See: Description
Interface | Description |
---|---|
CachingSecurityManager |
A CachingSecurityManager caches the result of check permission calls for
AccessControlContexts.
|
CodeSourceRequiredPermissions |
Jar files that specify a META-INF/permissions.perm file as per the OSGi
syntax, allow a ProxyVerifier to grant these permissions dynamically.
|
PolicyParser |
Parser of policy syntax.
|
PolicyUtils.GeneralExpansionHandler |
Instances of this interface are intended for resolving
generalized expansion expressions, of the form ${{protocol:data}}.
|
RemotePolicy |
RemotePolicy is a service api that can be implemented by a distributed Policy service,
allowing local Policy providers to be updated remotely by a djinn group administrator.
|
RevocablePolicy |
RevocablePolicy, is a Java Security Policy Provider that supports
Runtime Dynamic addition and removal of PermissionGrant's
Warning: Not all Permission's are truly revocable, while any Permission can
be dynamically added and later removed from this policy, many JVM Permission
implementations are used in ways that allow references to escape
To quote Tim Blackman, from river-dev:
I remember talking with Bob and Mike Warres about this.
|
ScalableNestedPolicy |
Policy providers can implement this interface to provide nested policies
a common interface to allow delayed creation of PermissionCollection
instances until all after all Permission objects are collected, allowing
the implementer to add Permission objects to a PermissionCollection in
an order that avoids unnecessary reverse DNS calls for example.
|
SubjectDomain |
A Marker interface used by
Security to mark
a ProtectionDomain added to the stack that represents an
authenticated Subject with
Principal 's. |
Class | Description |
---|---|
AbstractPolicy |
A common superclass with utility methods for policy providers.
|
CertificateGrant | |
ClassLoaderGrant | |
CombinerSecurityManager |
CombinerSecurityManager, is intended to be a highly scalable
SecurityManager implementation that caches the results of security checks
for each context, which may be an instance of SecurityContext or
AccessControlContext.
|
CombinerSecurityManager.Action | |
ConcurrentPermissions |
ConcurrentPermissions is a drop in replacement for java.security.Permissions
ConcurrentPermissions was originally intended to be used as a policy cache, it turns out
that a policy cache was not needed, due to the efficiency of package private
URIGrant.implies(ProtectionDomain pd).
|
ConcurrentPermissions.PC | |
ConcurrentPermissions.PermissionEnumerator | |
ConcurrentPermissions.PermissionPendingResolution | |
ConcurrentPermissions.PermissionPendingResolutionCollection | |
ConcurrentPolicyFile |
Concurrent Policy implementation based on policy configuration URL's,
it is intended to provide concurrent implies() for greatly improved
throughput.
|
DefaultPolicyParser |
This is a basic loader of policy files.
|
DefaultPolicyScanner |
This is a basic high-level tokenizer of policy files.
|
DefaultPolicyScanner.GrantEntry |
Compound token representing grant clause.
|
DefaultPolicyScanner.KeystoreEntry |
Compound token representing keystore clause.
|
DefaultPolicyScanner.PermissionEntry |
Compound token representing permission entry of a grant
clause.
|
DefaultPolicyScanner.PrincipalEntry |
Compound token representing principal entry of a grant
clause.
|
DelegatePermission |
Permissions such as SocketPermission or FilePermission guard a resource
but allow that resource to escape the control of the SecurityManager
and Policy provider, this prevents them from being revoked.
|
DelegatePermission.DelegatePermissionCollection | |
DelegatePermission.DelegatePermissionCollection.CollectionSerializationProxy | |
DelegatePermission.SerializationProxy | |
DelegateSecurityManager |
The DelegateSecurityManager is designed to enable the use of
Delegate decorators to encapsulate security sensitive objects using
Li Gong's method guard pattern.
|
PermissionComparator |
A Comparator for Permission that avoids using equals and hashCode() on
Permission implementations.
|
PermissionGrant |
PermissionGrant implementations are expected to be immutable, non blocking,
thread safe and have a good hashCode implementation to perform well in
Collections. |
PermissionGrantBuilder |
The PermissionGrantBuilder creates Dynamic PermissionGrant's based on
information provided by the user.
|
PermissionGrantBuilderImp |
PermissionGrantBuilderImp represents the serialized form of all
PermissionGrant implementations in this package.
|
PermissionGrantBuilderImp.NullPermissionGrant | |
PolicyPermission |
A "remote" or "REMOTE" PolicyPermission is allows updating a
RemotePolicy
|
PolicyUtils |
This class consist of a number of static methods, which provide a common functionality
for various policy and configuration providers.
|
PolicyUtils.SecurityPropertyAccessor |
Auxiliary action for accessing specific security property.
|
PolicyUtils.URLLoader |
Auxiliary action for opening InputStream from specified location.
|
PrincipalGrant | |
ProtectionDomainGrant |
ProtectionDomainGrant's become void if serialized, since ProtectionDomain's
cannot be serialized.
|
RemotePolicyProvider |
An implementation of RemotePolicy.
|
Segment |
Segments form a chain of String parts which represent a framework for
building complex String's from Substrings.
|
UnresolvedPrincipal |
Descriptive implementation of Principal, which holds a name and a classname
of unresolved principal.
|
URIGrant |
RFC3986 URI PermissionGrant
|
URIGrant.NormaliseURLAction | |
Util |
Enum | Description |
---|---|
Segment.Status |
Exception | Description |
---|---|
DefaultPolicyScanner.InvalidFormatException |
Specific exception class to signal policy file syntax error.
|
PolicyUtils.ExpansionFailedException |
Specific exception to signal that property expansion failed
due to unknown key.
|
Disk access of policy files is performed serially.
Copyright 2007-2013, multiple authors.
Licensed under the Apache License, Version 2.0, see the NOTICE file for attributions.