All Packages  Class Hierarchy  This Package  Previous  Next  Index

Class sun.security.acl.AclImpl 

java.lang.Object
   |
   +----sun.security.acl.OwnerImpl
           |
           +----sun.security.acl.AclImpl
public class AclImpl
extends OwnerImpl
implements Acl
An Access Control List (ACL) is encapsulated by this class.

Constructor Index

o AclImpl(Principal, String)
Constructor for creating an empty ACL.

Method Index

o addEntry(Principal, AclEntry)
Adds an ACL entry to this ACL.
o checkPermission(Principal, Permission)
This method checks whether or not the specified principal has the required permission.
o entries()
returns an enumeration of the entries in this ACL.
o getName()
Returns the name of the ACL.
o getPermissions(Principal)
This method returns the set of allowed permissions for the specified principal.
o removeEntry(Principal, AclEntry)
Removes an ACL entry from this ACL.
o setName(Principal, String)
Sets the name of the ACL.
o toString()
return a stringified version of the ACL.

Constructors

o AclImpl 
 public AclImpl(Principal owner,
                String name)
Constructor for creating an empty ACL.

Methods

o setName 
 public void setName(Principal caller,
                     String name) throws NotOwnerException
Sets the name of the ACL.

Parameters:
caller - the principal who is invoking this method.
name - the name of the ACL.
Throws: NotOwnerException
if the caller principal is not on the owners list of the Acl.
o getName 
 public String getName()
Returns the name of the ACL.

Returns:
the name of the ACL.
o addEntry 
 public synchronized boolean addEntry(Principal caller,
                                      AclEntry entry) throws NotOwnerException
Adds an ACL entry to this ACL. An entry associates a group or a principal with a set of permissions. Each user or group can have one positive ACL entry and one negative ACL entry. If there is one of the type (negative or positive) already in the table, a false value is returned. The caller principal must be a part of the owners list of the ACL in order to invoke this method.

Parameters:
caller - the principal who is invoking this method.
entry - the ACL entry that must be added to the ACL.
Returns:
true on success, false if the entry is already present.
Throws: NotOwnerException
if the caller principal is not on the owners list of the Acl.
o removeEntry 
 public synchronized boolean removeEntry(Principal caller,
                                         AclEntry entry) throws NotOwnerException
Removes an ACL entry from this ACL. The caller principal must be a part of the owners list of the ACL in order to invoke this method.

Parameters:
caller - the principal who is invoking this method.
entry - the ACL entry that must be removed from the ACL.
Returns:
true on success, false if the entry is not part of the ACL.
Throws: NotOwnerException
if the caller principal is not the owners list of the Acl.
o getPermissions 
 public synchronized Enumeration getPermissions(Principal user)
This method returns the set of allowed permissions for the specified principal. This set of allowed permissions is calculated as follows: If there is no entry for a group or a principal an empty permission set is assumed. The group positive permission set is the union of all the positive permissions of each group that the individual belongs to. The group negative permission set is the union of all the negative permissions of each group that the individual belongs to. If there is a specific permission that occurs in both the postive permission set and the negative permission set, it is removed from both. The group positive and negatoive permission sets are calculated. The individial positive permission set and the individual negative permission set is then calculated. Again abscence of an entry means the empty set. The set of permissions granted to the principal is then calculated using the simple rule: Individual permissions always override the Group permissions. Specifically, individual negative permission set (specific denial of permissions) overrides the group positive permission set. And the individual positive permission set override the group negative permission set.

Parameters:
user - the principal for which the ACL entry is returned.
Returns:
The resulting permission set that the principal is allowed.
o checkPermission 
 public boolean checkPermission(Principal principal,
                                Permission permission)
This method checks whether or not the specified principal has the required permission. If permission is denied permission false is returned, a true value is returned otherwise. This method does not authenticate the principal. It presumes that the principal is a valid authenticated principal.

Parameters:
principal - the name of the authenticated principal
permission - the permission that the principal must have.
Returns:
true of the principal has the permission desired, false otherwise.
o entries 
 public synchronized Enumeration entries()
returns an enumeration of the entries in this ACL.

o toString 
 public String toString()
return a stringified version of the ACL.

Overrides:
toString in class Object 
All Packages  Class Hierarchy  This Package  Previous  Next  Index