Class SAFPermission

java.lang.Object
java.security.Permission
com.ibm.security.auth.SAFPermission
All Implemented Interfaces:
Serializable, Guard
public final class SAFPermission extends Permission implements Serializable
The SAFPermission class extends the Permission class. These permissions will be used for a permission check in RACF.

The SAF Permission take three instance variables: securityClass : The name of the RACF class of resources (1-8 characters) and is optional. entityName : Specifies the name of the resource (1-246 characters) and is required. access : Specifies a numeric value that identifies the type of access to check for and is optional. The name string (inherited from Permission is the entityName. The securityClass string will be added as a private String. The access integer will be added as private Integer. This implementation uses Subject.current() instead of the deprecated AccessController.getContext().

See Also:

  • Field Details

    • __READ_RESOURCE

      public static final Integer __READ_RESOURCE

    • __UPDATE_RESOURCE

      public static final Integer __UPDATE_RESOURCE

    • __CONTROL_RESOURCE

      public static final Integer __CONTROL_RESOURCE

    • __ALTER_RESOURCE

      public static final Integer __ALTER_RESOURCE

  • Constructor Details

    • SAFPermission

      public SAFPermission(String securityClass, String entityName, Integer access)
      Creates a new SAFPermission with the specified securityClass, entityName and access.
      Parameters:
      securityClass - the securityClass of the SAFPermission.
      entityName - the entityName of the SAFPermission.
      access - the access of the SAFPermission.
      Throws:
      NullPointerException - if name is null.
      IllegalArgumentException - if name is empty.

    • SAFPermission

      public SAFPermission(String securityClass, String entityName)
      Creates a new SAFPermission with the specified securityClass, and entityName with a defaulted access of READ.
      Parameters:
      securityClass - the securityClass of the SAFPermission.
      entityName - the entityName of the SAFPermission.
      Throws:
      NullPointerException - if name is null.
      IllegalArgumentException - if name is empty.

    • SAFPermission

      public SAFPermission(String entityName, Integer access)
      Creates a new SAFPermission with the specified entityName and access with a default security class of ????
      Parameters:
      entityName - the entityName of the SAFPermission.
      access - the access of the SAFPermission.
      Throws:
      NullPointerException - if name is null.
      IllegalArgumentException - if name is empty.

    • SAFPermission

      public SAFPermission(String entityName)
      Creates a new SAFPermission with the specified entity _name and default values for securityClass and access.
      Parameters:
      entityName - the entityName of the SAFPermission.
      Throws:
      NullPointerException - if name is null.
      IllegalArgumentException - if name is empty.

  • Method Details

    • implies

      public boolean implies(Permission p)
      Calls RACF to verify the permission.

      More specifically, this method returns true if:

      RACF returns that the user has the necessary access or false if not.

      Specified by:
      implies in class Permission
      Parameters:
      p - used to make the check permission call.
      Returns:
      true if RACF allows the access, false otherwise.

    • equals

      public boolean equals(Object obj)
      Checks two SAFPermission objects for equality. Checks that obj's class is the same as this object's class and has the same name as this object.

      Specified by:
      equals in class Permission
      Parameters:
      obj - the object we are testing for equality with this object.
      Returns:
      true if obj is a SAFPermission, and has the same name as this SAFPermission object, false otherwise.

    • hashCode

      public int hashCode()
      Returns the hash code value for this object. The hash code used is the hash code of the name, that is, toString().hashCode(), where getName is from the Permission superclass.
      Specified by:
      hashCode in class Permission
      Returns:
      a hash code value for this object.

    • getActions

      public String getActions()
      Returns the Actions value for this object. The Actions are not relevant for a SAFPermission,
      Specified by:
      getActions in class Permission
      Returns:
      Actions for this object.

    • getSecurityClass

      public String getSecurityClass()
      Returns the Security Class for this object from this class.
      Returns:
      a String for the value of securityClass for this object.

    • getAccess

      public Integer getAccess()
      Returns the Access for this object. from this class.
      Returns:
      a String for the value of access for this object.

    • toString

      public String toString()
      Returns the a String that is a concatenation of the securityClass, the name and the access. This is used for the hashcode.
      Overrides:
      toString in class Permission
      Returns:
      a String for the value for this object.

    • newPermissionCollection

      public PermissionCollection newPermissionCollection()
      Returns a new PermissionCollection object for storing SAFPermission objects.

      A SAFPermissionCollection stores a collection of SAFPermission permissions.

      SAFPermission objects must be stored in a manner that allows them to be inserted in any order, but that also enables the PermissionCollection implies method to be implemented in an efficient (and consistent) manner.

      Overrides:
      newPermissionCollection in class Permission
      Returns:
      a new PermissionCollection object suitable for storing SAFPermissions.