/*
 * Copyright (c) 2005, 2013, Oracle and/or its affiliates. All rights reserved.
 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
 *
 * This code is free software; you can redistribute it and/or modify it
 * under the terms of the GNU General Public License version 2 only, as
 * published by the Free Software Foundation.  Oracle designates this
 * particular file as subject to the "Classpath" exception as provided
 * by Oracle in the LICENSE file that accompanied this code.
 *
 * This code is distributed in the hope that it will be useful, but WITHOUT
 * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
 * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
 * version 2 for more details (a copy is included in the LICENSE file that
 * accompanied this code).
 *
 * You should have received a copy of the GNU General Public License version
 * 2 along with this work; if not, write to the Free Software Foundation,
 * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
 *
 * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
 * or visit www.oracle.com if you need additional information or have any
 * questions.
 */


package java.security;

This class defines the Service Provider Interface (SPI) for the Policy class. All the abstract methods in this class must be implemented by each service provider who wishes to supply a Policy implementation.

Subclass implementations of this abstract class must provide a public constructor that takes a Policy.Parameters object as an input parameter. This constructor also must throw an IllegalArgumentException if it does not understand the Policy.Parameters input.

Since:1.6
/** * This class defines the <i>Service Provider Interface</i> (<b>SPI</b>) * for the {@code Policy} class. * All the abstract methods in this class must be implemented by each * service provider who wishes to supply a Policy implementation. * * <p> Subclass implementations of this abstract class must provide * a public constructor that takes a {@code Policy.Parameters} * object as an input parameter. This constructor also must throw * an IllegalArgumentException if it does not understand the * {@code Policy.Parameters} input. * * * @since 1.6 */
public abstract class PolicySpi {
Check whether the policy has granted a Permission to a ProtectionDomain.
Params:
  • domain – the ProtectionDomain to check.
  • permission – check whether this permission is granted to the specified domain.
Returns:boolean true if the permission is granted to the domain.
/** * Check whether the policy has granted a Permission to a ProtectionDomain. * * @param domain the ProtectionDomain to check. * * @param permission check whether this permission is granted to the * specified domain. * * @return boolean true if the permission is granted to the domain. */
protected abstract boolean engineImplies (ProtectionDomain domain, Permission permission);
Refreshes/reloads the policy configuration. The behavior of this method depends on the implementation. For example, calling refresh on a file-based policy will cause the file to be re-read.

The default implementation of this method does nothing. This method should be overridden if a refresh operation is supported by the policy implementation.

/** * Refreshes/reloads the policy configuration. The behavior of this method * depends on the implementation. For example, calling {@code refresh} * on a file-based policy will cause the file to be re-read. * * <p> The default implementation of this method does nothing. * This method should be overridden if a refresh operation is supported * by the policy implementation. */
protected void engineRefresh() { }
Return a PermissionCollection object containing the set of permissions granted to the specified CodeSource.

The default implementation of this method returns Policy.UNSUPPORTED_EMPTY_COLLECTION object. This method can be overridden if the policy implementation can return a set of permissions granted to a CodeSource.

Params:
  • codesource – the CodeSource to which the returned PermissionCollection has been granted.
Returns:a set of permissions granted to the specified CodeSource. If this operation is supported, the returned set of permissions must be a new mutable instance and it must support heterogeneous Permission types. If this operation is not supported, Policy.UNSUPPORTED_EMPTY_COLLECTION is returned.
/** * Return a PermissionCollection object containing the set of * permissions granted to the specified CodeSource. * * <p> The default implementation of this method returns * Policy.UNSUPPORTED_EMPTY_COLLECTION object. This method can be * overridden if the policy implementation can return a set of * permissions granted to a CodeSource. * * @param codesource the CodeSource to which the returned * PermissionCollection has been granted. * * @return a set of permissions granted to the specified CodeSource. * If this operation is supported, the returned * set of permissions must be a new mutable instance * and it must support heterogeneous Permission types. * If this operation is not supported, * Policy.UNSUPPORTED_EMPTY_COLLECTION is returned. */
protected PermissionCollection engineGetPermissions (CodeSource codesource) { return Policy.UNSUPPORTED_EMPTY_COLLECTION; }
Return a PermissionCollection object containing the set of permissions granted to the specified ProtectionDomain.

The default implementation of this method returns Policy.UNSUPPORTED_EMPTY_COLLECTION object. This method can be overridden if the policy implementation can return a set of permissions granted to a ProtectionDomain.

Params:
  • domain – the ProtectionDomain to which the returned PermissionCollection has been granted.
Returns:a set of permissions granted to the specified ProtectionDomain. If this operation is supported, the returned set of permissions must be a new mutable instance and it must support heterogeneous Permission types. If this operation is not supported, Policy.UNSUPPORTED_EMPTY_COLLECTION is returned.
/** * Return a PermissionCollection object containing the set of * permissions granted to the specified ProtectionDomain. * * <p> The default implementation of this method returns * Policy.UNSUPPORTED_EMPTY_COLLECTION object. This method can be * overridden if the policy implementation can return a set of * permissions granted to a ProtectionDomain. * * @param domain the ProtectionDomain to which the returned * PermissionCollection has been granted. * * @return a set of permissions granted to the specified ProtectionDomain. * If this operation is supported, the returned * set of permissions must be a new mutable instance * and it must support heterogeneous Permission types. * If this operation is not supported, * Policy.UNSUPPORTED_EMPTY_COLLECTION is returned. */
protected PermissionCollection engineGetPermissions (ProtectionDomain domain) { return Policy.UNSUPPORTED_EMPTY_COLLECTION; } }