javax.security.auth

Class Subject

Implemented Interfaces:
Serializable

public final class Subject
extends Object
implements Serializable

See Also:
Serialized Form

Constructor Summary

Subject()
Subject(boolean readOnly, Set principals, Set pubCred, Set privCred)

Method Summary

static Object
doAs(Subject subject, PrivilegedAction action)
Run a method as another subject.
static Object
doAs(Subject subject, PrivilegedExceptionAction action)
Run a method as another subject.
static Object
doAsPrivileged(Subject subject, PrivilegedAction action, AccessControlContext acc)
Run a method as another subject.
static Object
doAsPrivileged(Subject subject, PrivilegedExceptionAction action, AccessControlContext acc)
Run a method as another subject.
boolean
equals(Object o)
Set
getPrincipals()
Set
getPrincipals(Class clazz)
Set
getPrivateCredentials()
Set
getPrivateCredentials(Class clazz)
Set
getPublicCredentials()
Set
getPublicCredentials(Class clazz)
static Subject
getSubject(AccessControlContext context)
Returns the subject associated with the given AccessControlContext.

All this method does is retrieve the Subject object from the supplied context's DomainCombiner, if any, and if it is an instance of a SubjectDomainCombiner.

int
hashCode()
boolean
isReadOnly()
Returns whether or not this subject is read-only.
void
setReadOnly()
Marks this subject as read-only.
String
toString()

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Constructor Details

Subject

public Subject()

Subject

public Subject(boolean readOnly,
               Set principals,
               Set pubCred,
               Set privCred)

Method Details

doAs

public static Object doAs(Subject subject,
                          PrivilegedAction action)
Run a method as another subject. This method will obtain the current AccessControlContext for this thread, then creates another with a SubjectDomainCombiner with the given subject. The supplied action will then be run with the modified context.
Parameters:
subject - The subject to run as.
action - The action to run.
Returns:
The value returned by the privileged action.
Throws:
SecurityException - If the caller is not allowed to run under a different identity ("doAs" target of AuthPermission.

doAs

public static Object doAs(Subject subject,
                          PrivilegedExceptionAction action)
            throws PrivilegedActionException
Run a method as another subject. This method will obtain the current AccessControlContext for this thread, then creates another with a SubjectDomainCombiner with the given subject. The supplied action will then be run with the modified context.
Parameters:
subject - The subject to run as.
action - The action to run.
Returns:
The value returned by the privileged action.
Throws:
SecurityException - If the caller is not allowed to run under a different identity ("doAs" target of AuthPermission.
PrivilegedActionException - If the action throws an exception.

doAsPrivileged

public static Object doAsPrivileged(Subject subject,
                                    PrivilegedAction action,
                                    AccessControlContext acc)
Run a method as another subject. This method will create a new AccessControlContext derived from the given one, with a SubjectDomainCombiner with the given subject. The supplied action will then be run with the modified context.
Parameters:
subject - The subject to run as.
action - The action to run.
acc - The context to use.
Returns:
The value returned by the privileged action.
Throws:
SecurityException - If the caller is not allowed to run under a different identity ("doAsPrivileged" target of AuthPermission.

doAsPrivileged

public static Object doAsPrivileged(Subject subject,
                                    PrivilegedExceptionAction action,
                                    AccessControlContext acc)
            throws PrivilegedActionException
Run a method as another subject. This method will create a new AccessControlContext derived from the given one, with a SubjectDomainCombiner with the given subject. The supplied action will then be run with the modified context.
Parameters:
subject - The subject to run as.
action - The action to run.
acc - The context to use.
Returns:
The value returned by the privileged action.
Throws:
SecurityException - If the caller is not allowed to run under a different identity ("doAsPrivileged" target of AuthPermission.
PrivilegedActionException - If the action throws an exception.

equals

public boolean equals(Object o)
Overrides:
equals in interface Object

getPrincipals

public Set getPrincipals()

getPrincipals

public Set getPrincipals(Class clazz)

getPrivateCredentials

public Set getPrivateCredentials()

getPrivateCredentials

public Set getPrivateCredentials(Class clazz)

getPublicCredentials

public Set getPublicCredentials()

getPublicCredentials

public Set getPublicCredentials(Class clazz)

getSubject

public static Subject getSubject(AccessControlContext context)
Returns the subject associated with the given AccessControlContext.

All this method does is retrieve the Subject object from the supplied context's DomainCombiner, if any, and if it is an instance of a SubjectDomainCombiner.

Parameters:
context - The context to retrieve the subject from.
Returns:
The subject assoctiated with the context, or null if there is none.
Throws:
NullPointerException - If subject is null.
SecurityException - If the caller does not have permission to get the subject ("getSubject" target of AuthPermission.

hashCode

public int hashCode()
Overrides:
hashCode in interface Object

isReadOnly

public boolean isReadOnly()
Returns whether or not this subject is read-only.
Returns:
True is this subject is read-only.

setReadOnly

public void setReadOnly()
Marks this subject as read-only.
Throws:
SecurityException - If the caller does not have permission to set this subject as read-only ("setReadOnly" target of AuthPermission.

toString

public String toString()
Overrides:
toString in interface Object

Subject.java -- a single entity in the system. Copyright (C) 2004, 2005 Free Software Foundation, Inc. This file is part of GNU Classpath. GNU Classpath is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation; either version 2, or (at your option) any later version. GNU Classpath is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details. You should have received a copy of the GNU General Public License along with GNU Classpath; see the file COPYING. If not, write to the Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. Linking this library statically or dynamically with other modules is making a combined work based on this library. Thus, the terms and conditions of the GNU General Public License cover the whole combination. As a special exception, the copyright holders of this library give you permission to link this library with independent modules to produce an executable, regardless of the license terms of these independent modules, and to copy and distribute the resulting executable under terms of your choice, provided that you also meet, for each linked independent module, the terms and conditions of the license of that module. An independent module is a module which is not derived from or based on this library. If you modify this library, you may extend this exception to your version of the library, but you are not obligated to do so. If you do not wish to do so, delete this exception statement from your version.