mirror of git://gcc.gnu.org/git/gcc.git
327 lines
9.5 KiB
Java
327 lines
9.5 KiB
Java
/* PrivateCredentialPermission.java -- permissions governing private credentials.
|
|
Copyright (C) 2004 Free Software Foundation, Inc.
|
|
|
|
This file is part of GNU Classpath.
|
|
|
|
GNU Classpath is free software; you can redistribute it and/or modify
|
|
it under the terms of the GNU General Public License as published by
|
|
the Free Software Foundation; either version 2, or (at your option)
|
|
any later version.
|
|
|
|
GNU Classpath is distributed in the hope that it will be useful, but
|
|
WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
|
|
General Public License for more details.
|
|
|
|
You should have received a copy of the GNU General Public License
|
|
along with GNU Classpath; see the file COPYING. If not, write to the
|
|
Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
|
|
02110-1301 USA.
|
|
|
|
Linking this library statically or dynamically with other modules is
|
|
making a combined work based on this library. Thus, the terms and
|
|
conditions of the GNU General Public License cover the whole
|
|
combination.
|
|
|
|
As a special exception, the copyright holders of this library give you
|
|
permission to link this library with independent modules to produce an
|
|
executable, regardless of the license terms of these independent
|
|
modules, and to copy and distribute the resulting executable under
|
|
terms of your choice, provided that you also meet, for each linked
|
|
independent module, the terms and conditions of the license of that
|
|
module. An independent module is a module which is not derived from
|
|
or based on this library. If you modify this library, you may extend
|
|
this exception to your version of the library, but you are not
|
|
obligated to do so. If you do not wish to do so, delete this
|
|
exception statement from your version. */
|
|
|
|
|
|
package javax.security.auth;
|
|
|
|
import java.io.Serializable;
|
|
|
|
import java.security.Permission;
|
|
import java.security.PermissionCollection;
|
|
|
|
import java.util.HashSet;
|
|
import java.util.Iterator;
|
|
import java.util.Set;
|
|
import java.util.StringTokenizer;
|
|
|
|
/**
|
|
* A permission governing access to a private credential. The action of this
|
|
* permission is always "read" -- meaning that the private credential
|
|
* information can be read from an object.
|
|
*
|
|
* <p>The target of this permission is formatted as follows:</p>
|
|
*
|
|
* <p><code>CredentialClassName ( PrinicpalClassName PrincipalName )*</code></p>
|
|
*
|
|
* <p><i>CredentialClassName</i> is either the name of a private credential
|
|
* class name, or a wildcard character (<code>'*'</code>).
|
|
* <i>PrinicpalClassName</i> is the class name of a principal object, and
|
|
* <i>PrincipalName</i> is a string representing the principal, or the
|
|
* wildcard character.</p>
|
|
*/
|
|
public final class PrivateCredentialPermission extends Permission
|
|
implements Serializable
|
|
{
|
|
/**
|
|
* For compatability with Sun's JDK 1.4.2 rev. 5
|
|
*/
|
|
private static final long serialVersionUID = 5284372143517237068L;
|
|
|
|
// Fields.
|
|
// -------------------------------------------------------------------------
|
|
|
|
/**
|
|
* @serial The credential class name.
|
|
*/
|
|
private final String credentialClass;
|
|
|
|
/**
|
|
* @serial The principals, a set of CredOwner objects (an undocumented
|
|
* inner class of this class).
|
|
*/
|
|
private final Set principals;
|
|
|
|
/**
|
|
* @serial Who knows?
|
|
*/
|
|
private final boolean testing;
|
|
|
|
// Constructor.
|
|
// -------------------------------------------------------------------------
|
|
|
|
/**
|
|
* Create a new private credential permission.
|
|
*
|
|
* @param name The permission target name.
|
|
* @param actions The list of actions, which, for this class, must be
|
|
* <code>"read"</code>.
|
|
*/
|
|
public PrivateCredentialPermission (final String name, String actions)
|
|
{
|
|
super(name);
|
|
actions = actions.trim().toLowerCase();
|
|
if (!"read".equals (actions))
|
|
{
|
|
throw new IllegalArgumentException("actions must be \"read\"");
|
|
}
|
|
StringTokenizer st = new StringTokenizer (name, " \"'");
|
|
principals = new HashSet();
|
|
if (st.countTokens() < 3 || (st.countTokens() & 1) == 0)
|
|
{
|
|
throw new IllegalArgumentException ("badly formed credential name");
|
|
}
|
|
credentialClass = st.nextToken();
|
|
while (st.hasMoreTokens())
|
|
{
|
|
principals.add (new CredOwner (st.nextToken(), st.nextToken()));
|
|
}
|
|
testing = false; // WTF ever.
|
|
}
|
|
|
|
// Instance methods.
|
|
// -------------------------------------------------------------------------
|
|
|
|
public boolean equals (Object o)
|
|
{
|
|
if (! (o instanceof PrivateCredentialPermission))
|
|
{
|
|
return false;
|
|
}
|
|
PrivateCredentialPermission that = (PrivateCredentialPermission) o;
|
|
if (!that.getActions().equals (getActions()))
|
|
{
|
|
return false;
|
|
}
|
|
if (!that.getCredentialClass().equals (getCredentialClass()))
|
|
{
|
|
return false;
|
|
}
|
|
|
|
final String[][] principals = getPrincipals();
|
|
final String[][] that_principals = that.getPrincipals();
|
|
if (that_principals == null)
|
|
{
|
|
return false;
|
|
}
|
|
if (that_principals.length != principals.length)
|
|
{
|
|
return false;
|
|
}
|
|
for (int i = 0; i < principals.length; i++)
|
|
{
|
|
if (!principals[i][0].equals (that_principals[i][0]) ||
|
|
!principals[i][1].equals (that_principals[i][1]))
|
|
{
|
|
return false;
|
|
}
|
|
}
|
|
return true;
|
|
}
|
|
|
|
/**
|
|
* Returns the actions this permission encompasses. For private credential
|
|
* permissions, this is always the string <code>"read"</code>.
|
|
*
|
|
* @return The list of actions.
|
|
*/
|
|
public String getActions()
|
|
{
|
|
return "read";
|
|
}
|
|
|
|
/**
|
|
* Returns the credential class name that was embedded in this permission's
|
|
* target name.
|
|
*
|
|
* @return The credential class name.
|
|
*/
|
|
public String getCredentialClass()
|
|
{
|
|
return credentialClass;
|
|
}
|
|
|
|
/**
|
|
* Returns the principal list that was embedded in this permission's target
|
|
* name.
|
|
*
|
|
* <p>Each element of the returned array is a pair; the first element is the
|
|
* principal class name, and the second is the principal name.
|
|
*
|
|
* @return The principal list.
|
|
*/
|
|
public String[][] getPrincipals()
|
|
{
|
|
String[][] ret = new String[principals.size()][];
|
|
Iterator it = principals.iterator();
|
|
for (int i = 0; i < principals.size() && it.hasNext(); i++)
|
|
{
|
|
CredOwner co = (CredOwner) it.next();
|
|
ret[i] = new String[] { co.getPrincipalClass(), co.getPrincipalName() };
|
|
}
|
|
return ret;
|
|
}
|
|
|
|
public int hashCode()
|
|
{
|
|
return credentialClass.hashCode() + principals.hashCode();
|
|
}
|
|
|
|
/**
|
|
* Test if this permission implies another. This method returns true if:
|
|
*
|
|
* <ol>
|
|
* <li><i>p</i> is an instance of PrivateCredentialPermission</li>.
|
|
* <li>The credential class name of this instance matches that of <i>p</i>,
|
|
* and one of the principals of <i>p</i> is contained in the principals of
|
|
* this class. Thus,
|
|
* <ul>
|
|
* <li><code>[ * P "foo" ] implies [ C P "foo" ]</code></li>
|
|
* <li><code>[ C P1 "foo" ] implies [ C P1 "foo" P2 "bar" ]</code></li>
|
|
* <li><code>[ C P1 "*" ] implies [ C P1 "foo" ]</code></li>
|
|
* </ul>
|
|
* </ol>
|
|
*
|
|
* @param p The permission to check.
|
|
* @return True if this permission implies <i>p</i>.
|
|
*/
|
|
public boolean implies (Permission p)
|
|
{
|
|
if (! (p instanceof PrivateCredentialPermission))
|
|
{
|
|
return false;
|
|
}
|
|
PrivateCredentialPermission that = (PrivateCredentialPermission) p;
|
|
if (!credentialClass.equals ("*")
|
|
&& !credentialClass.equals (that.getCredentialClass()))
|
|
{
|
|
return false;
|
|
}
|
|
String[][] principals = getPrincipals();
|
|
String[][] that_principals = that.getPrincipals();
|
|
if (that_principals == null)
|
|
{
|
|
return false;
|
|
}
|
|
for (int i = 0; i < principals.length; i++)
|
|
{
|
|
for (int j = 0; j < that_principals.length; j++)
|
|
{
|
|
if (principals[i][0].equals (that_principals[j][0]) &&
|
|
(principals[i][1].equals ("*") ||
|
|
principals[i][1].equals (that_principals[j][1])))
|
|
{
|
|
return true;
|
|
}
|
|
}
|
|
}
|
|
return false;
|
|
}
|
|
|
|
/**
|
|
* This method is not necessary for this class, thus it always returns null.
|
|
*
|
|
* @return null.
|
|
*/
|
|
public PermissionCollection newPermissionCollection()
|
|
{
|
|
return null;
|
|
}
|
|
|
|
// Inner class.
|
|
// -------------------------------------------------------------------------
|
|
|
|
/**
|
|
* An undocumented inner class present for serialization compatibility.
|
|
*/
|
|
private static class CredOwner implements Serializable
|
|
{
|
|
|
|
// Fields.
|
|
// -----------------------------------------------------------------------
|
|
|
|
private final String principalClass;
|
|
private final String principalName;
|
|
|
|
// Constructor.
|
|
// -----------------------------------------------------------------------
|
|
|
|
CredOwner (final String principalClass, final String principalName)
|
|
{
|
|
this.principalClass = principalClass;
|
|
this.principalName = principalName;
|
|
}
|
|
|
|
// Instance methods.
|
|
// -----------------------------------------------------------------------
|
|
|
|
public boolean equals (Object o)
|
|
{
|
|
if (!(o instanceof CredOwner))
|
|
{
|
|
return false;
|
|
}
|
|
return principalClass.equals (((CredOwner) o).getPrincipalClass()) &&
|
|
principalName.equals (((CredOwner) o).getPrincipalName());
|
|
}
|
|
|
|
public int hashCode()
|
|
{
|
|
return principalClass.hashCode() + principalName.hashCode();
|
|
}
|
|
|
|
public String getPrincipalClass()
|
|
{
|
|
return principalClass;
|
|
}
|
|
|
|
public String getPrincipalName()
|
|
{
|
|
return principalName;
|
|
}
|
|
}
|
|
}
|