grant
method of the currently active sub-policy to grant the specified permissions to all protection domains (including ones not yet created) which are associated with the class loader of the given class and possess at least the given set of principals.
@param cl {@inheritDoc}
@param principals {@inheritDoc}
@param permissions {@inheritDoc}
@throws UnsupportedOperationException {@inheritDoc}
@throws SecurityException {@inheritDoc}
@throws NullPointerException {@inheritDoc}
Notes:
null
, then the grant applies across all protection domains that possess at least the specified principals. If the list of principals is null
or empty, then principals are effectively ignored in determining the protection domains to which the grant applies. If this policy provider does not support dynamic permission grants, then no permissions are granted and an UnsupportedOperationException
is thrown. The given class, if non-null
, must belong to either the system domain or a protection domain whose associated class loader is non-null
. If the class does not belong to such a protection domain, then no permissions are granted and an UnsupportedOperationException
is thrown.
If a security manager is installed, its checkPermission
method is called with a GrantPermission
containing the permissions to grant; if the permission check fails, then no permissions are granted and the resulting SecurityException
is thrown. The principals and permissions arrays passed in are neither modified nor retained; subsequent changes to the arrays have no effect on the grant operation.
@param cl class to grant permissions to the class loader of, ornull
if granting across all class loaders
@param principals if non-null
, minimum set of principalsto which grants apply
@param permissions if non-null
, permissions to grant
@throws UnsupportedOperationException if policy does not supportdynamic grants, or if cl
is non-null
and belongs to a protection domain with a null
class loader other than the system domain
@throws SecurityException if a security manager is installed and thecalling context does not have sufficient permissions to grant the given permissions
@throws NullPointerException if any element of the principals orpermissions arrays is null
Note: For the dbobject argument, Java Class objects are identified using a String object whose value is the fully qualified name of the Class, while Table and other objects are identified by an HsqlName object. A Table object identifier must be precisely the one obtained by calling table.getName(); if a different HsqlName object with an identical name attribute is specified, then rights checks and tests will fail, since the HsqlName class implements its {@link HsqlName#hashCode hashCode} and{@link HsqlName#equals equals} methods based on pure objectidentity, rather than on attribute values.
Note: For the dbobject argument, Java Class objects are identified using a String object whose value is the fully qualified name of the Class, while Table and other objects are identified by an HsqlName object. A Table object identifier must be precisely the one obtained by calling table.getName(); if a different HsqlName object with an identical name attribute is specified, then rights checks and tests will fail, since the HsqlName class implements its {@link HsqlName#hashCode hashCode} and{@link HsqlName#equals equals} methods based on pure objectidentity, rather than on attribute values.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|