Class EJBMethodPermission

java.lang.Object
java.security.Permission
jakarta.security.jacc.EJBMethodPermission
All Implemented Interfaces:
Serializable, Guard

public final class EJBMethodPermission extends Permission
Class for Jakarta Enterprise Beans method permissions.

The name of an EJBMethodPermission contains the value of the ejb-name element in the application's deployment descriptor that identifies the target Jakarta Enterprise Bean.

The actions of an EJBMethodPermission identifies the methods of the Jakarta Enterprise Bean to which the permission applies.

Implementations of this class MAY implement newPermissionCollection or inherit its implementation from the super class.

See Also:
  • Constructor Details

    • EJBMethodPermission

      public EJBMethodPermission(String name, String actions)
      Creates a new EJBMethodPermission with the specified name and actions.

      The name contains the value of the ejb-name element corresponding to an Jakarta Enterprise Bean in the application's deployment descriptor.

      The actions contains a methodSpec. The syntax of the actions parameter is defined as follows:

            methodNameSpec ::= methodName | emptyString
      
            methodInterfaceName ::= String
      
            methodInterfaceSpec ::= methodInterfaceName | emptyString
      
            typeName ::= typeName | typeName []
      
            methodParams ::= typeName | methodParams comma typeName
      
            methodParamsSpec ::= emptyString | methodParams
      
            methodSpec ::= null |
                 methodNameSpec |
                 methodNameSpec comma methodInterfaceName |
                 methodNameSpec comma methodInterfaceSpec comma methodParamsSpec
       

      A MethodInterfaceName is a non-empty String and should contain a method-intf value as defined for use in Jakarta Enterprise Beans deployment descriptors. An implementation must be flexible such that it supports additional interface names especially if they are standardized by the Jakarta Enterprise Beans Specification. The Jakarta Enterprise Beans Specification currently defines the following method-intf values:

       { "Home", "LocalHome", "Remote", "Local", "ServiceEndpoint" }
       

      A null or empty string methodSpec indicates that the permission applies to all methods of the Jakarta Enterprise Bean. A methodSpec with a methodNameSpec of the empty string matches all methods of the Jakarta Enterprise Bean that match the methodInterface and methodParams elements of the methodSpec.

      A methodSpec with a methodInterfaceSpec of the empty string matches all methods of the Jakarta Enterprise Bean that match the methodNameSpec and methodParamsSpec elements of the methodSpec.

      A methodSpec without a methodParamsSpec matches all methods of the Jakarta Enterprise Bean that match the methodNameSpec and methodInterface elements of the methodSpec.

      The order of the typeNames in methodParams array must match the order of occurence of the corresponding parameters in the method signature of the target method(s). Each typeName in the methodParams must contain the canonical form of the corresponding parameter's typeName as defined by the getActions method. A methodSpec with an empty methodParamsSpec matches all 0 argument methods of the Jakarta Enterprise Bean that match the methodNameSpec and methodInterfaceSpec elements of the methodSpec.

      Parameters:
      name - of the Jakarta Enterprise Bean to which the permission pertains.
      actions - identifies the methods of the Jakarta Enterprise Bean to which the permission pertains.
    • EJBMethodPermission

      public EJBMethodPermission(String EJBName, String methodName, String methodInterface, String[] methodParams)
      Creates a new EJBMethodPermission with name corresponding to the EJBName and actions composed from methodName, methodInterface, and methodParams.
      Parameters:
      EJBName - The string representation of the name of the Jakarta Enterprise Bean as it appears in the corresponding ejb-name element in the deployment descriptor.
      methodName - A string that may be used to indicate the method of the Jakarta Enterprise Bean to which the permission pertains. A value of null or "" indicates that the permission pertains to all methods that match the other parameters of the permission specification without consideration of method name.
      methodInterface - A string that may be used to specify the Jakarta Enterprise Bean interface to which the permission pertains. A value of null or "", indicates that the permission pertains to all methods that match the other parameters of the permission specification without consideration of the interface they occur on.
      methodParams - An array of strings that may be used to specify (by typeNames) the parameter signature of the target methods. The order of the typeNames in methodParams array must match the order of occurrence of the corresponding parameters in the method signature of the target method(s). Each typeName in the methodParams array must contain the canonical form of the corresponding parameter's typeName as defined by the getActions method. An empty methodParams array is used to represent a method signature with no arguments. A value of null indicates that the permission pertains to all methods that match the other parameters of the permission specification without consideration of method signature.
    • EJBMethodPermission

      public EJBMethodPermission(String EJBName, String methodInterface, Method method)
      Creates a new EJBMethodPermission with name corresponding to the EJBName and actions composed from methodInterface, and the Method object.

      A container uses this constructor prior to checking if a caller has permission to call the method of an Jakarta Enterprise Bean.

      Parameters:
      EJBName - The string representation of the name of the Jakarta Enterprise Bean as it appears in the corresponding ejb-name element in the deployment descriptor.
      methodInterface - A string that may be used to specify the Jakarta Enterprise Bean interface to which the permission pertains. A value of null or "", indicates that the permission pertains to all methods that match the other parameters of the permission specification without consideration of the interface they occur on.
      method - an instance of the Java.lang.reflect.Method class corresponding to the method that the container is trying to determine whether the caller has permission to access. This value must not be null.
  • Method Details

    • equals

      public boolean equals(Object o)
      Checks two EJBMethodPermission objects for equality. EJBMethodPermission objects are equivalent if they have case sensitive equivalent name and actions values.

      Two Permission objects, P1 and P2, are equivalent if and only if P1.implies(P2) AND P2.implies(P1).

      Specified by:
      equals in class Permission
      Parameters:
      o - the EJBMethodPermission object being tested for equality with this EJBMethodPermission
      Returns:
      true if the argument EJBMethodPermission object is equivalent to this EJBMethodPermission.
    • getActions

      public String getActions()
      Returns a String containing a canonical representation of the actions of this EJBMethodPermission. The Canonical form of the actions of an EJBMethodPermission is described by the following syntax description.
            methodNameSpec ::= methodName | emptyString
      
            methodInterfaceName ::= String
      
            methodInterfaceSpec ::= methodInterfaceName | emptyString
      
            typeName ::= typeName | typeName []
      
            methodParams ::= typeName | methodParams comma typeName
      
            methodParamsSpec ::= emptyString | methodParams
      
            methodSpec ::= null |
                 methodName |
                 methodNameSpec comma methodInterfaceName |
                 methodNameSpec comma methodInterfaceSpec comma methodParamsSpec
       

      The canonical form of each typeName must begin with the fully qualified Java name of the corresponding parameter's type. The canonical form of a typeName for an array parameter is the fully qualified Java name of the array's component type followed by as many instances of the string "[]" as there are dimensions to the array. No additional characters (e.g. blanks) may occur in the canonical form.

      A MethodInterfaceName is a non-empty String and should contain a method-intf value as defined for use in Jakarta Enterprise Beans deployment descriptors. An implementation must be flexible such that it supports additional interface names especially if they are standardized by the Jakarta Enterprise Beans Specification. The Jakarta Enterprise Beans Specification currently defines the following method-intf values:

       { "Home", "LocalHome", "Remote", "Local", "ServiceEndpoint" }
       
      Specified by:
      getActions in class Permission
      Returns:
      a String containing the canonicalized actions of this EJBMethodPermission.
    • hashCode

      public int hashCode()
      Returns the hash code value for this EJBMethodPermission.

      The properties of the returned hash code must be as follows:

      • During the lifetime of a Java application, the hashCode method must return the same integer value every time it is called on a EJBMethodPermission object. The value returned by hashCode for a particular EJBMethodPermission need not remain consistent from one execution of an application to another.
      • If two EJBMethodPermission objects are equal according to the equals method, then calling the hashCode method on each of the two Permission objects must produce the same integer result (within an application).
      Specified by:
      hashCode in class Permission
      Returns:
      the integer hash code value for this object.
    • implies

      public boolean implies(Permission permission)
      Determines if the argument Permission is "implied by" this EJBMethodPermission.

      For this to be the case,

      • The argument must be an instanceof EJBMethodPermission
      • with name equivalent to that of this EJBMethodPermission, and
      • the methods to which the argument permission applies (as defined in its actions) must be a subset of the methods to which this EJBMethodPermission applies (as defined in its actions).

      The argument permission applies to a subset of the methods to which this permission applies if all of the following conditions are met.

      • the method name component of the methodNameSpec of this permission is null, the empty string, or equivalent to the method name of the argument permission, and
      • the method interface component of the methodNameSpec of this permission is null, the empty string, or equivalent to the method interface of the argument permission, and
      • the method parameter list component of the methodNameSpec of this permission is null, the empty string, or equivalent to the method parameter list of the argument permission.

      The name and actions comparisons described above are case sensitive.

      Specified by:
      implies in class Permission
      Parameters:
      permission - "this" EJBMethodPermission is checked to see if it implies the argument permission.
      Returns:
      true if the specified permission is implied by this object, false if not.