Module org.apache.derby.commons
Class SystemPermission
- java.lang.Object
-
- java.security.Permission
-
- java.security.BasicPermission
-
- org.apache.derby.shared.common.security.SystemPermission
-
- All Implemented Interfaces:
Serializable
,Guard
public final class SystemPermission extends BasicPermission
This class represents access to system-wide Derby privileges.Permission Description Risk "jmx" "control" Controls the ability of JMX clients to control Derby and view security sensitive attributes through Derby's MBeans. JMX clients may be able to change the state of the running system "jmx" "monitor" Controls the ability of JMX clients to monitor Derby through Derby's MBeans, such as viewing number of current connections and configuration settings. Note: security related settings require control
action onjmx
JMX clients can see information about a runing system including software versions. - See Also:
- Serialized Form
-
-
Field Summary
Fields Modifier and Type Field Description static String
CONTROL
Action ("control"
) to perform control actions through JMX on engine, server or jmx.static String
ENGINE
Permission target name ("engine"
) for actions applicable to the core database engine.static SystemPermission
ENGINE_MONITOR
Constant representingSystemPermission("engine, "monitor")
.static String
JMX
Permission target name ("jmx"
) for actions applicable to management of Derby's JMX MBeans.static String
MONITOR
Action ("monitor"
) to perform monitoring actions through JMX on engine and server.static String
SERVER
Permission target name ("server"
) for actions applicable to the network server.static String
SHUTDOWN
The server and engine shutdown action ("shutdown"
).static String
USE_DERBY_INTERNALS
Action ("useDerbyInternals"
) by the engine to lookup Derby contexts.
-
Constructor Summary
Constructors Constructor Description SystemPermission(String name, String actions)
Creates a new SystemPermission with the specified name.
-
Method Summary
All Methods Static Methods Instance Methods Concrete Methods Modifier and Type Method Description static String
buildActionsString(Iterable<String> actions)
Build a comma-separated actions string suitable for returning fromgetActions()
.boolean
equals(Object other)
Does this permission equal another object.String
getActions()
Return the permission's actions in a canonical form.boolean
implies(Permission permission)
Does this permission imply another.PermissionCollection
newPermissionCollection()
static Set<String>
parseActions(String actions)
Get a set of all actions specified in a string.String
toString()
-
Methods inherited from class java.security.BasicPermission
hashCode
-
Methods inherited from class java.security.Permission
checkGuard, getName
-
-
-
-
Field Detail
-
SERVER
public static final String SERVER
Permission target name ("server"
) for actions applicable to the network server.- See Also:
- Constant Field Values
-
ENGINE
public static final String ENGINE
Permission target name ("engine"
) for actions applicable to the core database engine.- See Also:
- Constant Field Values
-
JMX
public static final String JMX
Permission target name ("jmx"
) for actions applicable to management of Derby's JMX MBeans.- See Also:
- Constant Field Values
-
SHUTDOWN
public static final String SHUTDOWN
The server and engine shutdown action ("shutdown"
).- See Also:
- Constant Field Values
-
CONTROL
public static final String CONTROL
Action ("control"
) to perform control actions through JMX on engine, server or jmx.For JMX control permission is required to get attributes that are deemed sensiive from a security aspect, such as the network server's port number, security mechanisms and any information about the file system.
- See Also:
- Constant Field Values
-
MONITOR
public static final String MONITOR
Action ("monitor"
) to perform monitoring actions through JMX on engine and server.- See Also:
- Constant Field Values
-
USE_DERBY_INTERNALS
public static final String USE_DERBY_INTERNALS
Action ("useDerbyInternals"
) by the engine to lookup Derby contexts.- See Also:
- Constant Field Values
-
ENGINE_MONITOR
public static final SystemPermission ENGINE_MONITOR
Constant representingSystemPermission("engine, "monitor")
.
-
-
Constructor Detail
-
SystemPermission
public SystemPermission(String name, String actions)
Creates a new SystemPermission with the specified name.- Parameters:
name
- the name of the SystemPermission- Throws:
NullPointerException
- if name or actions is nullIllegalArgumentException
- if name is empty or not a legal SystemPermission- See Also:
BasicPermission(String)
-
-
Method Detail
-
getActions
public String getActions()
Return the permission's actions in a canonical form.- Overrides:
getActions
in classBasicPermission
-
newPermissionCollection
public PermissionCollection newPermissionCollection()
- Overrides:
newPermissionCollection
in classBasicPermission
-
parseActions
public static Set<String> parseActions(String actions)
Get a set of all actions specified in a string. Actions are transformed to lower-case, and leading and trailing blanks are stripped off.- Parameters:
actions
- the specified actions string- Returns:
- a set of all the specified actions
-
buildActionsString
public static String buildActionsString(Iterable<String> actions)
Build a comma-separated actions string suitable for returning fromgetActions()
.- Parameters:
actions
- the list of actions- Returns:
- comma-separated string with the actions
-
equals
public boolean equals(Object other)
Does this permission equal another object. True if its and identical class with same name and (canonical) actions.- Overrides:
equals
in classBasicPermission
-
implies
public boolean implies(Permission permission)
Does this permission imply another. Only true if the other permission is a SystemPermission with the same name and all the actions of the permission are present in this. Note that none of the actions imply any other with this SystemPermission.- Overrides:
implies
in classBasicPermission
-
toString
public String toString()
- Overrides:
toString
in classPermission
-
-