1 grant { 2 // java.base module 3 permission java.io.SerializablePermission "enableSubstitution"; 4 permission java.lang.reflect.ReflectPermission "suppressAccessChecks"; 5 permission java.nio.file.LinkPermission "hard"; 6 permission javax.net.ssl.SSLPermission "getSSLSessionContext"; 7 permission javax.security.auth.AuthPermission "doAsPrivileged"; 8 permission javax.security.auth.PrivateCredentialPermission "* * \"*\"", 9 "read"; 10 // java.base module (@jdk.Exported Permissions) 11 permission jdk.net.NetworkPermission "setOption.SO_FLOW_SLA"; 12 // java.desktop module 13 permission java.awt.AWTPermission "createRobot"; 14 permission javax.sound.sampled.AudioPermission "play"; 15 // java.logging module 16 permission java.util.logging.LoggingPermission "control", ""; 17 // java.management module 18 permission java.lang.management.ManagementPermission "control"; 19 permission javax.management.MBeanPermission "*", "getAttribute"; 20 permission javax.management.MBeanServerPermission "createMBeanServer"; 21 permission javax.management.MBeanTrustPermission "register"; 22 permission javax.management.remote.SubjectDelegationPermission "*"; 23 // java.security.jgss module 24 permission javax.security.auth.kerberos.DelegationPermission "\"*\" \"*\""; 25 permission javax.security.auth.kerberos.ServicePermission "*", "accept"; 26 // java.sql module 27 permission java.sql.SQLPermission "setLog"; 28 // java.smartcardio module 29 permission javax.smartcardio.CardPermission "*", "*"; 30 // jdk.attach module (@jdk.Exported Permissions) 31 permission com.sun.tools.attach.AttachPermission "attachVirtualMachine"; 32 // jdk.jdi module (@jdk.Exported Permissions) 33 permission com.sun.jdi.JDIPermission "virtualMachineManager"; 34 // jdk.security.jgss module (@jdk.Exported Permissions) 35 permission com.sun.security.jgss.InquireSecContextPermission "*"; 36 }; 37 38 grant 39 // java.base module 40 principal javax.security.auth.x500.X500Principal "CN=Duke", 41 // java.management module 42 principal javax.management.remote.JMXPrincipal "Duke", 43 // java.security.jgss module 44 principal javax.security.auth.kerberos.KerberosPrincipal "duke@openjdk.org", 45 // jdk.security.auth module (@jdk.Exported Principals) 46 principal com.sun.security.auth.UserPrincipal "Duke", 47 principal com.sun.security.auth.NTDomainPrincipal "openjdk.org", 48 principal com.sun.security.auth.NTSid 49 "S-1-5-21-3623811015-3361044348-30300820-1013", 50 principal com.sun.security.auth.NTUserPrincipal "Duke", 51 principal com.sun.security.auth.UnixNumericUserPrincipal "0", 52 principal com.sun.security.auth.UnixPrincipal "duke" { 53 permission java.util.PropertyPermission "user.home", "read"; 54 }; 55 56 grant 57 // java.security.jgss module 58 principal javax.security.auth.kerberos.KerberosPrincipal "duke@openjdk.org" 59 { 60 // test that ${{self}} expansion works 61 permission javax.security.auth.kerberos.ServicePermission "${{self}}", 62 "accept"; 63 };