Book Home Java Enterprise in a Nutshell Search this book

Chapter 18. The Package

The package defines, but does not implement, an incomplete framework for working with access control lists (ACLs). This package was added in Java 1.1, but has been superseded in Java 1.2 by the access-control mechanisms of the package. In particular, see the Permission and Policy classes of that package. The use of this package is not recommended. Figure 18-1 shows the class hierarchy of this package.


Figure 18-1. The package

AclJava 1.1

This interface represents an access control list, or ACL. An ACL is a list of AclEntry objects; most of the methods of this class manage that list. The exception is the checkPermission() method that tests whether this ACL grants a specified to a specified Note that Acl extends Owner. The methods of the Owner interface maintain a list of ACL owners. Only owners are allowed to modify an ACL.

public interface Acl extends Owner {
// Public Instance Methods
public abstract boolean addEntry ( caller, AclEntry entry) throws NotOwnerException;
public abstract boolean checkPermission ( principal, permission);
public abstract java.util.Enumeration entries ();
public abstract String getName ();
public abstract java.util.Enumeration getPermissions ( user);
public abstract boolean removeEntry ( caller, AclEntry entry) throws NotOwnerException;
public abstract void setName ( caller, String name) throws NotOwnerException;
public abstract String toString ();

Hierarchy: (Acl(Owner))

AclEntryJava 1.1

This interface defines a single entry of an ACL. Each AclEntry represents a set of objects either granted or denied to a given By default, an AclEntry represents permissions granted to the principal. Call setNegativePermissions() if you want the AclEntry to represent a set of permissions to be denied.

public interface AclEntry extends Cloneable {
// Public Instance Methods
public abstract boolean addPermission ( permission);
public abstract boolean checkPermission ( permission);
public abstract Object clone ();
public abstract getPrincipal ();
public abstract boolean isNegative ();
public abstract java.util.Enumeration permissions ();
public abstract boolean removePermission ( permission);
public abstract void setNegativePermissions ();
public abstract boolean setPrincipal ( user);
public abstract String toString ();

Hierarchy: (AclEntry(Cloneable))

Passed To: Acl.{addEntry(), removeEntry()}

AclNotFoundExceptionJava 1.1 checked

Signals that the specified Acl could not be found. Note that none of the interfaces in throw this exception; it is provided for the benefit of Acl implementations.

public class AclNotFoundException extends Exception {
// Public Constructors
public AclNotFoundException ();

Hierarchy: Object-->Throwable(Serializable)-->Exception-->AclNotFoundException

GroupJava 1.1

This interface represents a set, or group, of objects. The methods of the interface serve to manage the membership of the group. Note that Group extends the Principal interface, and, therefore, you can use a Group object wherever you would use a Principal object in this package.

public interface Group extends {
// Public Instance Methods
public abstract boolean addMember ( user);
public abstract boolean isMember ( member);
public abstract java.util.Enumeration members ();
public abstract boolean removeMember ( user);

Hierarchy: (Group(

LastOwnerExceptionJava 1.1 checked

Signals that an Acl or Owner has only one Principal remaining in its ownership list and that this single owner cannot be removed.

public class LastOwnerException extends Exception {
// Public Constructors
public LastOwnerException ();

Hierarchy: Object-->Throwable(Serializable)-->Exception-->LastOwnerException

Thrown By: Owner.deleteOwner()

NotOwnerExceptionJava 1.1 checked

Thrown by various methods of Acl and Owner when they are called by a Principal that is not an owner.

public class NotOwnerException extends Exception {
// Public Constructors
public NotOwnerException ();

Hierarchy: Object-->Throwable(Serializable)-->Exception-->NotOwnerException

Thrown By: Acl.{addEntry(), removeEntry(), setName()}, Owner.{addOwner(), deleteOwner()}

OwnerJava 1.1

This interface represents the owner or owners of an ACL. The interface defines methods for managing and checking membership in the list of owners.

public interface Owner {
// Public Instance Methods
public abstract boolean addOwner ( caller, owner) throws NotOwnerException;
public abstract boolean deleteOwner ( caller, owner) throws NotOwnerExceptionLastOwnerException;
public abstract boolean isOwner ( owner);

Implementations: Acl

PermissionJava 1.1

This interface represents a permission. The meaning of the permission is entirely up to the implementation. Do not confuse this interface with the newer class. Also note that this interface does not have the implies() method of and is therefore significantly less versatile.

public interface Permission {
// Public Instance Methods
public abstract boolean equals (Object another);
public abstract String toString ();

Passed To: Acl.checkPermission(), AclEntry.{addPermission(), checkPermission(), removePermission()}

Library Navigation Links

Copyright © 2001 O'Reilly & Associates. All rights reserved.