API Overview API Index Package Overview Direct link to this page
JDK 1.6
  javax.security.auth.kerberos. KerberosPrincipal View Javadoc
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284

/*
 * @(#)KerberosPrincipal.java	1.22 06/07/27
 *
 * Copyright 2006 Sun Microsystems, Inc. All rights reserved.
 * SUN PROPRIETARY/CONFIDENTIAL. Use is subject to license terms.
 */
  
package javax.security.auth.kerberos;

import java.io.*;
import sun.security.krb5.Asn1Exception;
import sun.security.krb5.KrbException;
import sun.security.krb5.PrincipalName;
import sun.security.krb5.Realm;
import sun.security.util.*;

/**
 * This class encapsulates a Kerberos principal.
 *
 * @author Mayank Upadhyay
 * @version 1.22, 07/27/06
 * @since 1.4
 */

public final class KerberosPrincipal implements java.security.Principal, java.io.Serializable {

    private static final long serialVersionUID = -7374788026156829911L;

    //name types
    
    /**
     * unknown name type.
     */

    public static final int KRB_NT_UNKNOWN =   0;
    
    /**
     * user principal name type.
     */

    public static final int KRB_NT_PRINCIPAL = 1;
    
    /**
     * service and other unique instance (krbtgt) name type.
     */
    public static final int KRB_NT_SRV_INST =  2;
    
    /**
     * service with host name as instance (telnet, rcommands) name type.
     */

    public static final int KRB_NT_SRV_HST =   3;
    
    /**
     * service with host as remaining components name type.
     */

    public static final int KRB_NT_SRV_XHST =  4;
    
    /**
     * unique ID name type.
     */

    public static final int KRB_NT_UID = 5;


    private transient String fullName;

    private transient String realm;

    private transient int nameType;

    private static final char NAME_REALM_SEPARATOR = '@';

    /** 
     * Constructs a KerberosPrincipal from the provided string input. The 
     * name type for this  principal defaults to 
     * {@link #KRB_NT_PRINCIPAL KRB_NT_PRINCIPAL}
     * This string is assumed to contain a name in the format
     * that is specified in Section 2.1.1. (Kerberos Principal Name Form) of 
     * <a href=http://www.ietf.org/rfc/rfc1964.txt> RFC 1964 </a>
     * (for example, <i>duke@FOO.COM</i>, where <i>duke</i>
     * represents a principal, and <i>FOO.COM</i> represents a realm).
     * 
     * <p>If the input name does not contain a realm, the default realm
     * is used. The default realm can be specified either in a Kerberos 
     * configuration file or via the java.security.krb5.realm
     * system property. For more information, 
     * <a href="../../../../../technotes/guides/security/jgss/tutorials/index.html">
     * Kerberos Requirements </a>
     * 
     * @param name the principal name
     * @throws IllegalArgumentException if name is improperly
     * formatted, if name is null, or if name does not contain 
     * the realm to use and the default realm is not specified
     * in either a Kerberos configuration file or via the 
     * java.security.krb5.realm system property.
     */
    public KerberosPrincipal(String name) {

	PrincipalName krb5Principal = null;

	try {
	    // Appends the default realm if it is missing
	    krb5Principal = new PrincipalName(name, KRB_NT_PRINCIPAL);
	} catch (KrbException e) {
	    throw new IllegalArgumentException(e.getMessage());
	}
	nameType = KRB_NT_PRINCIPAL;  // default name type
	fullName = krb5Principal.toString();
	realm = krb5Principal.getRealmString();
    }

    /** 
     * Constructs a KerberosPrincipal from the provided string and
     * name type input.  The string is assumed to contain a name in the
     * format that is specified in Section 2.1 (Mandatory Name Forms) of
     * <a href=http://www.ietf.org/rfc/rfc1964.txt>RFC 1964</a>.
     * Valid name types are specified in Section 7.2 (Principal Names) of
     * <a href=http://www.ietf.org/rfc/rfc1510.txt>RFC 1510</a>.
     * The input name must be consistent with the provided name type.
     * (for example, <i>duke@FOO.COM</i>, is a valid input string for the
     * name type, KRB_NT_PRINCIPAL where <i>duke</i>
     * represents a principal, and <i>FOO.COM</i> represents a realm).

     * <p> If the input name does not contain a realm, the default realm
     * is used. The default realm can be specified either in a Kerberos
     * configuration file or via the java.security.krb5.realm
     * system property. For more information, see
     * <a href="../../../../../technotes/guides/security/jgss/tutorials/index.html">
     * Kerberos Requirements</a>.
     * 
     * @param name the principal name
     * @param nameType the name type of the principal 
     * @throws IllegalArgumentException if name is improperly
     * formatted, if name is null, if the nameType is not supported,  
     * or if name does not contain the realm to use and the default 
     * realm is not specified in either a Kerberos configuration 
     * file or via the java.security.krb5.realm system property.
     */

    public KerberosPrincipal(String name, int nameType) {

	PrincipalName krb5Principal = null;

	try {
	    // Appends the default realm if it is missing
	    krb5Principal  = new PrincipalName(name,nameType);
	} catch (KrbException e) {
	    throw new IllegalArgumentException(e.getMessage());
	}
	 
	this.nameType = nameType;
	fullName = krb5Principal.toString();
	realm = krb5Principal.getRealmString();
    }
    /**
     * Returns the realm component of this Kerberos principal.
     *
     * @return the realm component of this Kerberos principal.
     */
    public String getRealm() {
	return realm;
    }

    /**
     * Returns a hashcode for this principal. The hash code is defined to 
     * be the result of the following  calculation:
     * <pre><code>
     *  hashCode = getName().hashCode();
     * </code></pre>
     * 
     * @return a hashCode() for the <code>KerberosPrincipal</code>
     */
    public int hashCode() {
	return getName().hashCode();
    }

    /**
     * Compares the specified Object with this Principal for equality.
     * Returns true if the given object is also a 
     * <code>KerberosPrincipal</code> and the two
     * <code>KerberosPrincipal</code> instances are equivalent. 
     * More formally two <code>KerberosPrincipal</code> instances are equal 
     * if the values returned by <code>getName()</code> are equal and the 
     * values returned by <code>getNameType()</code> are equal.
     *
     * @param other the Object to compare to
     * @return true if the Object passed in represents the same principal
     * as this one, false otherwise.
     */
    public boolean equals(Object other) {

	if (other == this)
	    return true;

	if (! (other instanceof KerberosPrincipal)) {
	    return false;
	} else {
	    String myFullName = getName();
	    String otherFullName = ((KerberosPrincipal) other).getName();
	    if (nameType == ((KerberosPrincipal)other).nameType && 
		myFullName.equals(otherFullName)) {
		 return true;
	    }
	} 
	return false;
    }

    /**
     * Save the KerberosPrincipal object to a stream
     *
     * @serialData this <code>KerberosPrincipal</code> is serialized
     *		by writing out the PrincipalName and the
     *		realm in their DER-encoded form as specified in Section 5.2 of
     *		<a href=http://www.ietf.org/rfc/rfc1510.txt> RFC1510</a>. 
     */ 

    private void writeObject(ObjectOutputStream oos) 
	throws IOException {

	PrincipalName krb5Principal = null;
	try {
	    krb5Principal  = new PrincipalName(fullName,nameType);
	    oos.writeObject(krb5Principal.asn1Encode());
	    oos.writeObject(krb5Principal.getRealm().asn1Encode());
	} catch (Exception e) {
	    IOException ioe = new IOException(e.getMessage());
	    ioe.initCause(e);
	    throw ioe; 
	}
    }

    /**
     * Reads this object from a stream (i.e., deserializes it)
     */

    private void readObject(ObjectInputStream ois)
	 throws IOException, ClassNotFoundException {
	byte[] asn1EncPrincipal = (byte [])ois.readObject();
	byte[] encRealm = (byte [])ois.readObject();
	try {
	   PrincipalName krb5Principal = new PrincipalName(new 
						DerValue(asn1EncPrincipal));
	   realm = (new Realm(new DerValue(encRealm))).toString();
	   fullName = krb5Principal.toString() + NAME_REALM_SEPARATOR +
			 realm.toString(); 
	   nameType = krb5Principal.getNameType();
	} catch (Exception e) {
	    IOException ioe = new IOException(e.getMessage());
	    ioe.initCause(e);
	    throw ioe; 
	}
    }	
	
    /**
     * The returned string corresponds to the single-string
     * representation of a Kerberos Principal name as specified in
     * Section 2.1 of <a href=http://www.ietf.org/rfc/rfc1964.txt>RFC 1964</a>.
     *
     * @return the principal name.
     */
    public String getName() {
	return fullName;
    }

    /**
     * Returns the name type of the KerberosPrincipal. Valid name types
     * are specified in Section 7.2 of
     * <a href=http://www.ietf.org/rfc/rfc1510.txt> RFC1510</a>. 
     *
     * @return the name type.
     *
     */

    public int getNameType() {
	return nameType;
    }
    
    // Inherits javadocs from Object
    public String toString() {
	return getName();
    }
}

Generated By: JavaOnTracks Doclet 0.1.4     ©Thibaut Colar