In addition to the access control checks performed by JGSS, the Java™ virtual
machine (JVM) performs authorization checks when accessing a variety of resources,
including files, Java properties, packages, and sockets.
For more information about using JVM permissions, see Permissions
in the Java 2 SDK.
The following list identifies the permissions required when you use the
JAAS features of JGSS or use JGSS with a security manager:
- javax.security.auth.AuthPermission "modifyPrincipals"
- javax.security.auth.AuthPermission "modifyPrivateCredentials"
- javax.security.auth.AuthPermission "getSubject"
- javax.security.auth.PrivateCredentialPermission "javax.security.auth.kerberos.KerberosKey
javax.security.auth.kerberos.KerberosPrincipal \"*\"", "read"
- javax.security.auth.PrivateCredentialPermission "javax.security.auth.kerberos.KerberosTicket
javax.security.auth.kerberos.KerberosPrincipal \"*\"", "read"
- java.util.PropertyPermission "com.ibm.security.jgss.debug", "read"
- java.util.PropertyPermission "DEBUG", "read"
- java.util.PropertyPermission "java.home", "read"
- java.util.PropertyPermission "java.security.krb5.conf", "read"
- java.util.PropertyPermission "java.security.krb5.kdc", "read"
- java.util.PropertyPermission "java.security.krb5.realm", "read"
- java.util.PropertyPermission "javax.security.auth.useSubjectCredsOnly",
"read"
- java.util.PropertyPermission "user.dir", "read"
- java.util.PropertyPermission "user.home", "read"
- java.lang.RuntimePermission "accessClassInPackage.sun.security.action"
- java.security.SecurityPermission "putProviderProperty.IBMJGSSProvider"