jdk/test/sun/security/krb5/auto/unbound.ssl.policy - edge/openjdk - Git at Google

 grant {
     permission java.util.PropertyPermission "*", "read,write";
     permission java.net.SocketPermission "*:*", "listen,resolve,accept,connect";
     permission java.io.FilePermission "*", "read,write,delete";
     permission java.lang.RuntimePermission "accessDeclaredMembers";
     permission java.lang.reflect.ReflectPermission "suppressAccessChecks";
     permission java.lang.RuntimePermission "accessClassInPackage.*";
     permission javax.security.auth.AuthPermission "doAs";
     permission javax.security.auth.AuthPermission "getSubject";
     permission javax.security.auth.AuthPermission
                     "createLoginContext.server_star";
     permission javax.security.auth.AuthPermission
                     "createLoginContext.server_multiple_principals";
     permission javax.security.auth.AuthPermission "modifyPrincipals";
     permission javax.security.auth.PrivateCredentialPermission "javax.security.auth.kerberos.KeyTab java.security.Principal \"krb5.keytab.data\"", "read";

     // clients have a permission to use all service principals
     permission javax.security.auth.kerberos.ServicePermission "*", "initiate";

     // server has a service permission
     // to accept only service1 and service3 principals
     permission javax.security.auth.kerberos.ServicePermission
                     "host/service1.localhost@TEST.REALM", "accept";
     permission javax.security.auth.kerberos.ServicePermission
                     "host/service3.localhost@TEST.REALM", "accept";

     // permission to use SunJCE provider
     permission java.security.SecurityPermission "putProviderProperty.SunJCE";
 };
	grant {
	permission java.util.PropertyPermission "*", "read,write";
	permission java.net.SocketPermission ":", "listen,resolve,accept,connect";
	permission java.io.FilePermission "*", "read,write,delete";
	permission java.lang.RuntimePermission "accessDeclaredMembers";
	permission java.lang.reflect.ReflectPermission "suppressAccessChecks";
	permission java.lang.RuntimePermission "accessClassInPackage.*";
	permission javax.security.auth.AuthPermission "doAs";
	permission javax.security.auth.AuthPermission "getSubject";
	permission javax.security.auth.AuthPermission
	"createLoginContext.server_star";
	permission javax.security.auth.AuthPermission
	"createLoginContext.server_multiple_principals";
	permission javax.security.auth.AuthPermission "modifyPrincipals";
	permission javax.security.auth.PrivateCredentialPermission "javax.security.auth.kerberos.KeyTab java.security.Principal \"krb5.keytab.data\"", "read";

	// clients have a permission to use all service principals
	permission javax.security.auth.kerberos.ServicePermission "*", "initiate";

	// server has a service permission
	// to accept only service1 and service3 principals
	permission javax.security.auth.kerberos.ServicePermission
	"host/service1.localhost@TEST.REALM", "accept";
	permission javax.security.auth.kerberos.ServicePermission
	"host/service3.localhost@TEST.REALM", "accept";

	// permission to use SunJCE provider
	permission java.security.SecurityPermission "putProviderProperty.SunJCE";
	};