|
|
|
com.sssw.jbroker.ORBPermission |
"shutdown" |
|
com.sssw.jbroker.InitialReferencesPermission |
OR "*" (any name) |
|
com.sssw.jbroker.TransactionServicePermission |
|
|
com.sssw.jbroker.POAPermission |
"destroy" "manage" |
|
com.sssw.jbroker.SecurityServicePermission |
"unsetContext" "setPrincipal"* "unsetPrincipal"* |
"orb" |
com.sssw.jbroker.NameServicePermission |
|
|
com.sssw.jbroker.SSLPermission |
"enableV2" "addClientHandler" "addServerHandler" "addCertChain" "addCACert" "setCipherSuites" |
|
Here is a brief description of each ORB permission.
Note: To run with Java 2 security turned ON, you need to install the ORB as a Java 2 Extension. The ORB is installed as a Java 2 extension in the JRE that ships with the Novell exteNd Messaging Platform.
ORB Permission
The two ORB permissions are - create, and shutdown. The caller needs to have the create ORB permission to be able to create an instance of the (non-singleton) ORB. This permission is checked when ORB.init is called for creating a non-singleton application ORB. The shutdown ORB permission is checked when the orb.shutdown method is called.InitialReferences Permission
The InitialReferencesPermission is used to protect the reading/writing of initial references. The name of the permission is either the name of the initial object reference or "*", which represents all initial object names. The two actions that are supported are - read, and write. The permission for the read action is checked when ORB.resolve_initial_references is called. The permission for write action is checked when the bind method on the InitialReferencesService (IRS) is called.Transaction Service Permission
The TransactionService permission is used to specify the Java Class name that can be instantiated as a Transaction Service and identified to the TSIdentification interface.POA Permission
The POA permissions protect the creation, destruction, and management (via the POA Manager) of POA instances. Three names defined are - create, destroy, and manage, which are checked whan POA.create_POA, POA.destroy, and POA.the_POAManager methods are called respectively.SecurityService Permission
The SecurityService Permissions are checked to ensure that only trusted code can set/get thread/ORB level SecurityContexts.NameService Permission
The NameService permissions are checked before the NameServiceFactory can create a transient or a persistent NameService instance.SSL Permission
The various SSL Permissions protect the methods in the CertificateManager Interface.
//
// Java 2 Security Policy file for ORB examples // // permissions for ORB examples
permission java.net.SocketPermission
permission java.util.PropertyPermission
permission com.sssw.jbroker.ORBPermission "create";
permission com.sssw.jbroker.InitialReferencesPermission
permission com.sssw.jbroker.SecurityServicePermission
permission com.sssw.jbroker.NameServicePermission
permission com.sssw.jbroker.TransactionServicePermission
permission com.sssw.jbroker.POAPermission "create";
permission com.sssw.jbroker.SSLPermission "*";
|