java.security.acl.Acl |
The Access Control List (ACL) interface definition.
An ACL is a set of AclEntry
objects.
An AclEntry
is a list of Permission
s that are granted
(positive) or denied
(negative) to a Principal
.
An Acl
has a list of owners (Owner
) which are principals as well Principal
. Only those principals which are the Acl
's owners are allowed to modify the Acl
.
The ACL has to conform to the following rules:
Principal
there can be only one positive and one
negative AclEntry
.AclEntry
's (positive and negative) for a
specific Principal
grant and deny the same Permission
to that
Principal
, then that Permission
is treated as
neither granted nor denied to that Principal
.Principal
always
override permissions of the group(s) to which the individual belongs.AclEntry
associated with a specific Principal
, then it is interpreted as an empty list of permissions.Public Methods | |||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|
Adds an
AclEntry to this ACL instance. | |||||||||||
Checks whether the specified principal is granted the specified
permission.
| |||||||||||
Returns an
Enumeration of the AclEntry of this
ACL. | |||||||||||
Returns the name of this ACL instance.
| |||||||||||
Returns the set of allowed permissions for the specified
Principal . | |||||||||||
Removes an
AclEntry from this ACL instance. | |||||||||||
Sets the name of this ACL instance.
| |||||||||||
Returns the string representation of this ACL.
|
[Expand]
Inherited Methods | |||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|
From interface java.security.acl.Owner
|
Adds an AclEntry
to this ACL instance.
If the ACL already has an AclEntry
of the same type (
positive or negative) and principal, then the new entry is not added.
caller | the invoking Principal . |
---|---|
entry | the ACL entry to add. |
true
if the entry is added, false
if there is already an entry of
the same type for the same principalNotOwnerException | if the invoking Principal is not an owner of this
ACL. |
---|
Checks whether the specified principal is granted the specified permission.
The list of granted permissions is determined according to the rules
specified by getPermissions
.
principal | the principal the check the permissions for. |
---|---|
permission | the permission to check for the principal. |
true
if the principal is granted the permission, otherwise false
.Returns an Enumeration
of the AclEntry
of this
ACL.
Enumeration
of the AclEntry
of this
ACL.Returns the name of this ACL instance.
Returns the set of allowed permissions for the specified Principal
.
If the specified principal has no entry in this ACL, an empty set is returned.
The allowed permissions are collected according to the following rules:
Group
) are collected. The positive (granted)
permissions are the union of all group's positive permissions that the
principal belongs to, the negative (denied) permissions are the union of
all group's negative permissions that the principal belongs to. If a
specific permission is in both the positive and the negative list, it is
removed from both lists.user | the principal to get the allowed permissions for. |
---|
Removes an AclEntry
from this ACL instance.
caller | the invoking Principal . |
---|---|
entry | the ACL entry to remove. |
true
if the entry is removed, false
if the entry is not in this
ACL.NotOwnerException | if the invoking Principal is not an owner of this
ACL. |
---|
Sets the name of this ACL instance.
caller | the invoking Principal . |
---|---|
name | the name to be set. |
NotOwnerException | if the invoking Principal is not an owner of this
ACL. |
---|
Returns the string representation of this ACL.