Class ISSecurityPermission

  • All Implemented Interfaces:
    Serializable, Guard

    @SupportedAll
    public class ISSecurityPermission
    extends Permission
    This class ISSecurityPermission is used to protect the Access Manager resources which should be accessed only by trusted application. The resources this Permission is used to protect are: OpenAM administrator DN and password, and access to the encryption and decryption methods used to encrypt all passwords in OpenAM services. The supported permissions is "access" and supported actions are "adminpassword" and "crypt". So in the Java security policy file which will define the security options to grant this permission to code bases, it should be done as below:
     grant codeBase "file:{directory where jars are located}/-" {
     com.sun.identity.security.ISSecurityPermission "access",
     "adminpassword,crypt"; };
    
    Note: The property com.sun.identity.security.checkcaller should be set to true in AMConfig.properties file to enable the Java security permissions check.
    See Also:
    Serialized Form
    • Constructor Detail

      • ISSecurityPermission

        public ISSecurityPermission​(String access,
                                    String action)
        Constructs ISSecurityPermission object.
        Parameters:
        access - Has to be string "access"
        action - Can be adminpassword or crypt.
      • ISSecurityPermission

        public ISSecurityPermission​(String access)
        Constructs ISSecurityPermission object. This constructor sets the action to "adminpassword" by default.
        Parameters:
        access - Has to be string "access"
    • Method Detail

      • implies

        public boolean implies​(Permission p)
        This method checks to see if this instance of ISSecurityPermission implies the Permission being passed as the argument. For more information on this, see the Javadocs of java.security.Permission
        Specified by:
        implies in class Permission
        Parameters:
        p - Instance of com.sun.identity.security.ISSecurityPermission
        Returns:
        true if this instance of ISSecurityPermission implies the actions of the argument p. False otherwise java.security.Permission
      • equals

        public boolean equals​(Object o)
        Returns true if this object is equals to o.
        Specified by:
        equals in class Permission
        Parameters:
        o - object fro comparison.
        Returns:
        true if both object are similar.