KickJava   Java API By Example, From Geeks To Geeks.

Java > Open Source Codes > javax > security > auth > kerberos > KerberosPrincipal


1 /*
2  * @(#)KerberosPrincipal.java 1.18 04/02/03
3  *
4  * Copyright 2004 Sun Microsystems, Inc. All rights reserved.
5  * SUN PROPRIETARY/CONFIDENTIAL. Use is subject to license terms.
6  */

7   
8 package javax.security.auth.kerberos;
9
10 import java.io.*;
11 import sun.security.krb5.Asn1Exception;
12 import sun.security.krb5.KrbException;
13 import sun.security.krb5.PrincipalName;
14 import sun.security.krb5.Realm;
15 import sun.security.util.*;
16
17 /**
18  * This class encapsulates a Kerberos principal.
19  *
20  * @author Mayank Upadhyay
21  * @version 1.18, 02/03/04
22  * @since 1.4
23  */

24
25 public final class KerberosPrincipal
26     implements java.security.Principal JavaDoc, java.io.Serializable JavaDoc {
27
28     private static final long serialVersionUID = -7374788026156829911L;
29
30     //name types
31

32     /**
33      * unknown name type.
34      */

35
36     public static final int KRB_NT_UNKNOWN = 0;
37     
38     /**
39      * user principal name type.
40      */

41
42     public static final int KRB_NT_PRINCIPAL = 1;
43     
44     /**
45      * service and other unique instance (krbtgt) name type.
46      */

47     public static final int KRB_NT_SRV_INST = 2;
48     
49     /**
50      * service with host name as instance (telnet, rcommands) name type.
51      */

52
53     public static final int KRB_NT_SRV_HST = 3;
54     
55     /**
56      * service with host as remaining components name type.
57      */

58
59     public static final int KRB_NT_SRV_XHST = 4;
60     
61     /**
62      * unique ID name type.
63      */

64
65     public static final int KRB_NT_UID = 5;
66
67
68     private transient String JavaDoc fullName;
69
70     private transient String JavaDoc realm;
71
72     private transient int nameType;
73
74     private static final char NAME_REALM_SEPARATOR = '@';
75
76     /**
77      * Constructs a KerberosPrincipal from the provided string input. The
78      * name type for this principal defaults to
79      * {@link #KRB_NT_PRINCIPAL KRB_NT_PRINCIPAL}
80      * This string is assumed to contain a name in the format
81      * that is specified in Section 2.1.1. (Kerberos Principal Name Form) of
82      * <a HREF=http://www.ietf.org/rfc/rfc1964.txt> RFC 1964 </a>
83      * (for example, <i>duke@FOO.COM</i>, where <i>duke</i>
84      * represents a principal, and <i>FOO.COM</i> represents a realm).
85      *
86      * <p>If the input name does not contain a realm, the default realm
87      * is used. The default realm can be specified either in a Kerberos
88      * configuration file or via the java.security.krb5.realm
89      * system property. For more information,
90      * <a HREF="../../../../../guide/security/jgss/tutorials/index.html">
91      * Kerberos Requirements </a>
92      *
93      * @param name the principal name
94      * @throws IllegalArgumentException if name is improperly
95      * formatted, if name is null, or if name does not contain
96      * the realm to use and the default realm is not specified
97      * in either a Kerberos configuration file or via the
98      * java.security.krb5.realm system property.
99      */

100     /*
101      * TBD: Research what encoding would be most appropriate to use
102      * when converting the String to bytes. And document that.
103      */

104     public KerberosPrincipal(String JavaDoc name) {
105
106     PrincipalName krb5Principal = null;
107
108     try {
109         // Appends the default realm if it is missing
110
krb5Principal = new PrincipalName(name, KRB_NT_PRINCIPAL);
111     } catch (KrbException e) {
112         throw new IllegalArgumentException JavaDoc(e.getMessage());
113     }
114     nameType = KRB_NT_PRINCIPAL; // default name type
115
fullName = krb5Principal.toString();
116     realm = krb5Principal.getRealmString();
117     }
118
119     /**
120      * Constructs a KerberosPrincipal from the provided string and
121      * name type input. The string is assumed to contain a name in the
122      * format that is specified in Section 2.1 (Mandatory Name Forms) of
123      * <a HREF=http://www.ietf.org/rfc/rfc1964.txt>RFC 1964</a>.
124      * Valid name types are specified in Section 7.2 (Principal Names) of
125      * <a HREF=http://www.ietf.org/rfc/rfc1510.txt>RFC 1510</a>.
126      * The input name must be consistent with the provided name type.
127      * (for example, <i>duke@FOO.COM</i>, is a valid input string for the
128      * name type, KRB_NT_PRINCIPAL where <i>duke</i>
129      * represents a principal, and <i>FOO.COM</i> represents a realm).
130
131      * <p> If the input name does not contain a realm, the default realm
132      * is used. The default realm can be specified either in a Kerberos
133      * configuration file or via the java.security.krb5.realm
134      * system property. For more information, see
135      * <a HREF="../../../../../guide/security/jgss/tutorials/index.html">
136      * Kerberos Requirements</a>.
137      *
138      * @param name the principal name
139      * @param nameType the name type of the principal
140      * @throws IllegalArgumentException if name is improperly
141      * formatted, if name is null, if the nameType is not supported,
142      * or if name does not contain the realm to use and the default
143      * realm is not specified in either a Kerberos configuration
144      * file or via the java.security.krb5.realm system property.
145      */

146
147     public KerberosPrincipal(String JavaDoc name, int nameType) {
148
149     PrincipalName krb5Principal = null;
150
151     try {
152         // Appends the default realm if it is missing
153
krb5Principal = new PrincipalName(name,nameType);
154     } catch (KrbException e) {
155         throw new IllegalArgumentException JavaDoc(e.getMessage());
156     }
157      
158     this.nameType = nameType;
159     fullName = krb5Principal.toString();
160     realm = krb5Principal.getRealmString();
161     }
162     /**
163      * Returns the realm component of this Kerberos principal.
164      *
165      * @return the realm component of this Kerberos principal.
166      */

167     public String JavaDoc getRealm() {
168     return realm;
169     }
170
171     /**
172      * Returns a hashcode for this principal. The hash code is defined to
173      * be the result of the following calculation:
174      * <pre><code>
175      * hashCode = getName().hashCode();
176      * </code></pre>
177      *
178      * @return a hashCode() for the <code>KerberosPrincipal</code>
179      */

180     public int hashCode() {
181     return getName().hashCode();
182     }
183
184     /**
185      * Compares the specified Object with this Principal for equality.
186      * Returns true if the given object is also a
187      * <code>KerberosPrincipal</code> and the two
188      * <code>KerberosPrincipal</code> instances are equivalent.
189      * More formally two <code>KerberosPrincipal</code> instances are equal
190      * if the values returned by <code>getName()</code> are equal and the
191      * values returned by <code>getNameType()</code> are equal.
192      *
193      * @param other the Object to compare to
194      * @return true if the Object passed in represents the same principal
195      * as this one, false otherwise.
196      */

197     public boolean equals(Object JavaDoc other) {
198
199     if (other == this)
200         return true;
201
202     if (! (other instanceof KerberosPrincipal JavaDoc)) {
203         return false;
204     } else {
205         String JavaDoc myFullName = getName();
206         String JavaDoc otherFullName = ((KerberosPrincipal JavaDoc) other).getName();
207         if (nameType == ((KerberosPrincipal JavaDoc)other).nameType &&
208         myFullName.equals(otherFullName)) {
209          return true;
210         }
211     }
212     return false;
213     }
214
215     /**
216      * Save the KerberosPrincipal object to a stream
217      *
218      * @serialData this <code>KerberosPrincipal</code> is serialized
219      * by writing out the PrincipalName and the
220      * realm in their DER-encoded form as specified in Section 5.2 of
221      * <a HREF=http://www.ietf.org/rfc/rfc1510.txt> RFC1510</a>.
222      */

223
224     private synchronized void writeObject(ObjectOutputStream oos)
225     throws IOException {
226
227     PrincipalName krb5Principal = null;
228     try {
229         krb5Principal = new PrincipalName(fullName,nameType);
230         oos.writeObject(krb5Principal.asn1Encode());
231         oos.writeObject(krb5Principal.getRealm().asn1Encode());
232     } catch (Exception JavaDoc e) {
233         IOException ioe = new IOException(e.getMessage());
234         ioe.initCause(e);
235         throw ioe;
236     }
237     }
238
239     /**
240      * Reads this object from a stream (i.e., deserializes it)
241      */

242
243     private synchronized void readObject(ObjectInputStream ois)
244      throws IOException, ClassNotFoundException JavaDoc {
245     byte[] asn1EncPrincipal = (byte [])ois.readObject();
246     byte[] encRealm = (byte [])ois.readObject();
247     try {
248        PrincipalName krb5Principal = new PrincipalName(new
249                         DerValue(asn1EncPrincipal));
250        realm = (new Realm(new DerValue(encRealm))).toString();
251        fullName = krb5Principal.toString() + NAME_REALM_SEPARATOR +
252              realm.toString();
253        nameType = krb5Principal.getNameType();
254     } catch (Exception JavaDoc e) {
255         IOException ioe = new IOException(e.getMessage());
256         ioe.initCause(e);
257         throw ioe;
258     }
259     }
260     
261     /**
262      * The returned string corresponds to the single-string
263      * representation of a Kerberos Principal name as specified in
264      * Section 2.1 of <a HREF=http://www.ietf.org/rfc/rfc1964.txt>RFC 1964</a>.
265      *
266      * @return the principal name.
267      */

268     public String JavaDoc getName() {
269     return fullName;
270     }
271
272     /**
273      * Returns the name type of the KerberosPrincipal. Valid name types
274      * are specified in Section 7.2 of
275      * <a HREF=http://www.ietf.org/rfc/rfc1510.txt> RFC1510</a>.
276      *
277      * @return the name type.
278      *
279      */

280
281     public int getNameType() {
282     return nameType;
283     }
284     
285     // Inherits javadocs from Object
286
public String JavaDoc toString() {
287     return getName();
288     }
289 }
290
Popular Tags