.

A SubjectDomainCombiner updates ProtectionDomains with Principals from the Subject associated with this SubjectDomainCombiner. @version 1.37 1238 02/03/01/02

Update the relevant ProtectionDomains with the Principals from the Subject associated with this SubjectDomainCombiner.

A new ProtectionDomain instance is created for each ProtectionDomain in the currentDomains array. Each new ProtectionDomain instance is created using the CodeSource PermissionsPermissions and ClassLoader from the corresponding ProtectionDomain in currentDomains as well as with the Principals from the Subject associated with this SubjectDomainCombiner.

All of the newly instantiated ProtectionDomains are combined into a new array. The ProtectionDomains from the assignedDomains array are appended to this new array and the result is returned.

Note that optimizations such as the removal of duplicate ProtectionDomains may have occurred. In addition caching of ProtectionDomains may be permitted.

@param currentDomains the ProtectionDomains associated with the current execution Thread up to the most recent privileged ProtectionDomain. The ProtectionDomains are are listed in order of execution with the most recently executing ProtectionDomain residing at the beginning of the array. This parameter may be null if the current execution Thread has no associated ProtectionDomains.

@param assignedDomains the ProtectionDomains inherited from the parent Thread or the ProtectionDomains from the privileged context if a call to AccessController.doPrivileged(... context) had occurred This parameter may be null if there were no ProtectionDomains inherited from the parent Thread or from the privileged context. @return a new array consisting of the updated ProtectionDomains or null.