Manualshelf

User guide

ManualsBrandsRed Hat ManualsComputer equipmentNETSCAPE ENTERPRISE SERVER 6.0 - NSAPI PROGRAMMER GUIDE
251252253254255256257258259260
Developing Java Applications
7-15
}
try{
System.out.println("user.home=" + System.getProperty("user.home"));
}catch(AccessControlException ex){
System.out.println("This user does not have a permission to " +
"read user.home property");
}
return null;
}
}
A run method is executed with the access permission for principal information by passing the Subject
object and instances in the above classes to the Subject doAs method.
The code is shown below.
PrivilegedAction myAction = new ISSsoAction();
subject.doAs(subject, myAction);
To provide access permission to principal information, write a security policy file. For security policy file
details, refer to Creating a Security Policy File.
Authorization with Role Set
The JAAS authorization function cannot execute authorization by using the role set name. In a Java
application, if an authenticated user belongs to a role set, authorization is executed using the role name
in the role set.
Authorization by Re-authentication Intervals
The JAAS authorization function cannot execute authorization by using the re-authentication interval
contained in the authentication information for an authenticated user in an authentication server. A Java
application can use the ISAuthorizationCredential object getExpiration method to obtain and check the
re-authentication interval.