Understanding Java Access Control List ( Java ACL )

Java has a special package called the java.security.acl which has all the interfaces needed to implement the access control to the agents and the agent groups. A default implementation of the ACL package is also provided by Sun in sun.security.acl.

The Acl interface in the java.security.acl package has the access control list. Group of owners are related to the Acl interface and these owners are represented as Principal objects. The Principal is the user or the agent. The keys and the certificates of the Principal are checked when the Acl interface is implemented.

An AclEntry object represents an entry in the access control list. This entry gives information on the permissions available for the agent to access a particular resource. The addEntry() method is used to add an Acl entry. The permission for the resource being protected by defined in the AclEntry and these permissions are given to the Principal.

The Permission interface has the different types of permissions allowed for that particular resource. Documentation with examples on how to work with the java.security.acl is available in the internet. You can use these documents to understand how Acl is implemented in Java.