Java EE 5 SDK

javax.security.jacc
Class EJBMethodPermission

java.lang.Object
  extended by java.security.Permission
      extended by javax.security.jacc.EJBMethodPermission
All Implemented Interfaces:
Serializable, Guard

public final class EJBMethodPermission
extends Permission
implements Serializable

Class for EJB method permissions.

The name of an EJBMethodPermission contains the value of the ejb-name element in the application's deployment descriptor that identifies the target EJB.

The actions of an EJBMethodPermission identifies the methods of the EJB to which the permission applies.

Implementations of this class MAY implement newPermissionCollection or inherit its implementation from the super class.

Author:
Ron Monzillo, Gary Ellison
See Also:
Permission, Serialized Form

Constructor Summary
EJBMethodPermission(String name, String actions)
          Creates a new EJBMethodPermission with the specified name and actions.
EJBMethodPermission(String EJBName, String methodInterface, Method method)
          Creates a new EJBMethodPermission with name corresponding to the EJBName and actions composed from methodInterface, and the Method object.
EJBMethodPermission(String EJBName, String methodName, String methodInterface, String[] methodParams)
          Creates a new EJBMethodPermission with name corresponding to the EJBName and actions composed from methodName, methodInterface, and methodParams.
 
Method Summary
 boolean equals(Object o)
          Checks two EJBMethodPermission objects for equality.
 String getActions()
          Returns a String containing a canonical representation of the actions of this EJBMethodPermission.
 int hashCode()
          Returns the hash code value for this EJBMethodPermission.
 boolean implies(Permission permission)
          Determines if the argument Permission is "implied by" this EJBMethodPermission.
 
Methods inherited from class java.security.Permission
checkGuard, getName, newPermissionCollection, toString
 
Methods inherited from class java.lang.Object
clone, finalize, getClass, notify, notifyAll, wait, wait, wait
 

Constructor Detail

EJBMethodPermission

public EJBMethodPermission(String name,
                           String actions)
Creates a new EJBMethodPermission with the specified name and actions.

The name contains the value of the ejb-name element corresponding to an EJB in the application's deployment descriptor.

The actions contains a methodSpec. The syntax of the actions parameter is defined as follows:

      methodNameSpec ::= methodName | emptyString

      methodInterfaceName ::= String

      methodInterfaceSpec ::= methodInterfaceName | emptyString

      typeName ::= typeName | typeName []

      methodParams ::= typeName | methodParams comma typeName

      methodParamsSpec ::= emptyString | methodParams

      methodSpec ::= null |
           methodNameSpec |
           methodNameSpec comma methodInterfaceName |
           methodNameSpec comma methodInterfaceSpec comma methodParamsSpec
 

A MethodInterfaceName is a non-empty String and should contain a method-intf value as defined for use in EJB deployment descriptors. An implementation must be flexible such that it supports additional interface names especially if they are standardized by the EJB Specification. The EJB Specification currently defines the following method-intf values:

       { "Home", "LocalHome", "Remote", "Local", "ServiceEndpoint" }
 

A null or empty string methodSpec indicates that the permission applies to all methods of the EJB. A methodSpec with a methodNameSpec of the empty string matches all methods of the EJB that match the methodInterface and methodParams elements of the methodSpec.

A methodSpec with a methodInterfaceSpec of the empty string matches all methods of the EJB that match the methodNameSpec and methodParamsSpec elements of the methodSpec.

A methodSpec without a methodParamsSpec matches all methods of the EJB that match the methodNameSpec and methodInterface elements of the methodSpec.

The order of the typeNames in methodParams array must match the order of occurence of the corresponding parameters in the method signature of the target method(s). Each typeName in the methodParams must contain the canonical form of the corresponding parameter's typeName as defined by the getActions method. A methodSpec with an empty methodParamsSpec matches all 0 argument methods of the EJB that match the methodNameSpec and methodInterfaceSpec elements of the methodSpec.

Parameters:
name - of the EJB to which the permission pertains.

actions - identifies the methods of the EJB to which the permission pertains.

EJBMethodPermission

public EJBMethodPermission(String EJBName,
                           String methodName,
                           String methodInterface,
                           String[] methodParams)
Creates a new EJBMethodPermission with name corresponding to the EJBName and actions composed from methodName, methodInterface, and methodParams.

Parameters:
EJBName - The string representation of the name of the EJB as it appears in the corresponding ejb-name element in the deployment descriptor.

methodName - A string that may be used to indicate the method of the EJB to which the permission pertains. A value of null or "" indicates that the permission pertains to all methods that match the other parameters of the permission specification without consideration of method name.

methodInterface - A string that may be used to specify the EJB interface to which the permission pertains. A value of null or "", indicates that the permission pertains to all methods that match the other parameters of the permission specification without consideration of the interface they occur on.

methodParams - An array of strings that may be used to specify (by typeNames) the parameter signature of the target methods. The order of the typeNames in methodParams array must match the order of occurence of the corresponding parameters in the method signature of the target method(s). Each typeName in the methodParams array must contain the canonical form of the corresponding parameter's typeName as defined by the getActions method. An empty methodParams array is used to represent a method signature with no arguments. A value of null indicates that the permission pertains to all methods that match the other parameters of the permission specification without consideration of method signature.

EJBMethodPermission

public EJBMethodPermission(String EJBName,
                           String methodInterface,
                           Method method)
Creates a new EJBMethodPermission with name corresponding to the EJBName and actions composed from methodInterface, and the Method object.

A container uses this constructor prior to checking if a caller has permission to call the method of an EJB.

Parameters:
EJBName - The string representation of the name of the EJB as it appears in the corresponding ejb-name element in the deployment descriptor.

methodInterface - A string that may be used to specify the EJB interface to which the permission pertains. A value of null or "", indicates that the permission pertains to all methods that match the other parameters of the permission specification without consideration of the interface they occur on.

method - an instance of the Java.lang.reflect.Method class corresponding to the method that the container is trying to determine whether the caller has permission to access. This value must not be null.
Method Detail

equals

public boolean equals(Object o)
Checks two EJBMethodPermission objects for equality. EJBMethodPermission objects are equivalent if they have case sensitive equivalent name and actions values.

Two Permission objects, P1 and P2, are equivalent if and only if P1.implies(P2) && P2.implies(P1).

Specified by:
equals in class Permission
Parameters:
o - the EJBMethodPermission object being tested for equality with this EJBMethodPermission

Returns:
true if the argument EJBMethodPermission object is equivalent to this EJBMethodPermission.

getActions

public String getActions()
Returns a String containing a canonical representation of the actions of this EJBMethodPermission. The Canonical form of the actions of an EJBMethodPermission is described by the following syntax description.

      methodNameSpec ::= methodName | emptyString

      methodInterfaceName ::= String

      methodInterfaceSpec ::= methodInterfaceName | emptyString

      typeName ::= typeName | typeName []

      methodParams ::= typeName | methodParams comma typeName

      methodParamsSpec ::= emptyString | methodParams

      methodSpec ::= null |
           methodName |
           methodNameSpec comma methodInterfaceName |
           methodNameSpec comma methodInterfaceSpec comma methodParamsSpec
 

The canonical form of each typeName must begin with the fully qualified Java name of the corresponding parameter's type. The canonical form of a typeName for an array parameter is the fully qualified Java name of the array's component type followed by as many instances of the string "[]" as there are dimensions to the array. No additional characters (e.g. blanks) may occur in the canonical form.

A MethodInterfaceName is a non-empty String and should contain a method-intf value as defined for use in EJB deployment descriptors. An implementation must be flexible such that it supports additional interface names especially if they are standardized by the EJB Specification. The EJB Specification currently defines the following method-intf values:

       { "Home", "LocalHome", "Remote", "Local", "ServiceEndpoint" }
 

Specified by:
getActions in class Permission
Returns:
a String containing the canonicalized actions of this EJBMethodPermission.

hashCode

public int hashCode()
Returns the hash code value for this EJBMethodPermission. The properties of the returned hash code must be as follows:

Specified by:
hashCode in class Permission
Returns:
the integer hash code value for this object.

implies

public boolean implies(Permission permission)
Determines if the argument Permission is "implied by" this EJBMethodPermission. For this to be the case,

The argument permission applies to a subset of the methods to which this permission applies if all of the following conditions are met.

The name and actions comparisons described above are case sensitive.

Specified by:
implies in class Permission
Parameters:
permission - "this" EJBMethodPermission is checked to see if it implies the argument permission.

Returns:
true if the specified permission is implied by this object, false if not.

Java EE 5 SDK

Submit a bug or feature

Copyright 2006 Sun Microsystems, Inc. All rights reserved.