public final class

Subject

extends Object
implements Serializable
java.lang.Object
   ↳ javax.security.auth.Subject

Class Overview

The central class of the javax.security.auth package representing an authenticated user or entity (both referred to as "subject"). IT defines also the static methods that allow code to be run, and do modifications according to the subject's permissions.

A subject has the following features:

  • A set of Principal objects specifying the identities bound to a Subject that distinguish it.
  • Credentials (public and private) such as certificates, keys, or authentication proofs such as tickets

Summary

Public Constructors
Subject()
The default constructor initializing the sets of public and private credentials and principals with the empty set.
Subject(boolean readOnly, Set<? extends Principal> subjPrincipals, Set<?> pubCredentials, Set<?> privCredentials)
The constructor for the subject, setting its public and private credentials and principals according to the arguments.
Public Methods
static Object doAs(Subject subject, PrivilegedExceptionAction action)
Runs the code defined by action using the permissions granted to the subject and to the code itself.
static Object doAs(Subject subject, PrivilegedAction action)
Runs the code defined by action using the permissions granted to the Subject itself and to the code as well.
static Object doAsPrivileged(Subject subject, PrivilegedExceptionAction action, AccessControlContext context)
Runs the code defined by action using the permissions granted to the subject and to the code itself, additionally providing a more specific context.
static Object doAsPrivileged(Subject subject, PrivilegedAction action, AccessControlContext context)
Run the code defined by action using the permissions granted to the Subject and to the code itself, additionally providing a more specific context.
boolean equals(Object obj)
Checks two Subjects for equality.
Set<Principal> getPrincipals()
Returns this Subject's Principal.
<T extends Principal> Set<T> getPrincipals(Class<T> c)
Returns this Subject's Principal which is a subclass of the Class provided.
Set<Object> getPrivateCredentials()
Returns the private credentials associated with this Subject.
<T> Set<T> getPrivateCredentials(Class<T> c)
Returns this Subject's private credentials which are a subclass of the Class provided.
Set<Object> getPublicCredentials()
Returns the public credentials associated with this Subject.
<T> Set<T> getPublicCredentials(Class<T> c)
Returns this Subject's public credentials which are a subclass of the Class provided.
static Subject getSubject(AccessControlContext context)
Returns the Subject that was last associated with the context provided as argument.
int hashCode()
Returns a hash code of this Subject.
boolean isReadOnly()
Returns whether this Subject is read-only or not.
void setReadOnly()
Prevents from modifications being done to the credentials and Principal sets.
String toString()
Returns a String representation of this Subject.
[Expand]
Inherited Methods
From class java.lang.Object

Public Constructors

public Subject ()

Since: API Level 1

The default constructor initializing the sets of public and private credentials and principals with the empty set.

public Subject (boolean readOnly, Set<? extends Principal> subjPrincipals, Set<?> pubCredentials, Set<?> privCredentials)

Since: API Level 1

The constructor for the subject, setting its public and private credentials and principals according to the arguments.

Parameters
readOnly true if this Subject is read-only, thus preventing any modifications to be done.
subjPrincipals the set of Principals that are attributed to this Subject.
pubCredentials the set of public credentials that distinguish this Subject.
privCredentials the set of private credentials that distinguish this Subject.

Public Methods

public static Object doAs (Subject subject, PrivilegedExceptionAction action)

Since: API Level 1

Runs the code defined by action using the permissions granted to the subject and to the code itself.

Parameters
subject the distinguished Subject.
action the code to be run.
Returns
  • the Object returned when running the action.
Throws
PrivilegedActionException if running the action throws an exception.

public static Object doAs (Subject subject, PrivilegedAction action)

Since: API Level 1

Runs the code defined by action using the permissions granted to the Subject itself and to the code as well.

Parameters
subject the distinguished Subject.
action the code to be run.
Returns
  • the Object returned when running the action.

public static Object doAsPrivileged (Subject subject, PrivilegedExceptionAction action, AccessControlContext context)

Since: API Level 1

Runs the code defined by action using the permissions granted to the subject and to the code itself, additionally providing a more specific context.

Parameters
subject the distinguished Subject.
action the code to be run.
context the specific context in which the action is invoked. if null a new AccessControlContext is instantiated.
Returns
  • the Object returned when running the action.
Throws
PrivilegedActionException if running the action throws an exception.

public static Object doAsPrivileged (Subject subject, PrivilegedAction action, AccessControlContext context)

Since: API Level 1

Run the code defined by action using the permissions granted to the Subject and to the code itself, additionally providing a more specific context.

Parameters
subject the distinguished Subject.
action the code to be run.
context the specific context in which the action is invoked. if null a new AccessControlContext is instantiated.
Returns
  • the Object returned when running the action.

public boolean equals (Object obj)

Since: API Level 1

Checks two Subjects for equality. More specifically if the principals, public and private credentials are equal, equality for two Subjects is implied.

Parameters
obj the Object checked for equality with this Subject.
Returns
  • true if the specified Subject is equal to this one.

public Set<Principal> getPrincipals ()

Since: API Level 1

Returns this Subject's Principal.

Returns

public Set<T> getPrincipals (Class<T> c)

Since: API Level

Returns this Subject's Principal which is a subclass of the Class provided.

Parameters
c the Class as a criteria which the Principal returned must satisfy.
Returns
  • this Subject's Principal. Modifications to the returned set of Principals do not affect this Subject's set.

public Set<Object> getPrivateCredentials ()

Since: API Level 1

Returns the private credentials associated with this Subject.

Returns
  • the private credentials associated with this Subject.

public Set<T> getPrivateCredentials (Class<T> c)

Since: API Level 1

Returns this Subject's private credentials which are a subclass of the Class provided.

Parameters
c the Class as a criteria which the private credentials returned must satisfy.
Returns
  • this Subject's private credentials. Modifications to the returned set of credentials do not affect this Subject's credentials.

public Set<Object> getPublicCredentials ()

Since: API Level 1

Returns the public credentials associated with this Subject.

Returns
  • the public credentials associated with this Subject.

public Set<T> getPublicCredentials (Class<T> c)

Since: API Level 1

Returns this Subject's public credentials which are a subclass of the Class provided.

Parameters
c the Class as a criteria which the public credentials returned must satisfy.
Returns
  • this Subject's public credentials. Modifications to the returned set of credentials do not affect this Subject's credentials.

public static Subject getSubject (AccessControlContext context)

Since: API Level 1

Returns the Subject that was last associated with the context provided as argument.

Parameters
context the context that was associated with the Subject.
Returns
  • the Subject that was last associated with the context provided as argument.

public int hashCode ()

Since: API Level 1

Returns a hash code of this Subject.

Returns
  • a hash code of this Subject.

public boolean isReadOnly ()

Since: API Level 1

Returns whether this Subject is read-only or not.

Returns
  • whether this Subject is read-only or not.

public void setReadOnly ()

Since: API Level 1

Prevents from modifications being done to the credentials and Principal sets. After setting it to read-only this Subject can not be made writable again. The destroy method on the credentials still works though.

public String toString ()

Since: API Level 1

Returns a String representation of this Subject.

Returns
  • a String representation of this Subject.