You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@harmony.apache.org by te...@apache.org on 2006/03/30 23:34:28 UTC
svn commit: r390246 [9/15] - in /incubator/harmony/enhanced/classlib/trunk:
archive/modules/security/src/main/java/java/security/
modules/archive/src/main/java/java/util/jar/
modules/archive/src/test/java/tests/api/java/util/zip/
modules/beans/src/main...
Modified: incubator/harmony/enhanced/classlib/trunk/modules/security/src/common/javasrc/javax/security/auth/login/LoginContext.java
URL: http://svn.apache.org/viewcvs/incubator/harmony/enhanced/classlib/trunk/modules/security/src/common/javasrc/javax/security/auth/login/LoginContext.java?rev=390246&r1=390245&r2=390246&view=diff
==============================================================================
--- incubator/harmony/enhanced/classlib/trunk/modules/security/src/common/javasrc/javax/security/auth/login/LoginContext.java (original)
+++ incubator/harmony/enhanced/classlib/trunk/modules/security/src/common/javasrc/javax/security/auth/login/LoginContext.java Thu Mar 30 13:34:23 2006
@@ -1,571 +1,571 @@
-/*
- * Copyright 2005 The Apache Software Foundation or its licensors, as applicable.
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-/**
-* @author Alexander V. Astapchuk, Stepan M. Mishura
-* @version $Revision$
-*/
-
-package javax.security.auth.login;
-
-import java.io.IOException;
-import java.security.AccessController;
-import java.security.AccessControlContext;
-import java.security.PrivilegedExceptionAction;
-import java.security.PrivilegedActionException;
-
-import java.security.Security;
-import java.util.HashMap;
-import java.util.Map;
-
-import javax.security.auth.Subject;
-import javax.security.auth.callback.CallbackHandler;
-import javax.security.auth.callback.Callback;
-import javax.security.auth.callback.UnsupportedCallbackException;
-import javax.security.auth.spi.LoginModule;
-import javax.security.auth.AuthPermission;
-
-import javax.security.auth.login.AppConfigurationEntry.LoginModuleControlFlag;
-
-/**
- * @com.intel.drl.spec_ref
- */
-
-public class LoginContext {
-
- private static final String DEFAULT_CALLBACK_HANDLER_PROPERTY = "auth.login.defaultCallbackHandler";
-
- // Integer constants which serve as a replacement for
- // the corresponding LoginModuleControlFlag.* constants.
- // These integers are used later as index in the arrays - see
- // loginImpl() and logoutImpl() methods
- private static final int OPTIONAL = 0;
-
- private static final int REQUIRED = 1;
-
- private static final int REQUISITE = 2;
-
- private static final int SUFFICIENT = 3;
-
- // Subject to be used for this LoginContext's operations
- private Subject subject;
-
- // Shows whether the subject
- // was specified by user (true) or
- // was created by this LoginContext itself (false).
- private boolean userProvidedSubject;
-
- // Shows whether we use installed or user-provided Configuration
- private boolean userProvidedConfig;
-
- // An user's AccessControlContext, used when user specifies
- private AccessControlContext userContext;
-
- // Either a callback handler passed by the user or a wrapper for the
- // user's specified handler - see init() below.
- private CallbackHandler callbackHandler;
-
- // An array which keeps the instantiated and init()-ialized login
- // modules and their states
- private Module[] modules;
-
- // Stores a shared state
- private HashMap sharedState;
-
- // A context class loader used to load [mainly] LoginModules
- private ClassLoader contextClassLoader;
-
- // Shows overall status - whether this LoginContext was successfully logged
- private boolean loggedIn;
-
- /**
- * @com.intel.drl.spec_ref
- */
- public LoginContext(String name) throws LoginException {
- init(name, null, null, null);
- }
-
- /**
- * @com.intel.drl.spec_ref
- */
- public LoginContext(String name, CallbackHandler cbHandler)
- throws LoginException {
- if (cbHandler == null) {
- throw new LoginException("CallbackHandler can not be null");
- }
- init(name, null, cbHandler, null);
- }
-
- /**
- * @com.intel.drl.spec_ref
- */
- public LoginContext(String name, Subject subject) throws LoginException {
- if (subject == null) {
- throw new LoginException("Subject can not be null");
- }
- init(name, subject, null, null);
- }
-
- /**
- * @com.intel.drl.spec_ref
- */
- public LoginContext(String name, Subject subject, CallbackHandler cbHandler)
- throws LoginException {
- if (subject == null) {
- throw new LoginException("Subject can not be null");
- }
- if (cbHandler == null) {
- throw new LoginException("CallbackHandler can not be null");
- }
- init(name, subject, cbHandler, null);
- }
-
- /**
- * @com.intel.drl.spec_ref
- */
- public LoginContext(String name, Subject subject,
- CallbackHandler cbHandler, Configuration config)
- throws LoginException {
- init(name, subject, cbHandler, config);
- }
-
- // Does all the machinery needed for the initialization.
- private void init(String name, Subject subject,
- final CallbackHandler cbHandler, Configuration config)
- throws LoginException {
- //
- //
- //
- userProvidedSubject = (this.subject = subject) != null;
-
- //
- // Set config
- //
- if (name == null) {
- throw new LoginException("name can not be null");
- }
-
- if (config == null) {
- config = Configuration.getAccessibleConfiguration();
- } else {
- userProvidedConfig = true;
- }
-
- SecurityManager sm = System.getSecurityManager();
-
- if (sm != null && !userProvidedConfig) {
- sm
- .checkPermission(new AuthPermission("createLoginContext."
- + name));
- }
-
- AppConfigurationEntry[] entries = config.getAppConfigurationEntry(name);
- if (entries == null) {
- if (sm != null && !userProvidedConfig) {
- sm.checkPermission(new AuthPermission(
- "createLoginContext.other"));
- }
- entries = config.getAppConfigurationEntry("other");
- if (entries == null) {
- throw new LoginException("There is no \"" + name
- + "\" in Configuration or it's empty.");
- }
- }
-
- modules = new Module[entries.length];
- for (int i = 0; i < modules.length; i++) {
- modules[i] = new Module(entries[i]);
- }
- //
- // Set CallbackHandler and this.contextClassLoader
- //
-
- // as some of the operations to be executed (i.e. get*ClassLoader,
- // getProperty, class loading) are security-checked, then combine all
- // of them into a single doPrivileged() call.
- //
- try {
- AccessController.doPrivileged(new PrivilegedExceptionAction() {
- public Object run() throws Exception {
- // First, set the 'contextClassLoader'
- contextClassLoader = Thread.currentThread()
- .getContextClassLoader();
- if (contextClassLoader == null) {
- contextClassLoader = ClassLoader.getSystemClassLoader();
- }
- // then, checks whether the cbHandler is set
- if (cbHandler == null) {
- // well, let's try to find it
- String klassName = Security
- .getProperty(DEFAULT_CALLBACK_HANDLER_PROPERTY);
- if (klassName == null || klassName.length() == 0) {
- return null;
- }
- Class klass = Class.forName(klassName, true,
- contextClassLoader);
- callbackHandler = (CallbackHandler) klass.newInstance();
- } else {
- callbackHandler = cbHandler;
- }
- return null;
- }
- });
- } catch (PrivilegedActionException ex) {
- throw (LoginException) new LoginException(
- "Could not get default callback handler.").initCause(ex
- .getCause());
- }
-
- if (userProvidedConfig) {
- userContext = AccessController.getContext();
- } else if (callbackHandler != null) {
- userContext = AccessController.getContext();
- callbackHandler = new ContextedCallbackHandler(callbackHandler);
- }
- }
-
- /**
- * @com.intel.drl.spec_ref
- */
- public Subject getSubject() {
- if (userProvidedSubject || loggedIn) {
- return subject;
- }
- return null;
- }
-
- /**
- * @com.intel.drl.spec_ref
- */
- public void login() throws LoginException {
- PrivilegedExceptionAction action = new PrivilegedExceptionAction() {
- public Object run() throws LoginException {
- loginImpl();
- return null;
- }
- };
- try {
- if (userProvidedConfig) {
- AccessController.doPrivileged(action, userContext);
- } else {
- AccessController.doPrivileged(action);
- }
- } catch (PrivilegedActionException ex) {
- throw (LoginException) ex.getException();
- }
- }
-
- // The real implementation of login() method whose calls are wrapped into
- // appropriate doPrivileged calls in login().
- private void loginImpl() throws LoginException {
- if (loggedIn) {
- return;
- }
-
- if (subject == null) {
- subject = new Subject();
- }
-
- if (sharedState == null) {
- sharedState = new HashMap();
- }
-
- // PHASE 1: Calling login()-s
- Throwable firstProblem = null;
-
- int[] logged = new int[4];
- int[] total = new int[4];
-
- for (int i = 0; i < modules.length; i++) {
- try {
- // if a module fails during Class.forName(), then it breaks overall
- // attemp - see catch() below
- modules[i].create(subject, callbackHandler, sharedState);
-
- if (modules[i].module.login()) {
- ++total[modules[i].getFlag()];
- ++logged[modules[i].getFlag()];
- if (modules[i].getFlag() == SUFFICIENT) {
- break;
- }
- }
- } catch (Throwable ex) {
- if (firstProblem == null) {
- firstProblem = ex;
- }
- if (modules[i].klass == null) {
- // an exception occured during class lookup - overall
- // attempt must fail
- // a little trick: increase the REQUIRED's number - this
- // will look like a failed REQUIRED module later, so overall
- // attempt will fail
- ++total[REQUIRED];
- break;
- } else {
- ++total[modules[i].getFlag()];
- // something happened after the class was loaded
- if (modules[i].getFlag() == REQUISITE) {
- // ... and no need to walk down anymore
- break;
- }
- }
- }
- }
- // end of PHASE1,
-
- // Let's decide whether we have either overall success or a total failure
- boolean fail = true;
-
- // Note: 'failed[xxx]!=0' is not enough to check.
- // Use 'logged[xx] != total[xx]' instead.
- // This is because some modules might not be counted as 'failed' if
- // an exception occured during preload()/Class.forName()-ing.
- // But, such modules still get counted in the total[].
-
- //
- // if any REQ* module failed - then it's failure
- if (logged[REQUIRED] != total[REQUIRED]
- || logged[REQUISITE] != total[REQUISITE]) {
- // fail = true;
- } else {
- if (total[REQUIRED] == 0 && total[REQUISITE] == 0) {
- // neither REQUIRED nor REQUISITE was configured.
- // must have at least one SUFFICIENT or OPTIONAL
- if (logged[OPTIONAL] != 0 || logged[SUFFICIENT] != 0) {
- fail = false;
- }
- //else { fail = true; }
- } else {
- fail = false;
- }
- }
-
- int commited[] = new int[4];
- // clear it
- total[0] = total[1] = total[2] = total[3] = 0;
- if (!fail) {
- // PHASE 2:
- for (int i = 0; i < modules.length; i++) {
- if (modules[i].klass != null) {
- ++total[modules[i].getFlag()];
- try {
- modules[i].module.commit();
- ++commited[modules[i].getFlag()];
- } catch (Throwable ex) {
- if (firstProblem == null) {
- firstProblem = ex;
- }
- }
- }
- }
- }
-
- // need to decide once again
- fail = true;
- if (commited[REQUIRED] != total[REQUIRED]
- || commited[REQUISITE] != total[REQUISITE]) {
- //fail = true;
- } else {
- if (total[REQUIRED] == 0 && total[REQUISITE] == 0) {
- // neither REQUIRED nor REQUISITE was configured.
- // must have at least one SUFFICIENT or OPTIONAL
- if (commited[OPTIONAL] != 0 || commited[SUFFICIENT] != 0) {
- fail = false;
- } else {
- //fail = true;
- }
- } else {
- fail = false;
- }
- }
-
- if (fail) {
- // either login() or commit() failed. aborting...
- for (int i = 0; i < modules.length; i++) {
- try {
- modules[i].module.abort();
- } catch ( /*LoginException*/Throwable ex) {
- if (firstProblem == null) {
- firstProblem = ex;
- }
- }
- }
- if (firstProblem instanceof PrivilegedActionException
- && firstProblem.getCause() != null) {
- firstProblem = firstProblem.getCause();
- }
- if (firstProblem instanceof LoginException) {
- throw (LoginException) firstProblem;
- } else {
- throw (LoginException) new LoginException(
- "Login attempt failed.").initCause(firstProblem);
- }
- } else {
- loggedIn = true;
- }
- // return silently - we are logged in
- }
-
- /**
- * @com.intel.drl.spec_ref
- */
- public void logout() throws LoginException {
- PrivilegedExceptionAction action = new PrivilegedExceptionAction() {
- public Object run() throws LoginException {
- logoutImpl();
- return null;
- }
- };
- try {
- if (userProvidedConfig) {
- AccessController.doPrivileged(action, userContext);
- } else {
- AccessController.doPrivileged(action);
- }
- } catch (PrivilegedActionException ex) {
- throw (LoginException) ex.getException();
- }
- }
-
- // The real implementation of logout() method whose calls are wrapped into
- // appropriate doPrivileged calls in logout().
- private void logoutImpl() throws LoginException {
- if (subject == null) {
- throw new LoginException("This LoginContext is not logged.");
- }
- loggedIn = false;
- Throwable firstProblem = null;
- int total = 0;
- for (int i = 0; i < modules.length; i++) {
- try {
- modules[i].module.logout();
- ++total;
- } catch (Throwable ex) {
- if (firstProblem == null) {
- firstProblem = ex;
- }
- }
- }
- if (firstProblem != null || total == 0) {
- if (firstProblem instanceof PrivilegedActionException
- && firstProblem.getCause() != null) {
- firstProblem = firstProblem.getCause();
- }
- if (firstProblem instanceof LoginException) {
- throw (LoginException) firstProblem;
- } else {
- throw (LoginException) new LoginException(
- "Login attempt failed.").initCause(firstProblem);
- }
- }
- }
-
- // A class that servers as a wrapper for the CallbackHandler when we use
- // installed Configuration, but not a passed one. See API docs on the
- // LoginContext.<br>
- // Simply invokes the given handler with the given AccessControlContext.
- private class ContextedCallbackHandler implements CallbackHandler {
- CallbackHandler hiddenHandlerRef;
-
- ContextedCallbackHandler(CallbackHandler handler) {
- this.hiddenHandlerRef = handler;
- }
-
- public void handle(final Callback[] callbacks) throws IOException,
- UnsupportedCallbackException {
- try {
- AccessController.doPrivileged(new PrivilegedExceptionAction() {
- public Object run() throws IOException,
- UnsupportedCallbackException {
- hiddenHandlerRef.handle(callbacks);
- return null;
- }
- }, userContext);
- } catch (PrivilegedActionException ex) {
- if (ex.getCause() instanceof UnsupportedCallbackException) {
- throw (UnsupportedCallbackException) ex.getCause();
- }
- throw (IOException) ex.getCause();
- }
- }
- }
-
- // A private class that stores an instantiated LoginModule.
- private final class Module {
-
- // An initial info about the module to be used
- AppConfigurationEntry entry;
-
- // A mapping of LoginModuleControlFlag onto a simple int constant
- int flag;
-
- // The LoginModule intself
- LoginModule module;
-
- // A class of the module
- Class klass;
-
- Module(AppConfigurationEntry entry) {
- this.entry = entry;
- LoginModuleControlFlag flg = entry.getControlFlag();
- if (flg == LoginModuleControlFlag.OPTIONAL) {
- flag = OPTIONAL;
- } else if (flg == LoginModuleControlFlag.REQUISITE) {
- flag = REQUISITE;
- } else if (flg == LoginModuleControlFlag.SUFFICIENT) {
- flag = SUFFICIENT;
- } else {
- flag = REQUIRED;
- //if(flg!=LoginModuleControlFlag.REQUIRED) throw new Error()
- }
- }
-
- int getFlag() {
- return flag;
- }
-
- // Loads class of the LoginModule, instantiates it and then
- // calls initialize().
- void create(Subject subject, CallbackHandler callbackHandler,
- Map sharedState) throws LoginException {
- String klassName = entry.getLoginModuleName();
- if (klass == null) {
- try {
- klass = Class.forName(klassName, false, contextClassLoader);
- } catch (ClassNotFoundException ex) {
- throw (LoginException) new LoginException(
- "Could not load module " + klassName).initCause(ex);
- }
- }
-
- if (module == null) {
- try {
- module = (LoginModule) klass.newInstance();
- } catch (IllegalAccessException ex) {
- throw (LoginException) new LoginException(
- "Could not instantiate module " + klassName)
- .initCause(ex);
- } catch (InstantiationException ex) {
- throw (LoginException) new LoginException(
- "Could not instantiate module " + klassName)
- .initCause(ex);
- }
- module.initialize(subject, callbackHandler, sharedState, entry
- .getOptions());
- }
- }
- }
+/*
+ * Copyright 2005 The Apache Software Foundation or its licensors, as applicable.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+/**
+* @author Alexander V. Astapchuk, Stepan M. Mishura
+* @version $Revision$
+*/
+
+package javax.security.auth.login;
+
+import java.io.IOException;
+import java.security.AccessController;
+import java.security.AccessControlContext;
+import java.security.PrivilegedExceptionAction;
+import java.security.PrivilegedActionException;
+
+import java.security.Security;
+import java.util.HashMap;
+import java.util.Map;
+
+import javax.security.auth.Subject;
+import javax.security.auth.callback.CallbackHandler;
+import javax.security.auth.callback.Callback;
+import javax.security.auth.callback.UnsupportedCallbackException;
+import javax.security.auth.spi.LoginModule;
+import javax.security.auth.AuthPermission;
+
+import javax.security.auth.login.AppConfigurationEntry.LoginModuleControlFlag;
+
+/**
+ * @com.intel.drl.spec_ref
+ */
+
+public class LoginContext {
+
+ private static final String DEFAULT_CALLBACK_HANDLER_PROPERTY = "auth.login.defaultCallbackHandler";
+
+ // Integer constants which serve as a replacement for
+ // the corresponding LoginModuleControlFlag.* constants.
+ // These integers are used later as index in the arrays - see
+ // loginImpl() and logoutImpl() methods
+ private static final int OPTIONAL = 0;
+
+ private static final int REQUIRED = 1;
+
+ private static final int REQUISITE = 2;
+
+ private static final int SUFFICIENT = 3;
+
+ // Subject to be used for this LoginContext's operations
+ private Subject subject;
+
+ // Shows whether the subject
+ // was specified by user (true) or
+ // was created by this LoginContext itself (false).
+ private boolean userProvidedSubject;
+
+ // Shows whether we use installed or user-provided Configuration
+ private boolean userProvidedConfig;
+
+ // An user's AccessControlContext, used when user specifies
+ private AccessControlContext userContext;
+
+ // Either a callback handler passed by the user or a wrapper for the
+ // user's specified handler - see init() below.
+ private CallbackHandler callbackHandler;
+
+ // An array which keeps the instantiated and init()-ialized login
+ // modules and their states
+ private Module[] modules;
+
+ // Stores a shared state
+ private HashMap sharedState;
+
+ // A context class loader used to load [mainly] LoginModules
+ private ClassLoader contextClassLoader;
+
+ // Shows overall status - whether this LoginContext was successfully logged
+ private boolean loggedIn;
+
+ /**
+ * @com.intel.drl.spec_ref
+ */
+ public LoginContext(String name) throws LoginException {
+ init(name, null, null, null);
+ }
+
+ /**
+ * @com.intel.drl.spec_ref
+ */
+ public LoginContext(String name, CallbackHandler cbHandler)
+ throws LoginException {
+ if (cbHandler == null) {
+ throw new LoginException("CallbackHandler can not be null");
+ }
+ init(name, null, cbHandler, null);
+ }
+
+ /**
+ * @com.intel.drl.spec_ref
+ */
+ public LoginContext(String name, Subject subject) throws LoginException {
+ if (subject == null) {
+ throw new LoginException("Subject can not be null");
+ }
+ init(name, subject, null, null);
+ }
+
+ /**
+ * @com.intel.drl.spec_ref
+ */
+ public LoginContext(String name, Subject subject, CallbackHandler cbHandler)
+ throws LoginException {
+ if (subject == null) {
+ throw new LoginException("Subject can not be null");
+ }
+ if (cbHandler == null) {
+ throw new LoginException("CallbackHandler can not be null");
+ }
+ init(name, subject, cbHandler, null);
+ }
+
+ /**
+ * @com.intel.drl.spec_ref
+ */
+ public LoginContext(String name, Subject subject,
+ CallbackHandler cbHandler, Configuration config)
+ throws LoginException {
+ init(name, subject, cbHandler, config);
+ }
+
+ // Does all the machinery needed for the initialization.
+ private void init(String name, Subject subject,
+ final CallbackHandler cbHandler, Configuration config)
+ throws LoginException {
+ //
+ //
+ //
+ userProvidedSubject = (this.subject = subject) != null;
+
+ //
+ // Set config
+ //
+ if (name == null) {
+ throw new LoginException("name can not be null");
+ }
+
+ if (config == null) {
+ config = Configuration.getAccessibleConfiguration();
+ } else {
+ userProvidedConfig = true;
+ }
+
+ SecurityManager sm = System.getSecurityManager();
+
+ if (sm != null && !userProvidedConfig) {
+ sm
+ .checkPermission(new AuthPermission("createLoginContext."
+ + name));
+ }
+
+ AppConfigurationEntry[] entries = config.getAppConfigurationEntry(name);
+ if (entries == null) {
+ if (sm != null && !userProvidedConfig) {
+ sm.checkPermission(new AuthPermission(
+ "createLoginContext.other"));
+ }
+ entries = config.getAppConfigurationEntry("other");
+ if (entries == null) {
+ throw new LoginException("There is no \"" + name
+ + "\" in Configuration or it's empty.");
+ }
+ }
+
+ modules = new Module[entries.length];
+ for (int i = 0; i < modules.length; i++) {
+ modules[i] = new Module(entries[i]);
+ }
+ //
+ // Set CallbackHandler and this.contextClassLoader
+ //
+
+ // as some of the operations to be executed (i.e. get*ClassLoader,
+ // getProperty, class loading) are security-checked, then combine all
+ // of them into a single doPrivileged() call.
+ //
+ try {
+ AccessController.doPrivileged(new PrivilegedExceptionAction() {
+ public Object run() throws Exception {
+ // First, set the 'contextClassLoader'
+ contextClassLoader = Thread.currentThread()
+ .getContextClassLoader();
+ if (contextClassLoader == null) {
+ contextClassLoader = ClassLoader.getSystemClassLoader();
+ }
+ // then, checks whether the cbHandler is set
+ if (cbHandler == null) {
+ // well, let's try to find it
+ String klassName = Security
+ .getProperty(DEFAULT_CALLBACK_HANDLER_PROPERTY);
+ if (klassName == null || klassName.length() == 0) {
+ return null;
+ }
+ Class klass = Class.forName(klassName, true,
+ contextClassLoader);
+ callbackHandler = (CallbackHandler) klass.newInstance();
+ } else {
+ callbackHandler = cbHandler;
+ }
+ return null;
+ }
+ });
+ } catch (PrivilegedActionException ex) {
+ throw (LoginException) new LoginException(
+ "Could not get default callback handler.").initCause(ex
+ .getCause());
+ }
+
+ if (userProvidedConfig) {
+ userContext = AccessController.getContext();
+ } else if (callbackHandler != null) {
+ userContext = AccessController.getContext();
+ callbackHandler = new ContextedCallbackHandler(callbackHandler);
+ }
+ }
+
+ /**
+ * @com.intel.drl.spec_ref
+ */
+ public Subject getSubject() {
+ if (userProvidedSubject || loggedIn) {
+ return subject;
+ }
+ return null;
+ }
+
+ /**
+ * @com.intel.drl.spec_ref
+ */
+ public void login() throws LoginException {
+ PrivilegedExceptionAction action = new PrivilegedExceptionAction() {
+ public Object run() throws LoginException {
+ loginImpl();
+ return null;
+ }
+ };
+ try {
+ if (userProvidedConfig) {
+ AccessController.doPrivileged(action, userContext);
+ } else {
+ AccessController.doPrivileged(action);
+ }
+ } catch (PrivilegedActionException ex) {
+ throw (LoginException) ex.getException();
+ }
+ }
+
+ // The real implementation of login() method whose calls are wrapped into
+ // appropriate doPrivileged calls in login().
+ private void loginImpl() throws LoginException {
+ if (loggedIn) {
+ return;
+ }
+
+ if (subject == null) {
+ subject = new Subject();
+ }
+
+ if (sharedState == null) {
+ sharedState = new HashMap();
+ }
+
+ // PHASE 1: Calling login()-s
+ Throwable firstProblem = null;
+
+ int[] logged = new int[4];
+ int[] total = new int[4];
+
+ for (int i = 0; i < modules.length; i++) {
+ try {
+ // if a module fails during Class.forName(), then it breaks overall
+ // attempt - see catch() below
+ modules[i].create(subject, callbackHandler, sharedState);
+
+ if (modules[i].module.login()) {
+ ++total[modules[i].getFlag()];
+ ++logged[modules[i].getFlag()];
+ if (modules[i].getFlag() == SUFFICIENT) {
+ break;
+ }
+ }
+ } catch (Throwable ex) {
+ if (firstProblem == null) {
+ firstProblem = ex;
+ }
+ if (modules[i].klass == null) {
+ // an exception occured during class lookup - overall
+ // attempt must fail
+ // a little trick: increase the REQUIRED's number - this
+ // will look like a failed REQUIRED module later, so overall
+ // attempt will fail
+ ++total[REQUIRED];
+ break;
+ } else {
+ ++total[modules[i].getFlag()];
+ // something happened after the class was loaded
+ if (modules[i].getFlag() == REQUISITE) {
+ // ... and no need to walk down anymore
+ break;
+ }
+ }
+ }
+ }
+ // end of PHASE1,
+
+ // Let's decide whether we have either overall success or a total failure
+ boolean fail = true;
+
+ // Note: 'failed[xxx]!=0' is not enough to check.
+ // Use 'logged[xx] != total[xx]' instead.
+ // This is because some modules might not be counted as 'failed' if
+ // an exception occured during preload()/Class.forName()-ing.
+ // But, such modules still get counted in the total[].
+
+ //
+ // if any REQ* module failed - then it's failure
+ if (logged[REQUIRED] != total[REQUIRED]
+ || logged[REQUISITE] != total[REQUISITE]) {
+ // fail = true;
+ } else {
+ if (total[REQUIRED] == 0 && total[REQUISITE] == 0) {
+ // neither REQUIRED nor REQUISITE was configured.
+ // must have at least one SUFFICIENT or OPTIONAL
+ if (logged[OPTIONAL] != 0 || logged[SUFFICIENT] != 0) {
+ fail = false;
+ }
+ //else { fail = true; }
+ } else {
+ fail = false;
+ }
+ }
+
+ int commited[] = new int[4];
+ // clear it
+ total[0] = total[1] = total[2] = total[3] = 0;
+ if (!fail) {
+ // PHASE 2:
+ for (int i = 0; i < modules.length; i++) {
+ if (modules[i].klass != null) {
+ ++total[modules[i].getFlag()];
+ try {
+ modules[i].module.commit();
+ ++commited[modules[i].getFlag()];
+ } catch (Throwable ex) {
+ if (firstProblem == null) {
+ firstProblem = ex;
+ }
+ }
+ }
+ }
+ }
+
+ // need to decide once again
+ fail = true;
+ if (commited[REQUIRED] != total[REQUIRED]
+ || commited[REQUISITE] != total[REQUISITE]) {
+ //fail = true;
+ } else {
+ if (total[REQUIRED] == 0 && total[REQUISITE] == 0) {
+ // neither REQUIRED nor REQUISITE was configured.
+ // must have at least one SUFFICIENT or OPTIONAL
+ if (commited[OPTIONAL] != 0 || commited[SUFFICIENT] != 0) {
+ fail = false;
+ } else {
+ //fail = true;
+ }
+ } else {
+ fail = false;
+ }
+ }
+
+ if (fail) {
+ // either login() or commit() failed. aborting...
+ for (int i = 0; i < modules.length; i++) {
+ try {
+ modules[i].module.abort();
+ } catch ( /*LoginException*/Throwable ex) {
+ if (firstProblem == null) {
+ firstProblem = ex;
+ }
+ }
+ }
+ if (firstProblem instanceof PrivilegedActionException
+ && firstProblem.getCause() != null) {
+ firstProblem = firstProblem.getCause();
+ }
+ if (firstProblem instanceof LoginException) {
+ throw (LoginException) firstProblem;
+ } else {
+ throw (LoginException) new LoginException(
+ "Login attempt failed.").initCause(firstProblem);
+ }
+ } else {
+ loggedIn = true;
+ }
+ // return silently - we are logged in
+ }
+
+ /**
+ * @com.intel.drl.spec_ref
+ */
+ public void logout() throws LoginException {
+ PrivilegedExceptionAction action = new PrivilegedExceptionAction() {
+ public Object run() throws LoginException {
+ logoutImpl();
+ return null;
+ }
+ };
+ try {
+ if (userProvidedConfig) {
+ AccessController.doPrivileged(action, userContext);
+ } else {
+ AccessController.doPrivileged(action);
+ }
+ } catch (PrivilegedActionException ex) {
+ throw (LoginException) ex.getException();
+ }
+ }
+
+ // The real implementation of logout() method whose calls are wrapped into
+ // appropriate doPrivileged calls in logout().
+ private void logoutImpl() throws LoginException {
+ if (subject == null) {
+ throw new LoginException("This LoginContext is not logged.");
+ }
+ loggedIn = false;
+ Throwable firstProblem = null;
+ int total = 0;
+ for (int i = 0; i < modules.length; i++) {
+ try {
+ modules[i].module.logout();
+ ++total;
+ } catch (Throwable ex) {
+ if (firstProblem == null) {
+ firstProblem = ex;
+ }
+ }
+ }
+ if (firstProblem != null || total == 0) {
+ if (firstProblem instanceof PrivilegedActionException
+ && firstProblem.getCause() != null) {
+ firstProblem = firstProblem.getCause();
+ }
+ if (firstProblem instanceof LoginException) {
+ throw (LoginException) firstProblem;
+ } else {
+ throw (LoginException) new LoginException(
+ "Login attempt failed.").initCause(firstProblem);
+ }
+ }
+ }
+
+ // A class that servers as a wrapper for the CallbackHandler when we use
+ // installed Configuration, but not a passed one. See API docs on the
+ // LoginContext.<br>
+ // Simply invokes the given handler with the given AccessControlContext.
+ private class ContextedCallbackHandler implements CallbackHandler {
+ CallbackHandler hiddenHandlerRef;
+
+ ContextedCallbackHandler(CallbackHandler handler) {
+ this.hiddenHandlerRef = handler;
+ }
+
+ public void handle(final Callback[] callbacks) throws IOException,
+ UnsupportedCallbackException {
+ try {
+ AccessController.doPrivileged(new PrivilegedExceptionAction() {
+ public Object run() throws IOException,
+ UnsupportedCallbackException {
+ hiddenHandlerRef.handle(callbacks);
+ return null;
+ }
+ }, userContext);
+ } catch (PrivilegedActionException ex) {
+ if (ex.getCause() instanceof UnsupportedCallbackException) {
+ throw (UnsupportedCallbackException) ex.getCause();
+ }
+ throw (IOException) ex.getCause();
+ }
+ }
+ }
+
+ // A private class that stores an instantiated LoginModule.
+ private final class Module {
+
+ // An initial info about the module to be used
+ AppConfigurationEntry entry;
+
+ // A mapping of LoginModuleControlFlag onto a simple int constant
+ int flag;
+
+ // The LoginModule intself
+ LoginModule module;
+
+ // A class of the module
+ Class klass;
+
+ Module(AppConfigurationEntry entry) {
+ this.entry = entry;
+ LoginModuleControlFlag flg = entry.getControlFlag();
+ if (flg == LoginModuleControlFlag.OPTIONAL) {
+ flag = OPTIONAL;
+ } else if (flg == LoginModuleControlFlag.REQUISITE) {
+ flag = REQUISITE;
+ } else if (flg == LoginModuleControlFlag.SUFFICIENT) {
+ flag = SUFFICIENT;
+ } else {
+ flag = REQUIRED;
+ //if(flg!=LoginModuleControlFlag.REQUIRED) throw new Error()
+ }
+ }
+
+ int getFlag() {
+ return flag;
+ }
+
+ // Loads class of the LoginModule, instantiates it and then
+ // calls initialize().
+ void create(Subject subject, CallbackHandler callbackHandler,
+ Map sharedState) throws LoginException {
+ String klassName = entry.getLoginModuleName();
+ if (klass == null) {
+ try {
+ klass = Class.forName(klassName, false, contextClassLoader);
+ } catch (ClassNotFoundException ex) {
+ throw (LoginException) new LoginException(
+ "Could not load module " + klassName).initCause(ex);
+ }
+ }
+
+ if (module == null) {
+ try {
+ module = (LoginModule) klass.newInstance();
+ } catch (IllegalAccessException ex) {
+ throw (LoginException) new LoginException(
+ "Could not instantiate module " + klassName)
+ .initCause(ex);
+ } catch (InstantiationException ex) {
+ throw (LoginException) new LoginException(
+ "Could not instantiate module " + klassName)
+ .initCause(ex);
+ }
+ module.initialize(subject, callbackHandler, sharedState, entry
+ .getOptions());
+ }
+ }
+ }
}
Modified: incubator/harmony/enhanced/classlib/trunk/modules/security/src/common/javasrc/org/apache/harmony/security/fortress/Services.java
URL: http://svn.apache.org/viewcvs/incubator/harmony/enhanced/classlib/trunk/modules/security/src/common/javasrc/org/apache/harmony/security/fortress/Services.java?rev=390246&r1=390245&r2=390246&view=diff
==============================================================================
--- incubator/harmony/enhanced/classlib/trunk/modules/security/src/common/javasrc/org/apache/harmony/security/fortress/Services.java (original)
+++ incubator/harmony/enhanced/classlib/trunk/modules/security/src/common/javasrc/org/apache/harmony/security/fortress/Services.java Thu Mar 30 13:34:23 2006
@@ -1,248 +1,248 @@
-/*
- * Copyright 2005 The Apache Software Foundation or its licensors, as applicable.
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-/**
-* @author Boris V. Kuznetsov
-* @version $Revision$
-*/
-
-package org.apache.harmony.security.fortress;
-
-import java.security.AccessController;
-import java.security.Provider;
-import java.security.Security;
-import java.util.ArrayList;
-import java.util.HashMap;
-import java.util.Iterator;
-
-
-/**
- * This class contains information about all registered providers and preferred
- * implementations for all "serviceName.algName".
- *
- */
-
-public class Services {
-
- // The HashMap that contains information about preferred implementations for
- // all serviceName.algName in the registered providers
- private static HashMap services = new HashMap(512);
-
- // Need refresh flag
- private static boolean needRefresh; // = false;
-
- /**
- * Refresh number
- */
- public static int refreshNumber = 1;
-
- // Registered providers
- private static ArrayList providers = new ArrayList(20);
-
- // Hash for quick provider access by name
- private static HashMap providersNames = new HashMap(20);
-
- static {
- AccessController.doPrivileged(new java.security.PrivilegedAction() {
- public Object run() {
- loadProviders();
- return null;
- }
- });
- }
-
- // Load staticaly registered providers and init Services Info
- private static void loadProviders() {
- String providerClassName = null;
- int i = 1;
- ClassLoader cl = ClassLoader.getSystemClassLoader();
- Provider p;
-
- while ((providerClassName = Security.getProperty("security.provider."
- + i++)) != null) {
- try {
- p = (Provider) Class
- .forName(providerClassName.trim(), true, cl)
- .newInstance();
- providers.add(p);
- providersNames.put(p.getName(), p);
- initServiceInfo(p);
- } catch (Exception e) { // ignore
- }
- }
- Engine.door.renumProviders();
- }
-
- /**
- * Returns registered providers
- *
- * @return
- */
- public static Provider[] getProviders() {
- return (Provider[]) providers.toArray(new Provider[providers.size()]);
- }
-
- /**
- * Returns registered providers as List
- *
- * @return
- */
- public static java.util.List getProvidersList() {
- return new ArrayList(providers);
- }
-
- /**
- * Returns the provider with the specified name
- *
- * @param name
- * @return
- */
- public static Provider getProvider(String name) {
- Provider p;
- if (name == null) {
- return null;
- }
- return (Provider) providersNames.get(name);
- }
-
- /**
- * Insertrs a proveder at a specified position
- *
- * @param provider
- * @param position
- * @return
- */
- public static int insertProviderAt(Provider provider, int position) {
- int size = providers.size();
- if ((position < 1) || (position > size)) {
- position = size + 1;
- }
- providers.add(position - 1, provider);
- providersNames.put(provider.getName(), provider);
- setNeedRefresh();
- return position;
- }
-
- /**
- * Removes the provider
- *
- * @param providerNumber
- */
- public static void removeProvider(int providerNumber) {
- Provider p = (Provider) providers.remove(providerNumber - 1);
- providersNames.remove(p.getName());
- setNeedRefresh();
- }
-
- /**
- *
- * Adds information about provider services into HashMap.
- *
- * @param p
- */
- public static void initServiceInfo(Provider p) {
- Provider.Service serv;
- String key;
- String type;
- String alias;
- StringBuffer sb = new StringBuffer(128);
-
- for (Iterator it1 = p.getServices().iterator(); it1.hasNext();) {
- serv = (Provider.Service) it1.next();
- type = serv.getType();
- sb.delete(0, sb.length());
- key = sb.append(type).append(".").append(
- serv.getAlgorithm().toUpperCase()).toString();
- if (!services.containsKey(key)) {
- services.put(key, serv);
- }
- for (Iterator it2 = Engine.door.getAliases(serv); it2.hasNext();) {
- alias = (String) it2.next();
- sb.delete(0, sb.length());
- key = sb.append(type).append(".").append(alias.toUpperCase())
- .toString();
- if (!services.containsKey(key)) {
- services.put(key, serv);
- }
- }
- }
- }
-
- /**
- *
- * Updates services hashtable for all registerd providers
- *
- */
- public static void updateServiceInfo() {
- services.clear();
- for (Iterator it = providers.iterator(); it.hasNext();) {
- initServiceInfo((Provider) it.next());
- }
- needRefresh = false;
- }
-
- /**
- * Returns true if sevices contain any provider information
- * @return
- */
- public static boolean isEmpty() {
- return services.isEmpty();
- }
-
- /**
- *
- * Returns service description.
- * Call refresh() befor.
- *
- * @param key
- * @return
- */
- public static Provider.Service getService(String key) {
- return (Provider.Service) services.get(key);
- }
-
- /**
- * Prints Services content
- */
- // FIXME remove debug function
- public static void printServices() {
- refresh();
- java.util.Set s = services.keySet();
- for (java.util.Iterator i = s.iterator(); i.hasNext();) {
- Object key = i.next();
- System.out.println(key + "=" + services.get(key));
- }
- }
-
- /**
- * Set flag needRefresh
- *
- */
- public static void setNeedRefresh() {
- needRefresh = true;
- }
-
- /**
- * Refresh services info
- *
- */
- public static void refresh() {
- if (needRefresh) {
- refreshNumber++;
- updateServiceInfo();
- }
- }
+/*
+ * Copyright 2005 The Apache Software Foundation or its licensors, as applicable.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+/**
+* @author Boris V. Kuznetsov
+* @version $Revision$
+*/
+
+package org.apache.harmony.security.fortress;
+
+import java.security.AccessController;
+import java.security.Provider;
+import java.security.Security;
+import java.util.ArrayList;
+import java.util.HashMap;
+import java.util.Iterator;
+
+
+/**
+ * This class contains information about all registered providers and preferred
+ * implementations for all "serviceName.algName".
+ *
+ */
+
+public class Services {
+
+ // The HashMap that contains information about preferred implementations for
+ // all serviceName.algName in the registered providers
+ private static HashMap services = new HashMap(512);
+
+ // Need refresh flag
+ private static boolean needRefresh; // = false;
+
+ /**
+ * Refresh number
+ */
+ public static int refreshNumber = 1;
+
+ // Registered providers
+ private static ArrayList providers = new ArrayList(20);
+
+ // Hash for quick provider access by name
+ private static HashMap providersNames = new HashMap(20);
+
+ static {
+ AccessController.doPrivileged(new java.security.PrivilegedAction() {
+ public Object run() {
+ loadProviders();
+ return null;
+ }
+ });
+ }
+
+ // Load staticaly registered providers and init Services Info
+ private static void loadProviders() {
+ String providerClassName = null;
+ int i = 1;
+ ClassLoader cl = ClassLoader.getSystemClassLoader();
+ Provider p;
+
+ while ((providerClassName = Security.getProperty("security.provider."
+ + i++)) != null) {
+ try {
+ p = (Provider) Class
+ .forName(providerClassName.trim(), true, cl)
+ .newInstance();
+ providers.add(p);
+ providersNames.put(p.getName(), p);
+ initServiceInfo(p);
+ } catch (Exception e) { // ignore
+ }
+ }
+ Engine.door.renumProviders();
+ }
+
+ /**
+ * Returns registered providers
+ *
+ * @return
+ */
+ public static Provider[] getProviders() {
+ return (Provider[]) providers.toArray(new Provider[providers.size()]);
+ }
+
+ /**
+ * Returns registered providers as List
+ *
+ * @return
+ */
+ public static java.util.List getProvidersList() {
+ return new ArrayList(providers);
+ }
+
+ /**
+ * Returns the provider with the specified name
+ *
+ * @param name
+ * @return
+ */
+ public static Provider getProvider(String name) {
+ Provider p;
+ if (name == null) {
+ return null;
+ }
+ return (Provider) providersNames.get(name);
+ }
+
+ /**
+ * Inserts a provider at a specified position
+ *
+ * @param provider
+ * @param position
+ * @return
+ */
+ public static int insertProviderAt(Provider provider, int position) {
+ int size = providers.size();
+ if ((position < 1) || (position > size)) {
+ position = size + 1;
+ }
+ providers.add(position - 1, provider);
+ providersNames.put(provider.getName(), provider);
+ setNeedRefresh();
+ return position;
+ }
+
+ /**
+ * Removes the provider
+ *
+ * @param providerNumber
+ */
+ public static void removeProvider(int providerNumber) {
+ Provider p = (Provider) providers.remove(providerNumber - 1);
+ providersNames.remove(p.getName());
+ setNeedRefresh();
+ }
+
+ /**
+ *
+ * Adds information about provider services into HashMap.
+ *
+ * @param p
+ */
+ public static void initServiceInfo(Provider p) {
+ Provider.Service serv;
+ String key;
+ String type;
+ String alias;
+ StringBuffer sb = new StringBuffer(128);
+
+ for (Iterator it1 = p.getServices().iterator(); it1.hasNext();) {
+ serv = (Provider.Service) it1.next();
+ type = serv.getType();
+ sb.delete(0, sb.length());
+ key = sb.append(type).append(".").append(
+ serv.getAlgorithm().toUpperCase()).toString();
+ if (!services.containsKey(key)) {
+ services.put(key, serv);
+ }
+ for (Iterator it2 = Engine.door.getAliases(serv); it2.hasNext();) {
+ alias = (String) it2.next();
+ sb.delete(0, sb.length());
+ key = sb.append(type).append(".").append(alias.toUpperCase())
+ .toString();
+ if (!services.containsKey(key)) {
+ services.put(key, serv);
+ }
+ }
+ }
+ }
+
+ /**
+ *
+ * Updates services hashtable for all registerd providers
+ *
+ */
+ public static void updateServiceInfo() {
+ services.clear();
+ for (Iterator it = providers.iterator(); it.hasNext();) {
+ initServiceInfo((Provider) it.next());
+ }
+ needRefresh = false;
+ }
+
+ /**
+ * Returns true if sevices contain any provider information
+ * @return
+ */
+ public static boolean isEmpty() {
+ return services.isEmpty();
+ }
+
+ /**
+ *
+ * Returns service description.
+ * Call refresh() befor.
+ *
+ * @param key
+ * @return
+ */
+ public static Provider.Service getService(String key) {
+ return (Provider.Service) services.get(key);
+ }
+
+ /**
+ * Prints Services content
+ */
+ // FIXME remove debug function
+ public static void printServices() {
+ refresh();
+ java.util.Set s = services.keySet();
+ for (java.util.Iterator i = s.iterator(); i.hasNext();) {
+ Object key = i.next();
+ System.out.println(key + "=" + services.get(key));
+ }
+ }
+
+ /**
+ * Set flag needRefresh
+ *
+ */
+ public static void setNeedRefresh() {
+ needRefresh = true;
+ }
+
+ /**
+ * Refresh services info
+ *
+ */
+ public static void refresh() {
+ if (needRefresh) {
+ refreshNumber++;
+ updateServiceInfo();
+ }
+ }
}
Modified: incubator/harmony/enhanced/classlib/trunk/modules/security/src/common/javasrc/org/apache/harmony/security/x509/GeneralSubtree.java
URL: http://svn.apache.org/viewcvs/incubator/harmony/enhanced/classlib/trunk/modules/security/src/common/javasrc/org/apache/harmony/security/x509/GeneralSubtree.java?rev=390246&r1=390245&r2=390246&view=diff
==============================================================================
--- incubator/harmony/enhanced/classlib/trunk/modules/security/src/common/javasrc/org/apache/harmony/security/x509/GeneralSubtree.java (original)
+++ incubator/harmony/enhanced/classlib/trunk/modules/security/src/common/javasrc/org/apache/harmony/security/x509/GeneralSubtree.java Thu Mar 30 13:34:23 2006
@@ -1,179 +1,179 @@
-/*
- * Copyright 2005 The Apache Software Foundation or its licensors, as applicable.
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-/**
-* @author Vladimir N. Molotkov, Alexander Y. Kleymenov
-* @version $Revision$
-*/
-
-package org.apache.harmony.security.x509;
-
-import org.apache.harmony.security.asn1.ASN1Implicit;
-import org.apache.harmony.security.asn1.ASN1Integer;
-import org.apache.harmony.security.asn1.ASN1Sequence;
-import org.apache.harmony.security.asn1.ASN1Type;
-import org.apache.harmony.security.asn1.BerInputStream;
-
-import org.apache.harmony.security.asn1.*;
-
-/**
- * The class incapsulates the ASN.1 DER encoding/decoding work
- * with the GeneralSubtree structure which is a part of X.509 certificate:
- * (as specified in RFC 3280 -
- * Internet X.509 Public Key Infrastructure.
- * Certificate and Certificate Revocation List (CRL) Profile.
- * http://www.ietf.org/rfc/rfc3280.txt):
- *
- * <pre>
- *
- * GeneralSubtree ::= SEQUENCE {
- * base GeneralName,
- * minimum [0] BaseDistance DEFAULT 0,
- * maximum [1] BaseDistance OPTIONAL }
- *
- * BaseDistance ::= INTEGER (0..MAX)
- *
- * </pre>
- *
- * @see org.apache.harmony.security.x509.NameConstraints
- * @see org.apache.harmony.security.x509.GeneralName
- */
-public class GeneralSubtree {
-
- // the value of base field of the structure
- private final GeneralName base;
- // the value of minimum field of the structure
- private final int minimum;
- // the value of maximum field of the structure
- private final int maximum;
- // the ASN.1 encoded form of GeneralSubtree
- private byte[] encoding;
-
- /**
- * TODO
- * @param base: GeneralName
- */
- public GeneralSubtree(GeneralName base) {
- this(base, 0, -1);
- }
-
- /**
- * TODO
- * @param base: GeneralName
- * @param minimum: int
- */
- public GeneralSubtree(GeneralName base, int minimum) {
- this(base, minimum, -1);
- }
-
- /**
- * TODO
- * @param base: GeneralName
- * @param minimum: int
- * @param maximum: int
- */
- public GeneralSubtree(GeneralName base, int minimum, int maximum) {
- this.base = base;
- this.minimum = minimum;
- this.maximum = maximum;
- }
-
- //
- // TODO
- // @param base: GeneralName
- // @param minimum: int
- // @param maximum: int
- // @param encoding: byte[]
- //
- private GeneralSubtree(GeneralName base, int minimum, int maximum,
- byte[] encoding) {
- this.base = base;
- this.minimum = minimum;
- this.maximum = maximum;
- this.encoding = new byte[encoding.length];
- System.arraycopy(encoding, 0, this.encoding, 0, encoding.length);
- }
-
- /**
- * Returns the value of base field of the structure.
- * @return base
- */
- public GeneralName getBase() {
- return base;
- }
-
- /**
- * Returns the value of maximum field of the structure.
- * @return maximum
- */
- public int getMaximum() {
- return maximum;
- }
-
- /**
- * Returns the value of minimum field of the structure.
- * @return minimum
- */
- public int getMinimum() {
- return minimum;
- }
-
- /**
- * Returns ASN.1 encoded form of this X.509 GeneralSubtree value.
- * @return a byte array containing ASN.1 encode form.
- */
- public byte[] getEncoded() {
- if (encoding == null) {
- encoding = ASN1.encode(this);
- }
- return encoding;
- }
-
- /**
- * ASN.1 DER X.509 GeneralSubtree encoder/decoder class.
- */
- public static final ASN1Sequence ASN1 = new ASN1Sequence(new ASN1Type[] {
- GeneralName.ASN1,
- new ASN1Implicit(0, ASN1Integer.getInstance()),
- new ASN1Implicit(1, ASN1Integer.getInstance()) }) {
- {
- setDefault(new byte[] {0}, 1); // minimum 0
- setOptional(2); // maximun optional
- }
-
- protected Object getDecodedObject(BerInputStream in) {
- Object[] values = (Object[]) in.content;
- int maximum = -1; // is optional maximum missing?
- if (values[2] != null) {
- maximum = ASN1Integer.toIntValue((byte[]) values[2]); // no!
- }
- return new GeneralSubtree((GeneralName) values[0],
- ASN1Integer.toIntValue((byte[]) values[1]),
- maximum);
- }
-
- protected void getValues(Object object, Object[] values) {
-
- GeneralSubtree gs = (GeneralSubtree) object;
-
- values[0] = gs.base;
- values[1] = ASN1Integer.fromIntValue(gs.minimum);
- if (gs.maximum > -1) {
- values[2] = ASN1Integer.fromIntValue(gs.maximum);
- }
- }
- };
-}
+/*
+ * Copyright 2005 The Apache Software Foundation or its licensors, as applicable.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+/**
+* @author Vladimir N. Molotkov, Alexander Y. Kleymenov
+* @version $Revision$
+*/
+
+package org.apache.harmony.security.x509;
+
+import org.apache.harmony.security.asn1.ASN1Implicit;
+import org.apache.harmony.security.asn1.ASN1Integer;
+import org.apache.harmony.security.asn1.ASN1Sequence;
+import org.apache.harmony.security.asn1.ASN1Type;
+import org.apache.harmony.security.asn1.BerInputStream;
+
+import org.apache.harmony.security.asn1.*;
+
+/**
+ * The class incapsulates the ASN.1 DER encoding/decoding work
+ * with the GeneralSubtree structure which is a part of X.509 certificate:
+ * (as specified in RFC 3280 -
+ * Internet X.509 Public Key Infrastructure.
+ * Certificate and Certificate Revocation List (CRL) Profile.
+ * http://www.ietf.org/rfc/rfc3280.txt):
+ *
+ * <pre>
+ *
+ * GeneralSubtree ::= SEQUENCE {
+ * base GeneralName,
+ * minimum [0] BaseDistance DEFAULT 0,
+ * maximum [1] BaseDistance OPTIONAL }
+ *
+ * BaseDistance ::= INTEGER (0..MAX)
+ *
+ * </pre>
+ *
+ * @see org.apache.harmony.security.x509.NameConstraints
+ * @see org.apache.harmony.security.x509.GeneralName
+ */
+public class GeneralSubtree {
+
+ // the value of base field of the structure
+ private final GeneralName base;
+ // the value of minimum field of the structure
+ private final int minimum;
+ // the value of maximum field of the structure
+ private final int maximum;
+ // the ASN.1 encoded form of GeneralSubtree
+ private byte[] encoding;
+
+ /**
+ * TODO
+ * @param base: GeneralName
+ */
+ public GeneralSubtree(GeneralName base) {
+ this(base, 0, -1);
+ }
+
+ /**
+ * TODO
+ * @param base: GeneralName
+ * @param minimum: int
+ */
+ public GeneralSubtree(GeneralName base, int minimum) {
+ this(base, minimum, -1);
+ }
+
+ /**
+ * TODO
+ * @param base: GeneralName
+ * @param minimum: int
+ * @param maximum: int
+ */
+ public GeneralSubtree(GeneralName base, int minimum, int maximum) {
+ this.base = base;
+ this.minimum = minimum;
+ this.maximum = maximum;
+ }
+
+ //
+ // TODO
+ // @param base: GeneralName
+ // @param minimum: int
+ // @param maximum: int
+ // @param encoding: byte[]
+ //
+ private GeneralSubtree(GeneralName base, int minimum, int maximum,
+ byte[] encoding) {
+ this.base = base;
+ this.minimum = minimum;
+ this.maximum = maximum;
+ this.encoding = new byte[encoding.length];
+ System.arraycopy(encoding, 0, this.encoding, 0, encoding.length);
+ }
+
+ /**
+ * Returns the value of base field of the structure.
+ * @return base
+ */
+ public GeneralName getBase() {
+ return base;
+ }
+
+ /**
+ * Returns the value of maximum field of the structure.
+ * @return maximum
+ */
+ public int getMaximum() {
+ return maximum;
+ }
+
+ /**
+ * Returns the value of minimum field of the structure.
+ * @return minimum
+ */
+ public int getMinimum() {
+ return minimum;
+ }
+
+ /**
+ * Returns ASN.1 encoded form of this X.509 GeneralSubtree value.
+ * @return a byte array containing ASN.1 encode form.
+ */
+ public byte[] getEncoded() {
+ if (encoding == null) {
+ encoding = ASN1.encode(this);
+ }
+ return encoding;
+ }
+
+ /**
+ * ASN.1 DER X.509 GeneralSubtree encoder/decoder class.
+ */
+ public static final ASN1Sequence ASN1 = new ASN1Sequence(new ASN1Type[] {
+ GeneralName.ASN1,
+ new ASN1Implicit(0, ASN1Integer.getInstance()),
+ new ASN1Implicit(1, ASN1Integer.getInstance()) }) {
+ {
+ setDefault(new byte[] {0}, 1); // minimum 0
+ setOptional(2); // maximum optional
+ }
+
+ protected Object getDecodedObject(BerInputStream in) {
+ Object[] values = (Object[]) in.content;
+ int maximum = -1; // is optional maximum missing?
+ if (values[2] != null) {
+ maximum = ASN1Integer.toIntValue((byte[]) values[2]); // no!
+ }
+ return new GeneralSubtree((GeneralName) values[0],
+ ASN1Integer.toIntValue((byte[]) values[1]),
+ maximum);
+ }
+
+ protected void getValues(Object object, Object[] values) {
+
+ GeneralSubtree gs = (GeneralSubtree) object;
+
+ values[0] = gs.base;
+ values[1] = ASN1Integer.fromIntValue(gs.minimum);
+ if (gs.maximum > -1) {
+ values[2] = ASN1Integer.fromIntValue(gs.maximum);
+ }
+ }
+ };
+}
Modified: incubator/harmony/enhanced/classlib/trunk/modules/security/src/common/javasrc/org/apache/harmony/security/x509/PolicyQualifierInfo.java
URL: http://svn.apache.org/viewcvs/incubator/harmony/enhanced/classlib/trunk/modules/security/src/common/javasrc/org/apache/harmony/security/x509/PolicyQualifierInfo.java?rev=390246&r1=390245&r2=390246&view=diff
==============================================================================
--- incubator/harmony/enhanced/classlib/trunk/modules/security/src/common/javasrc/org/apache/harmony/security/x509/PolicyQualifierInfo.java (original)
+++ incubator/harmony/enhanced/classlib/trunk/modules/security/src/common/javasrc/org/apache/harmony/security/x509/PolicyQualifierInfo.java Thu Mar 30 13:34:23 2006
@@ -1,55 +1,55 @@
-/*
- * Copyright 2005 The Apache Software Foundation or its licensors, as applicable.
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-/**
-* @author Vladimir N. Molotkov
-* @version $Revision$
-*/
-
-package org.apache.harmony.security.x509;
-
-import org.apache.harmony.security.asn1.ASN1Any;
-import org.apache.harmony.security.asn1.ASN1Oid;
-import org.apache.harmony.security.asn1.ASN1Sequence;
-import org.apache.harmony.security.asn1.ASN1Type;
-
-
-/**
-/**
- * The class incapsulates the ASN.1 DER decoding work
- * with PolicyQualifierInfo structure
- * (as specified in RFC 3280 -
- * Internet X.509 Public Key Infrastructure.
- * Certificate and Certificate Revocation List (CRL) Profile.
- * http://www.ietf.org/rfc/rfc3280.txt):
- *
- * <pre>
- * PolicyQualifierInfo ::= SEQUENCE {
- * policyQualifierId PolicyQualifierId,
- * qualifier ANY DEFINED BY policyQualifierId }
- *
- * PolicyQualifierId ::=
- * OBJECT IDENTIFIER ( id-qt-cps | id-qt-unotice )
- *
- * </pre>
- *
- */
-public class PolicyQualifierInfo {
- // Contains only ASN1 DER decoder qurrently
- public static final ASN1Sequence ASN1 =
- new ASN1Sequence(new ASN1Type[] {ASN1Oid.getInstance(), ASN1Any.getInstance()}) {
- };
-}
+/*
+ * Copyright 2005 The Apache Software Foundation or its licensors, as applicable.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+/**
+* @author Vladimir N. Molotkov
+* @version $Revision$
+*/
+
+package org.apache.harmony.security.x509;
+
+import org.apache.harmony.security.asn1.ASN1Any;
+import org.apache.harmony.security.asn1.ASN1Oid;
+import org.apache.harmony.security.asn1.ASN1Sequence;
+import org.apache.harmony.security.asn1.ASN1Type;
+
+
+/**
+/**
+ * The class incapsulates the ASN.1 DER decoding work
+ * with PolicyQualifierInfo structure
+ * (as specified in RFC 3280 -
+ * Internet X.509 Public Key Infrastructure.
+ * Certificate and Certificate Revocation List (CRL) Profile.
+ * http://www.ietf.org/rfc/rfc3280.txt):
+ *
+ * <pre>
+ * PolicyQualifierInfo ::= SEQUENCE {
+ * policyQualifierId PolicyQualifierId,
+ * qualifier ANY DEFINED BY policyQualifierId }
+ *
+ * PolicyQualifierId ::=
+ * OBJECT IDENTIFIER ( id-qt-cps | id-qt-unotice )
+ *
+ * </pre>
+ *
+ */
+public class PolicyQualifierInfo {
+ // Contains only ASN1 DER decoder currently
+ public static final ASN1Sequence ASN1 =
+ new ASN1Sequence(new ASN1Type[] {ASN1Oid.getInstance(), ASN1Any.getInstance()}) {
+ };
+}
Modified: incubator/harmony/enhanced/classlib/trunk/modules/security/src/windows/javasrc/org/apache/harmony/security/x/security/auth/module/NTSystem.java
URL: http://svn.apache.org/viewcvs/incubator/harmony/enhanced/classlib/trunk/modules/security/src/windows/javasrc/org/apache/harmony/security/x/security/auth/module/NTSystem.java?rev=390246&r1=390245&r2=390246&view=diff
==============================================================================
--- incubator/harmony/enhanced/classlib/trunk/modules/security/src/windows/javasrc/org/apache/harmony/security/x/security/auth/module/NTSystem.java (original)
+++ incubator/harmony/enhanced/classlib/trunk/modules/security/src/windows/javasrc/org/apache/harmony/security/x/security/auth/module/NTSystem.java Thu Mar 30 13:34:23 2006
@@ -1,179 +1,179 @@
-/*
- * Copyright 2005 The Apache Software Foundation or its licensors, as applicable.
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-/**
- * @author Alexander V. Astapchuk
- * @version $Revision$
- */
-package org.apache.harmony.security.x.security.auth.module;
-
-import java.util.Map;
-
-import org.apache.harmony.security.x.security.auth.NTSidGroupPrincipal;
-import org.apache.harmony.security.x.security.auth.NTSidPrimaryGroupPrincipal;
-import org.apache.harmony.security.x.security.auth.NTSidUserPrincipal;
-
-
-/**
- * A helper class which queries information about the current NT user.
- */
-public final class NTSystem {
-
- // Shows whether the jaaswin library was loaded or not
- private static boolean loadLibDone = false;
-
- // User's sid, domain and name
- private NTSidUserPrincipal user;
-
- // User's domain sid
- private String domainSid;
-
- // User's primary group
- /**/NTSidPrimaryGroupPrincipal mainGroup;
-
- // A list of groups the user belongs to
- /**/NTSidGroupPrincipal[] groups;
-
- // Impersonation token
- private long token;
-
- // May be used to trace the native library execution
- private boolean debugNative;
-
- /**
- * The default ctor. Loads jaaswin library if neccessary.
- * @throws UnsatisfiedLinkError if library jaaswin not found
- */
- public NTSystem() {
- if (!loadLibDone) {
- System.loadLibrary("hyauth");
- initNatives();
- loadLibDone = true;
- }
- }
-
- /**
- * The ctor which reveives options as a Map.
- * @param options
- */
- public NTSystem(Map options) {
- this();
- debugNative = "true".equalsIgnoreCase((String) options
- .get("debugNative"));
- }
-
- /**
- * Initializes internal data.
- */
- private static native void initNatives();
-
- /**
- * Load the security information about user.
- */
- public native void load();
-
- /**
- * Frees inetrnal data stored during login().
- */
- public native void free();
-
- /**
- * Returns name of user's domain
- */
- public String getDomain() {
- return user.getObjectDomain();
- }
-
- /**
- * Returns String representation of SID of user's domain
- */
- public String getDomainSID() {
- return domainSid;
- }
-
- /**
- * Returns array of SIDs of groups the user belongs to
- */
- public String[] getGroupIDs() {
- if (groups == null || groups.length == 0) {
- return null;
- }
- String[] gids = new String[groups.length];
- for (int i = 0; i < groups.length; i++) {
- gids[i] = groups[i].getName();
- }
- return gids;
- }
-
- /**
- * Returns implementation token
- */
- public long getImpersonationToken() {
- return token;
- }
-
- /**
- * Returns user name
- */
- public String getName() {
- return user.getObjectName();
- }
-
- /**
- * Returns a SID of user's main group
- */
- public String getPrimaryGroupID() {
- return mainGroup.getSid();
- }
-
- /**
- * Returns user's SID
- */
- public String getUserSID() {
- return user.getSid();
- }
-
- /**
- * Returns a String representation of this object.
- */
- public String toString() {
- String s = "NTSystem:\n";
- s += " user : " + user + "\n";
- s += " domainSid : " + domainSid + "\n";
- s += " mainGroup : " + mainGroup + "\n";
- s += " token : " + token + "\n";
- s += " groups count : " + (groups == null ? 0 : groups.length);
- if (groups != null) {
- s += "\n";
- for (int i = 0; i < groups.length; i++) {
- s += " " + i + "] " + groups[i] + "\n";
- }
- }
- return s;
- }
-
- /**
- * Returns an array of groups the user belongs to
- */
- public NTSidGroupPrincipal[] getGroups() {
- if (groups == null) {
- return null;
- }
- NTSidGroupPrincipal[] tmp = new NTSidGroupPrincipal[groups.length];
- System.arraycopy(groups, 0, tmp, 0, groups.length);
- return tmp;
- }
-}
+/*
+ * Copyright 2005 The Apache Software Foundation or its licensors, as applicable.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+/**
+ * @author Alexander V. Astapchuk
+ * @version $Revision$
+ */
+package org.apache.harmony.security.x.security.auth.module;
+
+import java.util.Map;
+
+import org.apache.harmony.security.x.security.auth.NTSidGroupPrincipal;
+import org.apache.harmony.security.x.security.auth.NTSidPrimaryGroupPrincipal;
+import org.apache.harmony.security.x.security.auth.NTSidUserPrincipal;
+
+
+/**
+ * A helper class which queries information about the current NT user.
+ */
+public final class NTSystem {
+
+ // Shows whether the jaaswin library was loaded or not
+ private static boolean loadLibDone = false;
+
+ // User's sid, domain and name
+ private NTSidUserPrincipal user;
+
+ // User's domain sid
+ private String domainSid;
+
+ // User's primary group
+ /**/NTSidPrimaryGroupPrincipal mainGroup;
+
+ // A list of groups the user belongs to
+ /**/NTSidGroupPrincipal[] groups;
+
+ // Impersonation token
+ private long token;
+
+ // May be used to trace the native library execution
+ private boolean debugNative;
+
+ /**
+ * The default ctor. Loads jaaswin library if necessary.
+ * @throws UnsatisfiedLinkError if library jaaswin not found
+ */
+ public NTSystem() {
+ if (!loadLibDone) {
+ System.loadLibrary("hyauth");
+ initNatives();
+ loadLibDone = true;
+ }
+ }
+
+ /**
+ * The ctor which reveives options as a Map.
+ * @param options
+ */
+ public NTSystem(Map options) {
+ this();
+ debugNative = "true".equalsIgnoreCase((String) options
+ .get("debugNative"));
+ }
+
+ /**
+ * Initializes internal data.
+ */
+ private static native void initNatives();
+
+ /**
+ * Load the security information about user.
+ */
+ public native void load();
+
+ /**
+ * Frees inetrnal data stored during login().
+ */
+ public native void free();
+
+ /**
+ * Returns name of user's domain
+ */
+ public String getDomain() {
+ return user.getObjectDomain();
+ }
+
+ /**
+ * Returns String representation of SID of user's domain
+ */
+ public String getDomainSID() {
+ return domainSid;
+ }
+
+ /**
+ * Returns array of SIDs of groups the user belongs to
+ */
+ public String[] getGroupIDs() {
+ if (groups == null || groups.length == 0) {
+ return null;
+ }
+ String[] gids = new String[groups.length];
+ for (int i = 0; i < groups.length; i++) {
+ gids[i] = groups[i].getName();
+ }
+ return gids;
+ }
+
+ /**
+ * Returns implementation token
+ */
+ public long getImpersonationToken() {
+ return token;
+ }
+
+ /**
+ * Returns user name
+ */
+ public String getName() {
+ return user.getObjectName();
+ }
+
+ /**
+ * Returns a SID of user's main group
+ */
+ public String getPrimaryGroupID() {
+ return mainGroup.getSid();
+ }
+
+ /**
+ * Returns user's SID
+ */
+ public String getUserSID() {
+ return user.getSid();
+ }
+
+ /**
+ * Returns a String representation of this object.
+ */
+ public String toString() {
+ String s = "NTSystem:\n";
+ s += " user : " + user + "\n";
+ s += " domainSid : " + domainSid + "\n";
+ s += " mainGroup : " + mainGroup + "\n";
+ s += " token : " + token + "\n";
+ s += " groups count : " + (groups == null ? 0 : groups.length);
+ if (groups != null) {
+ s += "\n";
+ for (int i = 0; i < groups.length; i++) {
+ s += " " + i + "] " + groups[i] + "\n";
+ }
+ }
+ return s;
+ }
+
+ /**
+ * Returns an array of groups the user belongs to
+ */
+ public NTSidGroupPrincipal[] getGroups() {
+ if (groups == null) {
+ return null;
+ }
+ NTSidGroupPrincipal[] tmp = new NTSidGroupPrincipal[groups.length];
+ System.arraycopy(groups, 0, tmp, 0, groups.length);
+ return tmp;
+ }
+}