SubjectCodeSourcepublic class SubjectCodeSource extends CodeSource implements Serializable This SubjectCodeSource class contains
a URL, signer certificates, and either a Subject
(that represents the Subject in the current
AccessControlContext,
or a linked list of Principals/PrincipalComparators
(that represent a "subject" in a Policy). |
| Fields Summary |
|---|
| private static final long | serialVersionUID | | private static final ResourceBundle | rb | | private Subject | subject | | private LinkedList | principals | | private static final Class[] | PARAMS | | private static final Debug | debug | | private ClassLoader | sysClassLoader |
| Constructors Summary |
|---|
SubjectCodeSource(Subject subject, LinkedList principals, URL url, Certificate[] certs)Creates a new SubjectCodeSource
with the given Subject, principals, URL,
and signers (Certificates). The Subject
represents the Subject associated with the current
AccessControlContext.
The Principals are given as a LinkedList
of PolicyParser.PrincipalEntry objects.
Typically either a Subject will be provided,
or a list of principals will be provided
(not both).
super(url, certs);
this.subject = subject;
this.principals = (principals == null ?
new LinkedList() :
new LinkedList(principals));
sysClassLoader =
(ClassLoader)java.security.AccessController.doPrivileged
(new java.security.PrivilegedAction() {
public Object run() {
return ClassLoader.getSystemClassLoader();
}
});
|
| Methods Summary |
|---|
| public boolean | equals(java.lang.Object obj)Tests for equality between the specified object and this
object. Two SubjectCodeSource objects are considered equal
if their locations are of identical value, if the two sets of
Certificates are of identical values, and if the
Subjects are equal, and if the PolicyParser.PrincipalEntry values
are of identical values. It is not required that
the Certificates or PolicyParser.PrincipalEntry values
be in the same order.
if (obj == this)
return true;
if (super.equals(obj) == false)
return false;
if (!(obj instanceof SubjectCodeSource))
return false;
SubjectCodeSource that = (SubjectCodeSource)obj;
// the principal lists must match
try {
if (this.getSubject() != that.getSubject())
return false;
} catch (SecurityException se) {
return false;
}
if ((this.principals == null && that.principals != null) ||
(this.principals != null && that.principals == null))
return false;
if (this.principals != null && that.principals != null) {
if (!this.principals.containsAll(that.principals) ||
!that.principals.containsAll(this.principals))
return false;
}
return true;
| | java.util.LinkedList | getPrincipals()Get the Principals associated with this SubjectCodeSource.
The Principals are retrieved as a LinkedList
of PolicyParser.PrincipalEntry objects.
return principals;
| | javax.security.auth.Subject | getSubject()Get the Subject associated with this
SubjectCodeSource. The Subject
represents the Subject associated with the
current AccessControlContext.
return subject;
| | public int | hashCode()Return a hashcode for this SubjectCodeSource.
return super.hashCode();
| | public boolean | implies(java.security.CodeSource codesource)Returns true if this SubjectCodeSource object "implies"
the specified CodeSource.
More specifically, this method makes the following checks.
If any fail, it returns false. If they all succeed, it returns true.
- The provided codesource must not be
null.
- codesource must be an instance of
SubjectCodeSource.
- super.implies(codesource) must return true.
- for each principal in this codesource's principal list:
- if the principal is an instanceof
PrincipalComparator, then the principal must
imply the provided codesource's Subject.
- if the principal is not an instanceof
PrincipalComparator, then the provided
codesource's Subject must have an
associated Principal, P, where
P.getClass().getName equals principal.principalClass,
and P.getName() equals principal.principalName.
LinkedList subjectList = null;
if (codesource == null ||
!(codesource instanceof SubjectCodeSource) ||
!(super.implies(codesource))) {
if (debug != null)
debug.println("\tSubjectCodeSource.implies: FAILURE 1");
return false;
}
SubjectCodeSource that = (SubjectCodeSource)codesource;
// if the principal list in the policy "implies"
// the Subject associated with the current AccessControlContext,
// then return true
if (this.principals == null) {
if (debug != null)
debug.println("\tSubjectCodeSource.implies: PASS 1");
return true;
}
if (that.getSubject() == null ||
that.getSubject().getPrincipals().size() == 0) {
if (debug != null)
debug.println("\tSubjectCodeSource.implies: FAILURE 2");
return false;
}
ListIterator li = this.principals.listIterator(0);
while (li.hasNext()) {
PolicyParser.PrincipalEntry pppe =
(PolicyParser.PrincipalEntry)li.next();
try {
// handle PrincipalComparators
Class principalComparator = Class.forName(pppe.principalClass,
true,
sysClassLoader);
Constructor c = principalComparator.getConstructor(PARAMS);
PrincipalComparator pc =
(PrincipalComparator)c.newInstance
(new Object[] { pppe.principalName });
if (!pc.implies(that.getSubject())) {
if (debug != null)
debug.println("\tSubjectCodeSource.implies: FAILURE 3");
return false;
} else {
if (debug != null)
debug.println("\tSubjectCodeSource.implies: PASS 2");
return true;
}
} catch (Exception e) {
// no PrincipalComparator, simply compare Principals
if (subjectList == null) {
if (that.getSubject() == null) {
if (debug != null)
debug.println("\tSubjectCodeSource.implies: " +
"FAILURE 4");
return false;
}
Iterator i = that.getSubject().getPrincipals().iterator();
subjectList = new LinkedList();
while (i.hasNext()) {
Principal p = (Principal)i.next();
PolicyParser.PrincipalEntry spppe =
new PolicyParser.PrincipalEntry
(p.getClass().getName(), p.getName());
subjectList.add(spppe);
}
}
if (!subjectListImpliesPrincipalEntry(subjectList, pppe)) {
if (debug != null)
debug.println("\tSubjectCodeSource.implies: FAILURE 5");
return false;
}
}
}
if (debug != null)
debug.println("\tSubjectCodeSource.implies: PASS 3");
return true;
| | private boolean | subjectListImpliesPrincipalEntry(java.util.LinkedList subjectList, PolicyParser.PrincipalEntry pppe)This method returns, true, if the provided subjectList
"contains" the Principal specified
in the provided pppe argument.
Note that the provided pppe argument may have
wildcards (*) for the Principal class and name,
which need to be considered.
ListIterator li = subjectList.listIterator(0);
while (li.hasNext()) {
PolicyParser.PrincipalEntry listPppe = (PolicyParser.PrincipalEntry)
li.next();
if (pppe.principalClass.equals
(PolicyParser.PrincipalEntry.WILDCARD_CLASS) ||
pppe.principalClass.equals
(listPppe.principalClass)) {
if (pppe.principalName.equals
(PolicyParser.PrincipalEntry.WILDCARD_NAME) ||
pppe.principalName.equals
(listPppe.principalName))
return true;
}
}
return false;
| | public java.lang.String | toString()Return a String representation of this SubjectCodeSource.
String returnMe = super.toString();
if (getSubject() != null) {
if (debug != null) {
final Subject finalSubject = getSubject();
returnMe = returnMe + "\n" +
java.security.AccessController.doPrivileged
(new java.security.PrivilegedAction() {
public Object run() {
return finalSubject.toString();
}
});
} else {
returnMe = returnMe + "\n" + getSubject().toString();
}
}
if (principals != null) {
ListIterator li = principals.listIterator();
while (li.hasNext()) {
PolicyParser.PrincipalEntry pppe =
(PolicyParser.PrincipalEntry)li.next();
returnMe = returnMe + rb.getString("\n") +
pppe.principalClass + " " +
pppe.principalName;
}
}
return returnMe;
|
|
