File Doc Category Size Date Package
Identity.java API Doc Java SE 5 API 14119 Fri Aug 26 14:57:14 BST 2005 java.security

Identity

java.lang.Object

public abstract class Identity extends Object implements Serializable, Principal

This class represents identities: real-world objects such as people, companies or organizations whose identities can be authenticated using their public keys. Identities may also be more abstract (or concrete) constructs, such as daemon threads or smart cards.

All Identity objects have a name and a public key. Names are immutable. Identities may also be scoped. That is, if an Identity is specified to have a particular scope, then the name and public key of the Identity are unique within that scope.

An Identity also has a set of certificates (all certifying its own public key). The Principal names specified in these certificates need not be the same, only the key.

An Identity can be subclassed, to include postal and email addresses, telephone numbers, images of faces and logos, and so on.

see: IdentityScope
see: Signer
see: Principal
version: 1.61
author: Benjamin Renaud
deprecated: This class is no longer used. Its functionality has been replaced by java.security.KeyStore, the java.security.cert package, and java.security.Principal.

Fields Summary
private static final long
serialVersionUID
use serialVersionUID from JDK 1.1.x for interoperability
private String
name
The name for this identity.
private PublicKey
publicKey
The public key for this identity.
String
info
Generic, descriptive information about the identity.
IdentityScope
scope
The scope of the identity.
Vector
certificates
The certificates for this identity.
Constructors Summary
protected Identity()
Constructor for serialization only.
this("restoring...");
public Identity(String name, IdentityScope scope)
Constructs an identity with the specified name and scope.
param
name the identity name.
param
scope the scope of the identity.
exception
KeyManagementException if there is already an identity with the same name in the scope.
this(name); if (scope != null) { scope.addIdentity(this); } this.scope = scope;
public Identity(String name)
Constructs an identity with the specified name and no scope.
param
name the identity name.
this.name = name;
Methods Summary
public void addCertificate(java.security.Certificate certificate)
Adds a certificate for this identity. If the identity has a public key, the public key in the certificate must be the same, and if the identity does not have a public key, the identity's public key is set to be that specified in the certificate.
First, if there is a security manager, its checkSecurityAccess method is called with "addIdentityCertificate" as its argument to see if it's ok to add a certificate.
param
certificate the certificate to be added.
exception
KeyManagementException if the certificate is not valid, if the public key in the certificate being added conflicts with this identity's public key, or if another exception occurs.
exception
SecurityException if a security manager exists and its checkSecurityAccess method doesn't allow adding a certificate.
see
SecurityManager#checkSecurityAccess
check("addIdentityCertificate"); if (certificates == null) { certificates = new Vector(); } if (publicKey != null) { if (!keyEquals(publicKey, certificate.getPublicKey())) { throw new KeyManagementException( "public key different from cert public key"); } } else { publicKey = certificate.getPublicKey(); } certificates.addElement(certificate);
public java.security.Certificate[] certificates()
Returns a copy of all the certificates for this identity.
return
a copy of all the certificates for this identity.
if (certificates == null) { return new Certificate[0]; } int len = certificates.size(); Certificate[] certs = new Certificate[len]; certificates.copyInto(certs); return certs;
private static void check(java.lang.String directive)
SecurityManager security = System.getSecurityManager(); if (security != null) { security.checkSecurityAccess(directive); }
public final boolean equals(java.lang.Object identity)
Tests for equality between the specified object and this identity. This first tests to see if the entities actually refer to the same object, in which case it returns true. Next, it checks to see if the entities have the same name and the same scope. If they do, the method returns true. Otherwise, it calls {@link #identityEquals(Identity) identityEquals}, which subclasses should override.
param
identity the object to test for equality with this identity.
return
true if the objects are considered equal, false otherwise.
see
#identityEquals
if (identity == this) { return true; } if (identity instanceof Identity) { Identity i = (Identity)identity; if (this.fullName().equals(i.fullName())) { return true; } else { return identityEquals(i); } } return false;
java.lang.String fullName()
Returns a parsable name for identity: identityName.scopeName
String parsable = name; if (scope != null) { parsable += "." + scope.getName(); } return parsable;
public java.lang.String getInfo()
Returns general information previously specified for this identity.
return
general information about this identity.
see
#setInfo
return info;
public final java.lang.String getName()
Returns this identity's name.
return
the name of this identity.
return name;
public java.security.PublicKey getPublicKey()
Returns this identity's public key.
return
the public key for this identity.
see
#setPublicKey
return publicKey;
public final java.security.IdentityScope getScope()
Returns this identity's scope.
return
the scope of this identity.
return scope;
public int hashCode()
Returns a hashcode for this identity.
return
a hashcode for this identity.
return name.hashCode();
protected boolean identityEquals(java.security.Identity identity)
Tests for equality between the specified identity and this identity. This method should be overriden by subclasses to test for equality. The default behavior is to return true if the names and public keys are equal.
param
identity the identity to test for equality with this identity.
return
true if the identities are considered equal, false otherwise.
see
#equals
if (!name.equalsIgnoreCase(identity.name)) return false; if ((publicKey == null) ^ (identity.publicKey == null)) return false; if (publicKey != null && identity.publicKey != null) if (!publicKey.equals(identity.publicKey)) return false; return true;
private boolean keyEquals(java.security.Key aKey, java.security.Key anotherKey)
String aKeyFormat = aKey.getFormat(); String anotherKeyFormat = anotherKey.getFormat(); if ((aKeyFormat == null) ^ (anotherKeyFormat == null)) return false; if (aKeyFormat != null && anotherKeyFormat != null) if (!aKeyFormat.equalsIgnoreCase(anotherKeyFormat)) return false; return java.util.Arrays.equals(aKey.getEncoded(), anotherKey.getEncoded());
java.lang.String printCertificates()
String out = ""; if (certificates == null) { return "\tno certificates"; } else { out += "\tcertificates: \n"; Enumeration e = certificates.elements(); int i = 1; while (e.hasMoreElements()) { Certificate cert = (Certificate)e.nextElement(); out += "\tcertificate " + i++ + "\tfor : " + cert.getPrincipal() + "\n"; out += "\t\t\tfrom : " + cert.getGuarantor() + "\n"; } } return out;
java.lang.String printKeys()
String key = ""; if (publicKey != null) { key = "\tpublic key initialized"; } else { key = "\tno public key"; } return key;
public void removeCertificate(java.security.Certificate certificate)
Removes a certificate from this identity.
First, if there is a security manager, its checkSecurityAccess method is called with "removeIdentityCertificate" as its argument to see if it's ok to remove a certificate.
param
certificate the certificate to be removed.
exception
KeyManagementException if the certificate is missing, or if another exception occurs.
exception
SecurityException if a security manager exists and its checkSecurityAccess method doesn't allow removing a certificate.
see
SecurityManager#checkSecurityAccess
check("removeIdentityCertificate"); if (certificates != null) { certificates.removeElement(certificate); }
public void setInfo(java.lang.String info)
Specifies a general information string for this identity.
First, if there is a security manager, its checkSecurityAccess method is called with "setIdentityInfo" as its argument to see if it's ok to specify the information string.
param
info the information string.
exception
SecurityException if a security manager exists and its checkSecurityAccess method doesn't allow setting the information string.
see
#getInfo
see
SecurityManager#checkSecurityAccess
check("setIdentityInfo"); this.info = info;
public void setPublicKey(java.security.PublicKey key)
Sets this identity's public key. The old key and all of this identity's certificates are removed by this operation.
First, if there is a security manager, its checkSecurityAccess method is called with "setIdentityPublicKey" as its argument to see if it's ok to set the public key.
param
key the public key for this identity.
exception
KeyManagementException if another identity in the identity's scope has the same public key, or if another exception occurs.
exception
SecurityException if a security manager exists and its checkSecurityAccess method doesn't allow setting the public key.
see
#getPublicKey
see
SecurityManager#checkSecurityAccess
check("setIdentityPublicKey"); this.publicKey = key; certificates = new Vector();
public java.lang.String toString()
Returns a short string describing this identity, telling its name and its scope (if any).
First, if there is a security manager, its checkSecurityAccess method is called with "printIdentity" as its argument to see if it's ok to return the string.
return
information about this identity, such as its name and the name of its scope (if any).
exception
SecurityException if a security manager exists and its checkSecurityAccess method doesn't allow returning a string describing this identity.
see
SecurityManager#checkSecurityAccess
check("printIdentity"); String printable = name; if (scope != null) { printable += "[" + scope.getName() + "]"; } return printable;
public java.lang.String toString(boolean detailed)
Returns a string representation of this identity, with optionally more details than that provided by the toString method without any arguments.
First, if there is a security manager, its checkSecurityAccess method is called with "printIdentity" as its argument to see if it's ok to return the string.
param
detailed whether or not to provide detailed information.
return
information about this identity. If detailed is true, then this method returns more information than that provided by the toString method without any arguments.
exception
SecurityException if a security manager exists and its checkSecurityAccess method doesn't allow returning a string describing this identity.
see
#toString
see
SecurityManager#checkSecurityAccess
String out = toString(); if (detailed) { out += "\n"; out += printKeys(); out += "\n" + printCertificates(); if (info != null) { out += "\n\t" + info; } else { out += "\n\tno additional information available."; } } return out;