com.ibm.sec.authz.jaccplus

Class DelegatedPermissionCollection

  1. java.lang.Object
  2. extended byjava.security.PermissionCollection
  3. extended bycom.ibm.sec.authz.jaccplus.DelegatedPermissionCollection
All implemented interfaces:
java.io.Serializable

  1. public class DelegatedPermissionCollection
  2. extends java.security.PermissionCollection

Primarily used for passing to ApplicationPolicy.implies( String, EvaluationContext, PermissionCollection), and typically contains ApplicationPermission objects.

ApplicationPermission is designed to be serialized to an XACML request and evaluated against an XACML PDP rather than evaluated using implies(). As such, the usual mechanism of PermissionCollection.implies(Permission) for determining what is permitted and what is denied does not work.

The DelegatedPermissionCollection adds the new method removePermission(Permission) so that ApplicationPolicy can dynamically alter the contents of the collection in response to the XACML evaluation decision.

See Also:
Serialized Form

Constructor Summary

Constructor and Description
DelegatedPermissionCollection()

Method Summary

Modifier and Type Method and Description
  1. void
add(java.security.Permission permission)
  1. java.util.Enumeration<java.security.Permission>
elements()
  1. boolean
implies(java.security.Permission permission)
  1. void
removePermission(java.security.Permission permission)
This method removes the given Permission from the collection.
Methods inherited from class java.security.PermissionCollection
isReadOnly, setReadOnly, toString
Methods inherited from class java.lang.Object
equals, getClass, hashCode, notify, notifyAll, wait, wait, wait

Constructor Detail

DelegatedPermissionCollection

  1. public DelegatedPermissionCollection( )

Method Detail

add

  1. public void add(java.security.Permission permission)
Specified by:
add in class java.security.PermissionCollection

elements

  1. public java.util.Enumeration<java.security.Permission> elements( )
Specified by:
elements in class java.security.PermissionCollection

implies

  1. public boolean implies(java.security.Permission permission)
Specified by:
implies in class java.security.PermissionCollection

removePermission

  1. public void removePermission(java.security.Permission permission)
This method removes the given Permission from the collection. During evaluation, this method is called if the Permission is not implied.
Parameters:
permission - The permission to be removed.