Every plugin must maintain a list of all the permissions that it knows about, so that the User Administration and Role Administration screens can assign permissions to roles, and assign those roles to users.
In your plugin's plugin.xml file, you need a new element defined like so:
<!-- Permissions -->
These permission keys should also be kept in a Class file (e.g. CatalogPermissions.java) as constants, similar to the way that ContextIdNames.java is used to keep constant string names for Spring beans. The name attribute references a property in plugin.properties The activityId attribute is used to group permissions in a set of permissions. It should reference an activity defined with the <activity> tag like in the example above.