JVM Permissions

In addition to the access control checks performed by JGSS, the Java™ Virtual Machine (JVM) performs authorization checks on access to numerous resources including files, Java properties, packages, Subject and sockets. Some of the permissions required when using the JAAS features of JGSS and or running with a Security Manager are listed here:

• javax.security.auth.AuthPermission "modifyPrincipals"
• javax.security.auth.AuthPermission "modifyPrivateCredentials"
• javax.security.auth.AuthPermission "getSubject"
• javax.security.auth.PrivateCredentialPermission "javax.security.auth.kerberos.KerberosKey javax.security.auth.kerberos.KerberosPrincipal \"*\"", "read"
• javax.security.auth.PrivateCredentialPermission "javax.security.auth.kerberos.KerberosTicket javax.security.auth.kerberos.KerberosPrincipal \"*\"", "read"
• java.util.PropertyPermission "com.ibm.security.jgss.debug", "read"
• java.util.PropertyPermission "com.ibm.security.krb5.krb5Debug", "read"
• java.util.PropertyPermission "DEBUG", "read"
• java.util.PropertyPermission "java.home", "read"
• java.util.PropertyPermission "java.security.krb5.conf", "read"
• java.util.PropertyPermission "java.security.krb5.kdc", "read"
• java.util.PropertyPermission "java.security.krb5.realm", "read"
• java.util.PropertyPermission "javax.security.auth.useSubjectCredsOnly","read"
• java.util.PropertyPermission "user.dir", "read"
• java.util.PropertyPermission "user.home", "read"
• java.lang.RuntimePermission "accessClassInPackage.sun.security.action"
• java.security.SecurityPermission "putProviderProperty.IBMJGSSProvider"