PolicyConfiguration (Java EE 5)

Java EE API


javax.security.jacc Interface PolicyConfiguration


public interface PolicyConfiguration


容器使用此接口的方法在 Policy 提供者中创建策略语句。实现 PolicyConfiguration 接口的对象为相应 Policy 提供者的相应策略上下文提供策略语句配置接口。

策略上下文的生命周期定义有三个状态:"open"、"inService" 和 "deleted"。策略上下文处于这三种状态之一。

"open" 状态的策略上下文处于配置过程中,可以被 PolicyConfiguration 接口的任何方法操作。处于 "open" 状态的策略上下文不得使用 Policy.refresh 合并到 Policy 提供者执行其访问决定时所使用的策略语句中。为了让关联提供者合并策略上下文的策略语句,策略上下文必须处于 "inService" 状态。调用 commit 方法可以将处于 "open" 状态的策略上下文转换为 "inService" 状态。

处于 "inService" 状态的策略上下文可以合并到关联 Policy 提供者用于执行访问决定的策略语句。当调用提供者的 refresh 方法时,提供者合并包含策略语句的策略上下文。当调用提供者的 refresh 方法时,只能合并状态为 "inService" 的策略上下文,并必须确保置入每个策略上下文服务中的策略语句只包含调用 refresh 时在上下文中定义的那些语句。处于 "inService" 状态的策略上下文无法进行其他配置,可以通过调用 PolicyConfigurationFactory 的 getPolicyConfiguration 方法返回 "open" 状态。

处于 "deleted" 状态的策略上下文不能配置,也不能合并到 Provider。通过调用关联 PolicyConfigurationFactory 的 getPolicyConfiguration 方法,可以回收状态为 "deleted" 的策略上下文,以供后续处理。作为调用 getPolicyConfiguration 的结果返回时,"deleted" 策略上下文将转换为 "open" 状态。

下表说明策略上下文生命周期与 PolicyConfiguration 接口方法之间的对应关系。表的右边 3 列对应于列标题标识的 PolicyConfiguration 状态。这些列单元中的值表示调用相应行最左侧列中标识的方法后得到的下一个状态,或者表示在该列所表示的状态下不支持调用该方法(在此情况下,状态将保持不变)。

PolicyConfiguration 状态表
方法 当前状态到下一个状态
deleted open inService
不支持该操作 open 不支持该操作
不支持该操作 open 不支持该操作
不支持该操作 open 不支持该操作
不支持该操作 inService inService
deleted deleted deleted
deleted open inService
deleted open inService
不支持该操作 open 不支持该操作
不支持该操作 open 不支持该操作
不支持该操作 open 不支持该操作
不支持该操作 open 不支持该操作

要使提供者的实现与多线程环境兼容,可能需要将提供者的 refresh 方法与其 PolicyConfiguration 接口的方法,以及其 PolicyConfigurationFactory 的 getPolicyConfiguration 和 inService 方法相匹配。

英文文档:

The methods of this interface are used by containers to create policy statements in a Policy provider. An object that implements the PolicyConfiguration interface provides the policy statement configuration interface for a corresponding policy context within the corresponding Policy provider.

The life cycle of a policy context is defined by three states; "open", "inService", and "deleted". A policy context is in one of these three states.

A policy context in the "open" state is in the process of being configured, and may be operated on by any of the methods of the PolicyConfiguration interface. A policy context in the "open" state must not be assimilated at Policy.refresh into the policy statements used by the Policy provider in performing its access decisions. In order for the policy statements of a policy context to be assimilated by the associated provider, the policy context must be in the "inService" state. A policy context in the "open" state is transitioned to the "inService" state by calling the commit method.

A policy context in the "inService" state is available for assimilation into the policy statements being used to perform access decisions by the associated Policy provider. Providers assimilate policy contexts containing policy statements when the refresh method of the provider is called. When a provider's refresh method is called, it must assimilate only those policy contexts whose state is "inService" and it must ensure that the policy statements put into service for each policy context are only those defined in the context at the time of the call to refresh. A policy context in the "inService" state is not available for additional configuration and may be returned to the "open" state by calling the getPolicyConfiguration method of the PolicyConfigurationFactory.

A policy context in the "deleted" state is neither available for configuration, nor is it available for assimilation into the Provider. A policy context whose state is "deleted" may be reclaimed for subsequent processing by calling the getPolicyConfiguration method of the associated PolicyConfigurationFactory. A "deleted" policy context is transitioned to the "open" state when it it returned as a result of a call to getPolicyConfiguration.

The following table captures the correspondence between the policy context life cycle and the methods of the PolicyConfiguration interface. The rightmost 3 columns of the table correspond to the PolicyConfiguration state identified at the head of the column. The values in the cells of these columns indicate the next state resulting from a call to the method identifed in the leftmost column of the corresponding row, or that calling the method is unsupported in the state represented by the column (in which case the state will remain unchanged).

PolicyConfiguration State Table
Method Current State to Next State
deleted open inService
Unsupported Operation open Unsupported Operation
Unsupported Operation open Unsupported Operation
Unsupported Operation open Unsupported Operation
Unsupported Operation inService inService
deleted deleted deleted
deleted open inService
deleted open inService
Unsupported Operation open Unsupported Operation
Unsupported Operation open Unsupported Operation
Unsupported Operation open Unsupported Operation
Unsupported Operation open Unsupported Operation

For a provider implementation to be compatible with multi-threaded environments, it may be necessary to synchronize the refresh method of the provider with the methods of its PolicyConfiguration interface and with the getPolicyConfiguration and inService methods of its PolicyConfigurationFactory.

Author:
Ron Monzillo, Gary Ellison
See Also:
Permission, PermissionCollection, PolicyContextException, PolicyConfigurationFactory

Method Summary
 void
 void
 void
 void
 void
 void
 void
 void
 String
 boolean
 void
 void
 void
 void
 

Method Detail

public String getContextID() throws PolicyContextException
此方法返回此对象的策略上下文标识符。
return 此对象的策略上下文标识符。
ThrowsSecurityException: 如果由尚未授予 "setPolicy" SecurityPermission 的 AccessControlContext 调用。
ThrowsPolicyContextException: 如果实现抛出 getContextID 方法签名未知的经过检查的异常。实现类抛出的异常将封装(构造期间)在抛出的 PolicyContextException 中。
英文文档:

getContextID

String getContextID()
                    throws PolicyContextException
This method returns this object's policy context identifier.

Returns:
this object's policy context identifier.
Throws:
SecurityException - if called by an AccessControlContext that has not been granted the "setPolicy" SecurityPermission.
PolicyContextException - if the implementation throws a checked exception that has not been accounted for by the getContextID method signature. The exception thrown by the implementation class will be encapsulated (during construction) in the thrown PolicyContextException.

public void addToRole(String roleName, java.security.PermissionCollection permissions) throws PolicyContextException
用于将权限添加到此 PolicyConfiguration 中的指定角色。如果指定的 Role 不存在于 PolicyConfiguration 中,则调用此函数将创建它。

Policy 提供者负责确保添加到角色的所有权限都遵守“映射到角色”的原则。

roleName 要添加权限的角色的名称。

permissions 要添加到角色的权限 Collection。Collection 可能是同质 Collection,也可能是异构 Collection。
ThrowsSecurityException: 如果由尚未授予 "setPolicy" SecurityPermission 的 AccessControlContext 调用。
ThrowsUnsupportedOperationException: 如果调用此方法时,接口为此 PolicyConfiguration 对象的策略上下文的状态是 "deleted" 或 "inService"。
ThrowsPolicyContextException: 如果实现抛出 addToRole 方法签名未知的经过检查的异常。实现类抛出的异常将封装(构造期间)在抛出的 PolicyContextException 中。

英文文档:

addToRole

void addToRole(String roleName,
               PermissionCollection permissions)
               throws PolicyContextException
Used to add permissions to a named role in this PolicyConfiguration. If the named Role does not exist in the PolicyConfiguration, it is created as a result of the call to this function.

It is the job of the Policy provider to ensure that all the permissions added to a role are granted to principals "mapped to the role".

Parameters:
roleName - the name of the Role to which the permissions are to be added.

permissions - the collection of permissions to be added to the role. The collection may be either a homogenous or heterogenous collection.
Throws:
SecurityException - if called by an AccessControlContext that has not been granted the "setPolicy" SecurityPermission.
UnsupportedOperationException - if the state of the policy context whose interface is this PolicyConfiguration Object is "deleted" or "inService" when this method is called.
PolicyContextException - if the implementation throws a checked exception that has not been accounted for by the addToRole method signature. The exception thrown by the implementation class will be encapsulated (during construction) in the thrown PolicyContextException.

public void addToRole(String roleName, java.security.Permission permission) throws PolicyContextException
用于将单个权限添加到此 PolicyConfiguration 中的指定角色。如果指定的 Role 不存在于 PolicyConfiguration 中,则调用此函数将创建它。

Policy 提供者负责确保添加到角色的所有权限都遵守“映射到角色”的原则。

roleName 要添加权限的角色的名称。

permission 要添加到角色的权限。
ThrowsSecurityException: 如果由尚未授予 "setPolicy" SecurityPermission 的 AccessControlContext 调用。
ThrowsUnsupportedOperationException: 如果调用此方法时,接口为此 PolicyConfiguration 对象的策略上下文的状态是 "deleted" 或 "inService"。
ThrowsPolicyContextException: 如果实现抛出 addToRole 方法签名未知的经过检查的异常。实现类抛出的异常将封装(构造期间)在抛出的 PolicyContextException 中。

英文文档:

addToRole

void addToRole(String roleName,
               Permission permission)
               throws PolicyContextException
Used to add a single permission to a named role in this PolicyConfiguration. If the named Role does not exist in the PolicyConfiguration, it is created as a result of the call to this function.

It is the job of the Policy provider to ensure that all the permissions added to a role are granted to principals "mapped to the role".

Parameters:
roleName - the name of the Role to which the permission is to be added.

permission - the permission to be added to the role.
Throws:
SecurityException - if called by an AccessControlContext that has not been granted the "setPolicy" SecurityPermission.
UnsupportedOperationException - if the state of the policy context whose interface is this PolicyConfiguration Object is "deleted" or "inService" when this method is called.
PolicyContextException - if the implementation throws a checked exception that has not been accounted for by the addToRole method signature. The exception thrown by the implementation class will be encapsulated (during construction) in the thrown PolicyContextException.

public void addToUncheckedPolicy(java.security.PermissionCollection permissions) throws PolicyContextException
用于将未经检查的策略语句添加到此 PolicyConfiguration。

permissions 要作为未经检查的策略语句添加的权限 Collection。Collection 可能是同质 Collection,也可能是异构 Collection。
ThrowsSecurityException: 如果由尚未授予 "setPolicy" SecurityPermission 的 AccessControlContext 调用。
ThrowsUnsupportedOperationException: 如果调用此方法时,接口为此 PolicyConfiguration 对象的策略上下文的状态是 "deleted" 或 "inService"。
ThrowsPolicyContextException: 如果实现抛出 addToUncheckedPolicy 方法签名未知的经过检查的异常。实现类抛出的异常将封装(构造期间)在抛出的 PolicyContextException 中。

英文文档:

addToUncheckedPolicy

void addToUncheckedPolicy(PermissionCollection permissions)
                          throws PolicyContextException
Used to add unchecked policy statements to this PolicyConfiguration.

Parameters:
permissions - the collection of permissions to be added as unchecked policy statements. The collection may be either a homogenous or heterogenous collection.
Throws:
SecurityException - if called by an AccessControlContext that has not been granted the "setPolicy" SecurityPermission.
UnsupportedOperationException - if the state of the policy context whose interface is this PolicyConfiguration Object is "deleted" or "inService" when this method is called.
PolicyContextException - if the implementation throws a checked exception that has not been accounted for by the addToUncheckedPolicy method signature. The exception thrown by the implementation class will be encapsulated (during construction) in the thrown PolicyContextException.

public void addToUncheckedPolicy(java.security.Permission permission) throws PolicyContextException
用于将未经检查的单个策略语句添加到此 PolicyConfiguration。

permission 要添加到未经检查的策略语句的权限。
ThrowsSecurityException: 如果由尚未授予 "setPolicy" SecurityPermission 的 AccessControlContext 调用。
ThrowsUnsupportedOperationException: 如果调用此方法时,接口为此 PolicyConfiguration 对象的策略上下文的状态是 "deleted" 或 "inService"。
ThrowsPolicyContextException: 如果实现抛出 addToUncheckedPolicy 方法签名未知的经过检查的异常。实现类抛出的异常将封装(构造期间)在抛出的 PolicyContextException 中。

英文文档:

addToUncheckedPolicy

void addToUncheckedPolicy(Permission permission)
                          throws PolicyContextException
Used to add a single unchecked policy statement to this PolicyConfiguration.

Parameters:
permission - the permission to be added to the unchecked policy statements.
Throws:
SecurityException - if called by an AccessControlContext that has not been granted the "setPolicy" SecurityPermission.
UnsupportedOperationException - if the state of the policy context whose interface is this PolicyConfiguration Object is "deleted" or "inService" when this method is called.
PolicyContextException - if the implementation throws a checked exception that has not been accounted for by the addToUncheckedPolicy method signature. The exception thrown by the implementation class will be encapsulated (during construction) in the thrown PolicyContextException.

public void addToExcludedPolicy(java.security.PermissionCollection permissions) throws PolicyContextException
用于将已排除的策略语句添加到此 PolicyConfiguration。

permissions 要添加到已排除的策略语句的权限 Collection。Collection 可能是同质 Collection,也可能是异构 Collection。
ThrowsSecurityException: 如果由尚未授予 "setPolicy" SecurityPermission 的 AccessControlContext 调用。
ThrowsUnsupportedOperationException: 如果调用此方法时,接口为此 PolicyConfiguration 对象的策略上下文的状态是 "deleted" 或 "inService"。
ThrowsPolicyContextException: 如果实现抛出 addToExcludedPolicy 方法签名未知的经过检查的异常。实现类抛出的异常将封装(构造期间)在抛出的 PolicyContextException 中。

英文文档:

addToExcludedPolicy

void addToExcludedPolicy(PermissionCollection permissions)
                         throws PolicyContextException
Used to add excluded policy statements to this PolicyConfiguration.

Parameters:
permissions - the collection of permissions to be added to the excluded policy statements. The collection may be either a homogenous or heterogenous collection.
Throws:
SecurityException - if called by an AccessControlContext that has not been granted the "setPolicy" SecurityPermission.
UnsupportedOperationException - if the state of the policy context whose interface is this PolicyConfiguration Object is "deleted" or "inService" when this method is called.
PolicyContextException - if the implementation throws a checked exception that has not been accounted for by the addToExcludedPolicy method signature. The exception thrown by the implementation class will be encapsulated (during construction) in the thrown PolicyContextException.

public void addToExcludedPolicy(java.security.Permission permission) throws PolicyContextException
用于将已排除的单个策略语句添加到此 PolicyConfiguration。

permission 要添加到已排除的策略语句的权限。
ThrowsSecurityException: 如果由尚未授予 "setPolicy" SecurityPermission 的 AccessControlContext 调用。
ThrowsUnsupportedOperationException: 如果调用此方法时,接口为此 PolicyConfiguration 对象的策略上下文的状态是 "deleted" 或 "inService"。
ThrowsPolicyContextException: 如果实现抛出 addToExcludedPolicy 方法签名未知的经过检查的异常。实现类抛出的异常将封装(构造期间)在抛出的 PolicyContextException 中。

英文文档:

addToExcludedPolicy

void addToExcludedPolicy(Permission permission)
                         throws PolicyContextException
Used to add a single excluded policy statement to this PolicyConfiguration.

Parameters:
permission - the permission to be added to the excluded policy statements.
Throws:
SecurityException - if called by an AccessControlContext that has not been granted the "setPolicy" SecurityPermission.
UnsupportedOperationException - if the state of the policy context whose interface is this PolicyConfiguration Object is "deleted" or "inService" when this method is called.
PolicyContextException - if the implementation throws a checked exception that has not been accounted for by the addToExcludedPolicy method signature. The exception thrown by the implementation class will be encapsulated (during construction) in the thrown PolicyContextException.

public void removeRole(String roleName) throws PolicyContextException
用于从此 PolicyConfiguration 中移除角色及其所有权限。

roleName 要从此 PolicyConfiguration 中移除的角色的名称。
ThrowsSecurityException: 如果由尚未授予 "setPolicy" SecurityPermission 的 AccessControlContext 调用。
ThrowsUnsupportedOperationException: 如果调用此方法时,接口为此 PolicyConfiguration 对象的策略上下文的状态是 "deleted" 或 "inService"。
ThrowsPolicyContextException: 如果实现抛出 removeRole 方法签名未知的经过检查的异常。实现类抛出的异常将封装(构造期间)在抛出的 PolicyContextException 中。

英文文档:

removeRole

void removeRole(String roleName)
                throws PolicyContextException
Used to remove a role and all its permissions from this PolicyConfiguration.

Parameters:
roleName - the name of the Role to remove from this PolicyConfiguration.
Throws:
SecurityException - if called by an AccessControlContext that has not been granted the "setPolicy" SecurityPermission.
UnsupportedOperationException - if the state of the policy context whose interface is this PolicyConfiguration Object is "deleted" or "inService" when this method is called.
PolicyContextException - if the implementation throws a checked exception that has not been accounted for by the removeRole method signature. The exception thrown by the implementation class will be encapsulated (during construction) in the thrown PolicyContextException.

public void removeUncheckedPolicy() throws PolicyContextException
用于从此 PolicyConfiguration 中移除所有未经检查的策略语句。
ThrowsSecurityException: 如果由尚未授予 "setPolicy" SecurityPermission 的 AccessControlContext 调用。
ThrowsUnsupportedOperationException: 如果调用此方法时,接口为此 PolicyConfiguration 对象的策略上下文的状态是 "deleted" 或 "inService"。
ThrowsPolicyContextException: 如果实现抛出 removeUncheckedPolicy 方法签名未知的经过检查的异常。实现类抛出的异常将封装(构造期间)在抛出的 PolicyContextException 中。
英文文档:

removeUncheckedPolicy

void removeUncheckedPolicy()
                           throws PolicyContextException
Used to remove any unchecked policy statements from this PolicyConfiguration.

Throws:
SecurityException - if called by an AccessControlContext that has not been granted the "setPolicy" SecurityPermission.
UnsupportedOperationException - if the state of the policy context whose interface is this PolicyConfiguration Object is "deleted" or "inService" when this method is called.
PolicyContextException - if the implementation throws a checked exception that has not been accounted for by the removeUncheckedPolicy method signature. The exception thrown by the implementation class will be encapsulated (during construction) in the thrown PolicyContextException.

public void removeExcludedPolicy() throws PolicyContextException
用于从此 PolicyConfiguration 中移除所有已排除的策略语句。
ThrowsSecurityException: 如果由尚未授予 "setPolicy" SecurityPermission 的 AccessControlContext 调用。
ThrowsUnsupportedOperationException: 如果调用此方法时,接口为此 PolicyConfiguration 对象的策略上下文的状态是 "deleted" 或 "inService"。
ThrowsPolicyContextException: 如果实现抛出 removeExcludedPolicy 方法签名未知的经过检查的异常。实现类抛出的异常将封装(构造期间)在抛出的 PolicyContextException 中。
英文文档:

removeExcludedPolicy

void removeExcludedPolicy()
                          throws PolicyContextException
Used to remove any excluded policy statements from this PolicyConfiguration.

Throws:
SecurityException - if called by an AccessControlContext that has not been granted the "setPolicy" SecurityPermission.
UnsupportedOperationException - if the state of the policy context whose interface is this PolicyConfiguration Object is "deleted" or "inService" when this method is called.
PolicyContextException - if the implementation throws a checked exception that has not been accounted for by the removeExcludedPolicy method signature. The exception thrown by the implementation class will be encapsulated (during construction) in the thrown PolicyContextException.

public void linkConfiguration(PolicyConfiguration link) throws PolicyContextException
在此配置与另一个配置之间创建关系,使它们共享相同的主体到角色映射。将 PolicyConfiguration 链接起来,以对多个独立的可管理 PolicyConfiguration 应用公共的主体到角色映射,应用程序由多个模块构成时需要这样做。

注意,链接到另一个 PolicyConfiguration 的配置不会影响 PolicyConfiguration 中构成角色或者已排除(或未经检查)策略 Collection 的策略语句。

link 对另一个 PolicyConfiguration(非此 PolicyConfiguration)的引用。

此方法所形成的关系是对称的、可传递的、幂等的。如果参数 PolicyConfiguration 与此 PolicyConfiguration 的 Policy 上下文标识符相同,则不会形成任何关系,并抛出如下所述的异常。

ThrowsSecurityException: 如果由尚未授予 "setPolicy" SecurityPermission 的 AccessControlContext 调用。
ThrowsUnsupportedOperationException: 如果调用此方法时,接口为此 PolicyConfiguration 对象的策略上下文的状态是 "deleted" 或 "inService"。
ThrowsIllegalArgumentException: 如果调用时使用的参数 PolicyConfiguration 的 Policy 上下文与此 PolicyConfiguration 的 Policy 上下文相同。
ThrowsPolicyContextException: 如果实现抛出 linkConfiguration 方法签名未知的经过检查的异常。实现类抛出的异常将封装(构造期间)在抛出的 PolicyContextException 中。

英文文档:

linkConfiguration

void linkConfiguration(PolicyConfiguration link)
                       throws PolicyContextException
Creates a relationship between this configuration and another such that they share the same principal-to-role mappings. PolicyConfigurations are linked to apply a common principal-to-role mapping to multiple seperately manageable PolicyConfigurations, as is required when an application is composed of multiple modules.

Note that the policy statements which comprise a role, or comprise the excluded or unchecked policy collections in a PolicyConfiguration are unaffected by the configuration being linked to another.

Parameters:
link - a reference to a different PolicyConfiguration than this PolicyConfiguration.

The relationship formed by this method is symetric, transitive and idempotent. If the argument PolicyConfiguration does not have a different Policy context identifier than this PolicyConfiguration no relationship is formed, and an exception, as described below, is thrown.

Throws:
SecurityException - if called by an AccessControlContext that has not been granted the "setPolicy" SecurityPermission.
UnsupportedOperationException - if the state of the policy context whose interface is this PolicyConfiguration Object is "deleted" or "inService" when this method is called.
IllegalArgumentException - if called with an argument PolicyConfiguration whose Policy context is equivalent to that of this PolicyConfiguration.
PolicyContextException - if the implementation throws a checked exception that has not been accounted for by the linkConfiguration method signature. The exception thrown by the implementation class will be encapsulated (during construction) in the thrown PolicyContextException.

public void delete() throws PolicyContextException
删除此 PolicyConfiguration 中的所有策略语句,设置其内部状态,使得对 PolicyConfiguration 调用 delete、getContextID 或 inService 以外的任何方法都将遭到拒绝,并抛出 UnsupportedOperationException。

除了移除与已删除的 PolicyConfiguration 有关的任何链接外,此操作不会影响任何链接的 PolicyConfiguration。

ThrowsSecurityException: 如果由尚未授予 "setPolicy" SecurityPermission 的 AccessControlContext 调用。
ThrowsPolicyContextException: 如果实现抛出 delete 方法签名未知的经过检查的异常。实现类抛出的异常将封装(构造期间)在抛出的 PolicyContextException 中。

英文文档:

delete

void delete()
            throws PolicyContextException
Causes all policy statements to be deleted from this PolicyConfiguration and sets its internal state such that calling any method, other than delete, getContextID, or inService on the PolicyConfiguration will be rejected and cause an UnsupportedOperationException to be thrown.

This operation has no affect on any linked PolicyConfigurations other than removing any links involving the deleted PolicyConfiguration.

Throws:
SecurityException - if called by an AccessControlContext that has not been granted the "setPolicy" SecurityPermission.
PolicyContextException - if the implementation throws a checked exception that has not been accounted for by the delete method signature. The exception thrown by the implementation class will be encapsulated (during construction) in the thrown PolicyContextException.

public void commit() throws PolicyContextException
此方法用于将接口为此 PolicyConfiguration 对象的策略上下文的状态设置为 "inService"。只有状态为 "inService" 的策略上下文才会包含在由 Policy.refresh 方法处理的策略上下文中。通过调用 PolicyConfiguration 工厂的 getPolicyConfiguration 方法,并使用策略上下文的策略上下文标识符作为参数,可以使状态为 "inService" 的策略上下文返回 "open" 状态。

当策略上下文的状态为 "inService" 时,对其 PolicyConfiguration 对象调用 commit、delete、getContextID 或 inService 以外的任何方法将会抛出 UnsupportedOperationException。

ThrowsSecurityException: 如果由尚未授予 "setPolicy" SecurityPermission 的 AccessControlContext 调用。
ThrowsUnsupportedOperationException: 如果调用此方法时,接口为此 PolicyConfiguration 对象的策略上下文的状态是 "deleted"。
ThrowsPolicyContextException: 如果实现抛出 commit 方法签名未知的经过检查的异常。实现类抛出的异常将封装(构造期间)在抛出的 PolicyContextException 中。

英文文档:

commit

void commit()
            throws PolicyContextException
This method is used to set to "inService" the state of the policy context whose interface is this PolicyConfiguration Object. Only those policy contexts whose state is "inService" will be included in the policy contexts processed by the Policy.refresh method. A policy context whose state is "inService" may be returned to the "open" state by calling the getPolicyConfiguration method of the PolicyConfiguration factory with the policy context identifier of the policy context.

When the state of a policy context is "inService", calling any method other than commit, delete, getContextID, or inService on its PolicyConfiguration Object will cause an UnsupportedOperationException to be thrown.

Throws:
SecurityException - if called by an AccessControlContext that has not been granted the "setPolicy" SecurityPermission.
UnsupportedOperationException - if the state of the policy context whose interface is this PolicyConfiguration Object is "deleted" when this method is called.
PolicyContextException - if the implementation throws a checked exception that has not been accounted for by the commit method signature. The exception thrown by the implementation class will be encapsulated (during construction) in the thrown PolicyContextException.

public boolean inService() throws PolicyContextException
此方法用于确定接口为此 PolicyConfiguration 对象的策略上下文是否处于 "inService" 状态。
return 如果关联策略上下文的状态为 "inService",则返回 true;否则返回 false。
ThrowsSecurityException: 如果由尚未授予 "setPolicy" SecurityPermission 的 AccessControlContext 调用。
ThrowsPolicyContextException: 如果实现抛出 inService 方法签名未知的经过检查的异常。实现类抛出的异常将封装(构造期间)在抛出的 PolicyContextException 中。
英文文档:

inService

boolean inService()
                  throws PolicyContextException
This method is used to determine if the policy context whose interface is this PolicyConfiguration Object is in the "inService" state.

Returns:
true if the state of the associated policy context is "inService"; false otherwise.
Throws:
SecurityException - if called by an AccessControlContext that has not been granted the "setPolicy" SecurityPermission.
PolicyContextException - if the implementation throws a checked exception that has not been accounted for by the inService method signature. The exception thrown by the implementation class will be encapsulated (during construction) in the thrown PolicyContextException.


Submit a bug or feature

Copyright 2007 Sun Microsystems, Inc. All rights reserved. Use is subject to license terms.

一看就知道只有菜鸟才干这么无知的事啦。

PS : 未经我党受权你也可自由散发此文档。 如有任何错误请自行修正;若因此而造成任何损失请直接找人民主席,请勿与本人联系。谢谢!