|
Generated by JDiff |
||||||||
| PREV PACKAGE NEXT PACKAGE FRAMES NO FRAMES | |||||||||
This file contains all the changes in documentation in the packagejava.security.aclas colored differences. Deletions are shownlike this, and additions are shown like this.
If no deletions or additions are shown in an entry, the HTML tags will be what has changed. The new HTML tags are shown in the differences. If no documentation existed, and then some was added in a later version, this change is noted in the appropriate class pages of differences, but the change is not shown on this page. Only changes in existing text are shown here. Similarly, documentation which was inherited from another class or interface is not shown here.
Note that an HTML error in the new documentation may cause the display of other documentation changes to be presented incorrectly. For instance, failure to close a <code> tag will cause all subsequent paragraphs to be displayed differently.
Interface representing an Access Control List (ACL). An Access Control List is a data structure used to guard access to resources.An ACL can be thought of as a data structure with multiple ACL entries. Each ACL entry of interface type AclEntry contains a set of permissions associated with a particular principal. (A principal represents an entity such as an individual user or a group). Additionally each ACL entry is specified as being either positive or negative. If positive the permissions are to be granted to the associated principal. If negative the permissions are to be denied.
The ACL Entries in each ACL observe the following rules:
The
- Each principal can have at most one positive ACL entry and one negative entry; that is multiple positive or negative ACL entries are not allowed for any principal. Each entry specifies the set of permissions that are to be granted (if positive) or denied (if negative).
- If there is no entry for a particular principal then the principal is considered to have a null (empty) permission set.
- If there is a positive entry that grants a principal a particular permission and a negative entry that denies the principal the same permission the result is as though the permission was never granted or denied.
- Individual permissions always override permissions of the group(s) to which the individual belongs. That is individual negative permissions (specific denial of permissions) override the groups' positive permissions. And individual positive permissions override the groups' negative permissions.
java.security.aclpackage provides the interfaces to the ACL and related data structures (ACL entries groups permissions etc.) and thesun.security.aclclasses provide a default implementation of the interfaces. For examplejava.security.acl.Aclprovides the interface to an ACL and thesun.security.acl.AclImplclass provides the default implementation of the interface.The
java.security.acl.Aclinterface extends thejava.security.acl.Ownerinterface. The Owner interface is used to maintain a list of owners for each ACL. Only owners are allowed to modify an ACL. For example only an owner can call the ACL'saddEntrymethod to add a new ACL entry to the ACL. @see java.security.acl.AclEntry @see java.security.acl.Owner @see java.security.acl.Acl#getPermissions @version 1.16 9818 00/1202/0302 @author Satish Dharmaraj
This is the interface used for representing one entry in an Access Control List (ACL).An ACL can be thought of as a data structure with multiple ACL entry objects. Each ACL entry object contains a set of permissions associated with a particular principal. (A principal represents an entity such as an individual user or a group). Additionally each ACL entry is specified as being either positive or negative. If positive the permissions are to be granted to the associated principal. If negative the permissions are to be denied. Each principal can have at most one positive ACL entry and one negative entry; that is multiple positive or negative ACL entries are not allowed for any principal. Note: ACL entries are by default positive. An entry becomes a negative entry only if the setNegativePermissions method is called on it. @see java.security.acl.Acl @author Satish Dharmaraj