sun.security.provider.PolicyFile.
             This class is entirely deprecated.@Exported(value=false) @Deprecated public class PolicyFile extends Policy
javax.security.auth.Policy.
  This object stores the policy for entire Java runtime,
 and is the amalgamation of multiple static policy
 configurations that resides in files.
 The algorithm for locating the policy file(s) and reading their
 information into this Policy object is:
 
URL pointing to a
   policy file to be loaded.  Read in and load each policy.
 java.lang.System property java.security.auth.policy
   may also be set to a URL pointing to another policy file
   (which is the case when a user uses the -D switch at runtime).
   If this property is defined, and its use is allowed by the
   security property file (the Security property,
   policy.allowSystemProperty is set to true),
   also load that policy.
 
   grant signedBy "alias", codeBase "URL",
         principal principalClass "principalName",
         principal principalClass "principalName",
         ... {
     permission Type "name "action",
         signedBy "alias";
     permission Type "name "action",
         signedBy "alias";
     ....
   };
 
 All non-bold items above must appear as is (although case
 doesn't matter and some are optional, as noted below).
 Italicized items represent variable values.
  A grant entry must begin with the word grant.
 The signedBy and codeBase
 name/value pairs are optional.
 If they are not present, then any signer (including unsigned code)
 will match, and any codeBase will match.  Note that the
 principal name/value pair is not optional.
 This Policy implementation only permits
 Principal-based grant entries.  Note that the principalClass
 may be set to the wildcard value, *, which allows it to match
 any Principal class.  In addition, the principalName
 may also be set to the wildcard value, *, allowing it to match
 any Principal name.  When setting the principalName
 to the *, do not surround the * with quotes.
 
 A permission entry must begin with the word permission.
 The word Type in the template above is
 a specific permission type, such as java.io.FilePermission
 or java.lang.RuntimePermission.
 
 The "action" is required for
 many permission types, such as java.io.FilePermission
 (where it specifies what type of file access that is permitted).
 It is not required for categories such as
 java.lang.RuntimePermission
 where it is not necessary - you either have the
 permission specified by the "name"
 value following the type name or you don't.
 
 The signedBy name/value pair for a permission entry
 is optional. If present, it indicates a signed permission. That is,
 the permission class itself must be signed by the given alias in
 order for it to be granted. For example,
 suppose you have the following grant entry:
 
   grant principal foo.com.Principal "Duke" {
     permission Foo "foobar", signedBy "FooSoft";
   }
 
  Then this permission of type Foo is granted if the
 Foo.class permission has been signed by the
 "FooSoft" alias, or if Foo.class is a
 system class (i.e., is found on the CLASSPATH).
 
 Items that appear in an entry must appear in the specified order
 (permission, Type, "name", and
 "action"). An entry is terminated with a semicolon.
 
 Case is unimportant for the identifiers (permission,
 signedBy, codeBase, etc.) but is
 significant for the Type
 or for any string that is passed in as a value. 
An example of two entries in a policy configuration file is
   // if the code is comes from "foo.com" and is running as "Duke",
   // grant it read/write to all files in /tmp.
   grant codeBase "foo.com", principal foo.com.Principal "Duke" {
              permission java.io.FilePermission "/tmp/*", "read,write";
   };
   // grant any code running as "Duke" permission to read
   // the "java.vendor" Property.
   grant principal foo.com.Principal "Duke" {
         permission java.util.PropertyPermission "java.vendor";
 
  This Policy implementation supports
 special handling for PrivateCredentialPermissions.
 If a grant entry is configured with a
 PrivateCredentialPermission,
 and the "Principal Class/Principal Name" for that
 PrivateCredentialPermission is "self",
 then the entry grants the specified Subject permission to
 access its own private Credential.  For example,
 the following grants the Subject "Duke"
 access to its own a.b.Credential.
 
   grant principal foo.com.Principal "Duke" {
      permission javax.security.auth.PrivateCredentialPermission
              "a.b.Credential self",
              "read";
    };
 
 The following grants the Subject "Duke"
 access to all of its own private Credentials:
 
   grant principal foo.com.Principal "Duke" {
      permission javax.security.auth.PrivateCredentialPermission
              "* self",
              "read";
    };
 
 The following grants all Subjects authenticated as a
 SolarisPrincipal (regardless of their respective names)
 permission to access their own private Credentials:
 
   grant principal com.sun.security.auth.SolarisPrincipal * {
      permission javax.security.auth.PrivateCredentialPermission
              "* self",
              "read";
    };
 
 The following grants all Subjects permission to access their own
 private Credentials:
 
   grant principal * * {
      permission javax.security.auth.PrivateCredentialPermission
              "* self",
              "read";
    };
 CodeSource, 
Permissions, 
ProtectionDomain, 
security properties| Constructor and Description | 
|---|
| PolicyFile()Deprecated.  Initializes the Policy object and reads the default policy
 configuration file(s) into the Policy object. | 
| Modifier and Type | Method and Description | 
|---|---|
| PermissionCollection | getPermissions(Subject subject,
              CodeSource codesource)Deprecated.  Examines this  Policyand returns the Permissions granted
 to the specifiedSubjectandCodeSource. | 
| void | refresh()Deprecated.  Refreshes the policy object by re-reading all the policy files. | 
public PolicyFile()
public void refresh()
refresh in class PolicySecurityException - if the caller doesn't have permission
          to refresh the Policy.public PermissionCollection getPermissions(Subject subject, CodeSource codesource)
Policy and returns the Permissions granted
 to the specified Subject and CodeSource.
  Permissions for a particular grant entry are returned
 if the CodeSource constructed using the codebase and
 signedby values specified in the entry implies
 the CodeSource provided to this method, and if the
 Subject provided to this method contains all of the
 Principals specified in the entry.
 
 The Subject provided to this method contains all
 of the Principals specified in the entry if, for each
 Principal, "P1", specified in the grant entry
 one of the following two conditions is met:
 
Subject has a
      Principal, "P2", where
      P2.getClass().getName() equals the
      P1's class name, and where
      P2.getName() equals the P1's name.
 com.sun.security.auth.PrincipalComparator,
      and P1.implies the provided Subject.
  Note that this Policy implementation has
 special handling for PrivateCredentialPermissions.
 When this method encounters a PrivateCredentialPermission
 which specifies "self" as the Principal class and name,
 it does not add that Permission to the returned
 PermissionCollection.  Instead, it builds
 a new PrivateCredentialPermission
 for each Principal associated with the provided
 Subject.  Each new PrivateCredentialPermission
 contains the same Credential class as specified in the
 originally granted permission, as well as the Class and name
 for the respective Principal.
 
getPermissions in class Policysubject - the Permissions granted to this Subject
          and the additionally provided CodeSource
          are returned. codesource - the Permissions granted to this CodeSource
          and the additionally provided Subject
          are returned.Subject
          CodeSource.
 Copyright © 1998, 2017, Oracle and/or its affiliates.  All rights reserved.