This Permission class protects access to private credential objects belonging to a Subject (as specified by a set of one or more Principal objects). Application programmers rarely need to use it. System programmers implementing new private credentials classes may need to use it, and system administrators configuring security policy files should be familiar with it.

The only defined action for PrivateCredentialPermssion is "read". The target name for this permission has a complex syntax and specifies the name of the credential class and a list of one or more principals. Each principal is specified as the name of the Principal class followed by the principal name in quotes. For example, a security policy file might contain a statement like the following to allow permission to read the private KerberosKey credentials of a KerberosPrincipal named "david".

permission javax.security.auth.PrivateCredentialPermission
    "javax.security.auth.kerberos.KerberosKey \
             javax.security.auth.kerberos.KerberosPrincipal \"david\"",
    "read";

The target name syntax for PrivateCredentialPermission also allows the use of the "*" wildcard in place of the credential class name or in place of the Principal class name and/or name.

Figure 19-2. javax.security.auth.PrivateCredentialPermission

public final class PrivateCredentialPermission extends java.security.Permission {
// Public Constructors
     public PrivateCredentialPermission(String name, String actions);  
// Public Instance Methods
     public String getCredentialClass( );  
     public String[ ][ ] getPrincipals( );  
// Public Methods Overriding Permission
     public boolean equals(Object obj);  
     public String getActions( );  
     public int hashCode( );  
     public boolean implies(java.security.Permission p);  
     public java.security.PermissionCollection newPermissionCollection( );     constant
}