KickJava   Java API By Example, From Geeks To Geeks.

Java > Open Source Codes > com > sun > enterprise > iiop > security > SecurityContext


1 /*
2  * The contents of this file are subject to the terms
3  * of the Common Development and Distribution License
4  * (the License). You may not use this file except in
5  * compliance with the License.
6  *
7  * You can obtain a copy of the license at
8  * https://glassfish.dev.java.net/public/CDDLv1.0.html or
9  * glassfish/bootstrap/legal/CDDLv1.0.txt.
10  * See the License for the specific language governing
11  * permissions and limitations under the License.
12  *
13  * When distributing Covered Code, include this CDDL
14  * Header Notice in each file and include the License file
15  * at glassfish/bootstrap/legal/CDDLv1.0.txt.
16  * If applicable, add the following below the CDDL Header,
17  * with the fields enclosed by brackets [] replaced by
18  * you own identifying information:
19  * "Portions Copyrighted [year] [name of copyright owner]"
20  *
21  * Copyright 2006 Sun Microsystems, Inc. All rights reserved.
22  */
23 /*
24  * @(#)SecurityContext.java 1.5 00/10/24
25  */
26
27 package com.sun.enterprise.iiop.security;
28
29 import java.security.cert.*;
30 import javax.security.auth.*;
31
32 /*
33  * This interface is part of the contract between CSIV2 interceptors
34  * and the rest of J2EE RI.
35  *
36  * @author Sekhar Vajjhala
37  * @author Vivek Nagar
38  */
39
40
41 /**
42  * A subject is used a container for passing the security context
43  * information in the service context field. The security context
44  * information in the subject must be stored either as a private or
45  * a public credential according to the following convention:
46  *
47  * PasswordCredential:
48  * Client authentication will be performed using the username
49  * and password in the PasswordCredential. PasswordCredential
50  * must be passed as a PrivateCredential.
51  *
52  * X500Name:
53  * DN name specified in X500Name will be asserted. X500Name must
54  * be passed as a PublicCredential.
55  *
56  * GSSUPName:
57  * Identity specified in GSSUPName will be asserted. GSSUPName must
58  * be passed as a PublicCredential.
59  *
60  * X509CertificateCredential:
61  * The certificate chain in the credential will be asserted. The
62  * credential must be passed as a PublicCredential.
63  *
64  * AnonCredential:
65  * Anonymous identity will be asserted. Credential must be passed
66  * as a PublicCredential.
67  *
68  * Class fields in the SecurityContext are used for credential selection.
69  * There are two class fields: authcls and identcls.
70  *
71  * authcls is a Class object that identifies the credential for
72  * client authentication.
73  *
74  * identcls is a Class object that identifies the credential for
75  * identity assertion.
76  *
77  * The following semantics must be observed:
78  *
79  * 1. A client authentication token is always passed as a private
80  * credential. authcls set to the class of the authentication token
81  *
82  * 2. An identity token is always passed as a public credential.
83  * identcls is set to the class of the identity token.
84  *
85  * 3. authcls is set to null if there is no client auth token
86  *
87  * 4. identcls is set to null if there is no ident token
88  *
89  * 5. There must not be more than one instance of class identified
90  * by authcls or identcls. However, there can be one instance of
91  * identcls *and* authcls (this allows both a client auth token
92  * and an identity token to be passed across the interface).
93  */
94
95 public class SecurityContext {
96     public Subject subject;
97     public Class JavaDoc authcls;
98     public Class JavaDoc identcls;
99 }
100
101
Popular Tags