com.sas.services.security
Class SecurityUtil

com.sas.services.security.SecurityUtil

public final class SecurityUtil


Method Summary
static void checkPermission(UserContextInterface user, java.security.Permission permission)
          This method performs a permission check.
 

Method Detail

checkPermission

public static void checkPermission(UserContextInterface user,
                                   java.security.Permission permission)
                            throws java.security.AccessControlException
This method performs a permission check. If the stack indicates that the call is being made remotely, the check is done in such a way that the codebase is ignored. This because the Services are granted most permissions, and since the call stack in a remote call is Java Runtime classes up to the service call, effectively there's no permission check on the client code. The only way around this is to force a check based on the Subject. Local invocations and invocations made by local services, even if the original call was remote are checked using the standard access control checking mechanism. This method no longer bypasses or ignores the Securty Manager. If the security manager is not enabled, then skip the check altogether. If it is enabled, use it on the local check.

Parameters:
user - A UserContext through which to get a Subject whose principals are checked for the correct permission.
permission - The permission required by the caller.
Throws:
java.security.AccessControlException - If the permission isn't granted.



Copyright © 2009 SAS Institute Inc. All Rights Reserved.