Subject (Java SE 11 & JDK 11 ) (original) (raw)
- All Implemented Interfaces:
[Serializable](../../../java/io/Serializable.html "interface in java.io")
public final class Subject
extends Object
implements Serializable
A Subject represents a grouping of related information for a single entity, such as a person. Such information includes the Subject's identities as well as its security-related attributes (passwords and cryptographic keys, for example).
Subjects may potentially have multiple identities. Each identity is represented as a Principal within the Subject. Principals simply bind names to aSubject. For example, a Subject that happens to be a person, Alice, might have two Principals: one which binds "Alice Bar", the name on her driver license, to the Subject, and another which binds, "999-99-9999", the number on her student identification card, to the Subject. Both Principals refer to the sameSubject even though each has a different name.
A Subject may also own security-related attributes, which are referred to as credentials. Sensitive credentials that require special protection, such as private cryptographic keys, are stored within a private credentialSet. Credentials intended to be shared, such as public key certificates or Kerberos server tickets are stored within a public credential Set. Different permissions are required to access and modify the different credential Sets.
To retrieve all the Principals associated with a Subject, invoke the getPrincipals method. To retrieve all the public or private credentials belonging to a Subject, invoke the getPublicCredentials method orgetPrivateCredentials method, respectively. To modify the returned Set of Principals and credentials, use the methods defined in the Set class. For example:
Subject subject;
Principal principal;
Object credential;
// add a Principal and credential to the Subject
subject.getPrincipals().add(principal);
subject.getPublicCredentials().add(credential);
This Subject class implements Serializable. While the Principals associated with the Subject are serialized, the credentials associated with the Subject are not. Note that the java.security.Principal class does not implement Serializable. Therefore all concretePrincipal implementations associated with Subjects must implement Serializable.
Since:
1.4
See Also:
Principal, DomainCombiner, Serialized Form
Constructor Detail
* #### Subject public Subject() Create an instance of a `Subject` with an empty `Set` of Principals and empty Sets of public and private credentials. The newly constructed Sets check whether this `Subject` has been set read-only before permitting subsequent modifications. The newly created Sets also prevent illegal modifications by ensuring that callers have sufficient permissions. These Sets also prohibit null elements, and attempts to add or query a null element will result in a `NullPointerException`. To modify the Principals Set, the caller must have`AuthPermission("modifyPrincipals")`. To modify the public credential Set, the caller must have`AuthPermission("modifyPublicCredentials")`. To modify the private credential Set, the caller must have`AuthPermission("modifyPrivateCredentials")`. * #### Subject public Subject(boolean readOnly, [Set](../../../java/util/Set.html "interface in java.util")<? extends [Principal](../../../java/security/Principal.html "interface in java.security")> principals, [Set](../../../java/util/Set.html "interface in java.util")<?> pubCredentials, [Set](../../../java/util/Set.html "interface in java.util")<?> privCredentials) Create an instance of a `Subject` with Principals and credentials. The Principals and credentials from the specified Sets are copied into newly constructed Sets. These newly created Sets check whether this `Subject` has been set read-only before permitting subsequent modifications. The newly created Sets also prevent illegal modifications by ensuring that callers have sufficient permissions. These Sets also prohibit null elements, and attempts to add or query a null element will result in a `NullPointerException`. To modify the Principals Set, the caller must have`AuthPermission("modifyPrincipals")`. To modify the public credential Set, the caller must have`AuthPermission("modifyPublicCredentials")`. To modify the private credential Set, the caller must have`AuthPermission("modifyPrivateCredentials")`. Parameters: `readOnly` \- true if the `Subject` is to be read-only, and false otherwise. `principals` \- the `Set` of Principals to be associated with this `Subject`. `pubCredentials` \- the `Set` of public credentials to be associated with this `Subject`. `privCredentials` \- the `Set` of private credentials to be associated with this `Subject`. Throws: `[NullPointerException](../../../java/lang/NullPointerException.html "class in java.lang")` \- if the specified`principals`, `pubCredentials`, or `privCredentials` are `null`, or a null value exists within any of these three Sets.Method Detail
* #### setReadOnly public void setReadOnly() Set this `Subject` to be read-only. Modifications (additions and removals) to this Subject's`Principal` `Set` and credential Sets will be disallowed. The `destroy` operation on this Subject's credentials will still be permitted. Subsequent attempts to modify the Subject's `Principal` and credential Sets will result in an`IllegalStateException` being thrown. Also, once a `Subject` is read-only, it can not be reset to being writable again. Throws: `[SecurityException](../../../java/lang/SecurityException.html "class in java.lang")` \- if a security manager is installed and the caller does not have an[AuthPermission("setReadOnly")](AuthPermission.html#%3Cinit%3E%28java.lang.String%29) permission to set this`Subject` to be read-only. * #### isReadOnly public boolean isReadOnly() Query whether this `Subject` is read-only. Returns: true if this `Subject` is read-only, false otherwise. * #### getSubject public static [Subject](Subject.html "class in javax.security.auth") getSubject([AccessControlContext](../../../java/security/AccessControlContext.html "class in java.security") acc) Get the `Subject` associated with the provided`AccessControlContext`. The `AccessControlContext` may contain many Subjects (from nested `doAs` calls). In this situation, the most recent `Subject` associated with the `AccessControlContext` is returned. Parameters: `acc` \- the `AccessControlContext` from which to retrieve the `Subject`. Returns: the `Subject` associated with the provided`AccessControlContext`, or `null` if no `Subject` is associated with the provided `AccessControlContext`. Throws: `[SecurityException](../../../java/lang/SecurityException.html "class in java.lang")` \- if a security manager is installed and the caller does not have an[AuthPermission("getSubject")](AuthPermission.html#%3Cinit%3E%28java.lang.String%29) permission to get the`Subject`. `[NullPointerException](../../../java/lang/NullPointerException.html "class in java.lang")` \- if the provided`AccessControlContext` is `null`. * #### doAs public static <T> T doAs([Subject](Subject.html "class in javax.security.auth") subject, [PrivilegedAction](../../../java/security/PrivilegedAction.html "interface in java.security")<T> action) Perform work as a particular `Subject`. This method first retrieves the current Thread's`AccessControlContext` via`AccessController.getContext`, and then instantiates a new `AccessControlContext` using the retrieved context along with a new`SubjectDomainCombiner` (constructed using the provided `Subject`). Finally, this method invokes `AccessController.doPrivileged`, passing it the provided `PrivilegedAction`, as well as the newly constructed `AccessControlContext`. Type Parameters: `T` \- the type of the value returned by the PrivilegedAction's`run` method. Parameters: `subject` \- the `Subject` that the specified`action` will run as. This parameter may be `null`. `action` \- the code to be run as the specified`Subject`. Returns: the value returned by the PrivilegedAction's`run` method. Throws: `[NullPointerException](../../../java/lang/NullPointerException.html "class in java.lang")` \- if the `PrivilegedAction` is `null`. `[SecurityException](../../../java/lang/SecurityException.html "class in java.lang")` \- if a security manager is installed and the caller does not have an[AuthPermission("doAs")](AuthPermission.html#%3Cinit%3E%28java.lang.String%29) permission to invoke this method. * #### doAs public static <T> T doAs([Subject](Subject.html "class in javax.security.auth") subject, [PrivilegedExceptionAction](../../../java/security/PrivilegedExceptionAction.html "interface in java.security")<T> action) throws [PrivilegedActionException](../../../java/security/PrivilegedActionException.html "class in java.security") Perform work as a particular `Subject`. This method first retrieves the current Thread's`AccessControlContext` via`AccessController.getContext`, and then instantiates a new `AccessControlContext` using the retrieved context along with a new`SubjectDomainCombiner` (constructed using the provided `Subject`). Finally, this method invokes `AccessController.doPrivileged`, passing it the provided `PrivilegedExceptionAction`, as well as the newly constructed `AccessControlContext`. Type Parameters: `T` \- the type of the value returned by the PrivilegedExceptionAction's `run` method. Parameters: `subject` \- the `Subject` that the specified`action` will run as. This parameter may be `null`. `action` \- the code to be run as the specified`Subject`. Returns: the value returned by the PrivilegedExceptionAction's `run` method. Throws: `[PrivilegedActionException](../../../java/security/PrivilegedActionException.html "class in java.security")` \- if the`PrivilegedExceptionAction.run` method throws a checked exception. `[NullPointerException](../../../java/lang/NullPointerException.html "class in java.lang")` \- if the specified`PrivilegedExceptionAction` is`null`. `[SecurityException](../../../java/lang/SecurityException.html "class in java.lang")` \- if a security manager is installed and the caller does not have an[AuthPermission("doAs")](AuthPermission.html#%3Cinit%3E%28java.lang.String%29) permission to invoke this method. * #### doAsPrivileged public static <T> T doAsPrivileged([Subject](Subject.html "class in javax.security.auth") subject, [PrivilegedAction](../../../java/security/PrivilegedAction.html "interface in java.security")<T> action, [AccessControlContext](../../../java/security/AccessControlContext.html "class in java.security") acc) Perform privileged work as a particular `Subject`. This method behaves exactly as `Subject.doAs`, except that instead of retrieving the current Thread's`AccessControlContext`, it uses the provided`AccessControlContext`. If the provided`AccessControlContext` is `null`, this method instantiates a new `AccessControlContext` with an empty collection of ProtectionDomains. Type Parameters: `T` \- the type of the value returned by the PrivilegedAction's`run` method. Parameters: `subject` \- the `Subject` that the specified`action` will run as. This parameter may be `null`. `action` \- the code to be run as the specified`Subject`. `acc` \- the `AccessControlContext` to be tied to the specified _subject_ and _action_. Returns: the value returned by the PrivilegedAction's`run` method. Throws: `[NullPointerException](../../../java/lang/NullPointerException.html "class in java.lang")` \- if the `PrivilegedAction` is `null`. `[SecurityException](../../../java/lang/SecurityException.html "class in java.lang")` \- if a security manager is installed and the caller does not have a[AuthPermission("doAsPrivileged")](AuthPermission.html#%3Cinit%3E%28java.lang.String%29) permission to invoke this method. * #### doAsPrivileged public static <T> T doAsPrivileged([Subject](Subject.html "class in javax.security.auth") subject, [PrivilegedExceptionAction](../../../java/security/PrivilegedExceptionAction.html "interface in java.security")<T> action, [AccessControlContext](../../../java/security/AccessControlContext.html "class in java.security") acc) throws [PrivilegedActionException](../../../java/security/PrivilegedActionException.html "class in java.security") Perform privileged work as a particular `Subject`. This method behaves exactly as `Subject.doAs`, except that instead of retrieving the current Thread's`AccessControlContext`, it uses the provided`AccessControlContext`. If the provided`AccessControlContext` is `null`, this method instantiates a new `AccessControlContext` with an empty collection of ProtectionDomains. Type Parameters: `T` \- the type of the value returned by the PrivilegedExceptionAction's `run` method. Parameters: `subject` \- the `Subject` that the specified`action` will run as. This parameter may be `null`. `action` \- the code to be run as the specified`Subject`. `acc` \- the `AccessControlContext` to be tied to the specified _subject_ and _action_. Returns: the value returned by the PrivilegedExceptionAction's `run` method. Throws: `[PrivilegedActionException](../../../java/security/PrivilegedActionException.html "class in java.security")` \- if the`PrivilegedExceptionAction.run` method throws a checked exception. `[NullPointerException](../../../java/lang/NullPointerException.html "class in java.lang")` \- if the specified`PrivilegedExceptionAction` is`null`. `[SecurityException](../../../java/lang/SecurityException.html "class in java.lang")` \- if a security manager is installed and the caller does not have a[AuthPermission("doAsPrivileged")](AuthPermission.html#%3Cinit%3E%28java.lang.String%29) permission to invoke this method. * #### getPrincipals public [Set](../../../java/util/Set.html "interface in java.util")<[Principal](../../../java/security/Principal.html "interface in java.security")> getPrincipals() Return the `Set` of Principals associated with this`Subject`. Each `Principal` represents an identity for this `Subject`. The returned `Set` is backed by this Subject's internal `Principal` `Set`. Any modification to the returned `Set` affects the internal`Principal` `Set` as well. If a security manager is installed, the caller must have a[AuthPermission("modifyPrincipals")](AuthPermission.html#%3Cinit%3E%28java.lang.String%29) permission to modify the returned set, or a `SecurityException` will be thrown. Returns: the `Set` of Principals associated with this`Subject`. * #### getPrincipals public <T extends [Principal](../../../java/security/Principal.html "interface in java.security")> [Set](../../../java/util/Set.html "interface in java.util")<T> getPrincipals([Class](../../../java/lang/Class.html "class in java.lang")<T> c) Return a `Set` of Principals associated with this`Subject` that are instances or subclasses of the specified`Class`. The returned `Set` is not backed by this Subject's internal `Principal` `Set`. A new`Set` is created and returned for each method invocation. Modifications to the returned `Set` will not affect the internal `Principal` `Set`. Type Parameters: `T` \- the type of the class modeled by `c` Parameters: `c` \- the returned `Set` of Principals will all be instances of this class. Returns: a `Set` of Principals that are instances of the specified `Class`. Throws: `[NullPointerException](../../../java/lang/NullPointerException.html "class in java.lang")` \- if the specified `Class` is `null`. * #### getPublicCredentials public [Set](../../../java/util/Set.html "interface in java.util")<[Object](../../../java/lang/Object.html "class in java.lang")> getPublicCredentials() Return the `Set` of public credentials held by this`Subject`. The returned `Set` is backed by this Subject's internal public Credential `Set`. Any modification to the returned `Set` affects the internal public Credential `Set` as well. If a security manager is installed, the caller must have a[AuthPermission("modifyPublicCredentials")](AuthPermission.html#%3Cinit%3E%28java.lang.String%29) permission to modify the returned set, or a `SecurityException` will be thrown. Returns: a `Set` of public credentials held by this`Subject`. * #### getPrivateCredentials public [Set](../../../java/util/Set.html "interface in java.util")<[Object](../../../java/lang/Object.html "class in java.lang")> getPrivateCredentials() Return the `Set` of private credentials held by this`Subject`. The returned `Set` is backed by this Subject's internal private Credential `Set`. Any modification to the returned `Set` affects the internal private Credential `Set` as well. If a security manager is installed, the caller must have a[AuthPermission("modifyPrivateCredentials")](AuthPermission.html#%3Cinit%3E%28java.lang.String%29) permission to modify the returned set, or a `SecurityException` will be thrown. While iterating through the `Set`, a `SecurityException` is thrown if a security manager is installed and the caller does not have a [PrivateCredentialPermission](PrivateCredentialPermission.html "class in javax.security.auth") to access a particular Credential. The `Iterator` is nevertheless advanced to the next element in the `Set`. Returns: a `Set` of private credentials held by this`Subject`. * #### getPublicCredentials public <T> [Set](../../../java/util/Set.html "interface in java.util")<T> getPublicCredentials([Class](../../../java/lang/Class.html "class in java.lang")<T> c) Return a `Set` of public credentials associated with this`Subject` that are instances or subclasses of the specified`Class`. The returned `Set` is not backed by this Subject's internal public Credential `Set`. A new`Set` is created and returned for each method invocation. Modifications to the returned `Set` will not affect the internal public Credential `Set`. Type Parameters: `T` \- the type of the class modeled by `c` Parameters: `c` \- the returned `Set` of public credentials will all be instances of this class. Returns: a `Set` of public credentials that are instances of the specified `Class`. Throws: `[NullPointerException](../../../java/lang/NullPointerException.html "class in java.lang")` \- if the specified `Class` is `null`. * #### getPrivateCredentials public <T> [Set](../../../java/util/Set.html "interface in java.util")<T> getPrivateCredentials([Class](../../../java/lang/Class.html "class in java.lang")<T> c) Return a `Set` of private credentials associated with this`Subject` that are instances or subclasses of the specified`Class`. If a security manager is installed, the caller must have a[PrivateCredentialPermission](PrivateCredentialPermission.html "class in javax.security.auth") to access all of the requested Credentials, or a `SecurityException` will be thrown. The returned `Set` is not backed by this Subject's internal private Credential `Set`. A new`Set` is created and returned for each method invocation. Modifications to the returned `Set` will not affect the internal private Credential `Set`. Type Parameters: `T` \- the type of the class modeled by `c` Parameters: `c` \- the returned `Set` of private credentials will all be instances of this class. Returns: a `Set` of private credentials that are instances of the specified `Class`. Throws: `[NullPointerException](../../../java/lang/NullPointerException.html "class in java.lang")` \- if the specified `Class` is `null`. * #### equals public boolean equals([Object](../../../java/lang/Object.html "class in java.lang") o) Compares the specified Object with this `Subject` for equality. Returns true if the given object is also a Subject and the two `Subject` instances are equivalent. More formally, two `Subject` instances are equal if their `Principal` and `Credential` Sets are equal. Overrides: `[equals](../../../java/lang/Object.html#equals%28java.lang.Object%29)` in class `[Object](../../../java/lang/Object.html "class in java.lang")` Parameters: `o` \- Object to be compared for equality with this`Subject`. Returns: true if the specified Object is equal to this`Subject`. Throws: `[SecurityException](../../../java/lang/SecurityException.html "class in java.lang")` \- if a security manager is installed and the caller does not have a [PrivateCredentialPermission](PrivateCredentialPermission.html "class in javax.security.auth") permission to access the private credentials for this`Subject` or the provided `Subject`. See Also: [Object.hashCode()](../../../java/lang/Object.html#hashCode%28%29), [HashMap](../../../java/util/HashMap.html "class in java.util") * #### toString public [String](../../../java/lang/String.html "class in java.lang") toString() Return the String representation of this `Subject`. Overrides: `[toString](../../../java/lang/Object.html#toString%28%29)` in class `[Object](../../../java/lang/Object.html "class in java.lang")` Returns: the String representation of this `Subject`. * #### hashCode public int hashCode() Returns a hashcode for this `Subject`. Overrides: `[hashCode](../../../java/lang/Object.html#hashCode%28%29)` in class `[Object](../../../java/lang/Object.html "class in java.lang")` Returns: a hashcode for this `Subject`. Throws: `[SecurityException](../../../java/lang/SecurityException.html "class in java.lang")` \- if a security manager is installed and the caller does not have a [PrivateCredentialPermission](PrivateCredentialPermission.html "class in javax.security.auth") permission to access this Subject's private credentials. See Also: [Object.equals(java.lang.Object)](../../../java/lang/Object.html#equals%28java.lang.Object%29), [System.identityHashCode(java.lang.Object)](../../../java/lang/System.html#identityHashCode%28java.lang.Object%29)