|
|||||||||
PREV CLASS NEXT CLASS | FRAMES NO FRAMES | ||||||||
SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD |
java.lang.Objectorg.apache.derby.authentication.SystemPrincipal
public final class SystemPrincipal
This class represents Derby's notion of a principal, a concept of user identity with controlled access to Derby System Privileges. An authenticated user may have other identities which make sense in other code domains.
Note that principal names do NOT follow Authorization Identifier rules.
For instance, although edward and edWard both match the normalized
authorization identifier EDWARD, the instances
SystemPrincipal("edward")
and
SystemPrincipal("edWard")
represent different principals
under the methods getName()
, equals()
, and
hashCode()
.
According to JAASRefGuide, Principal classes must implement Serializable.
Principal.getName()
,
JAASRefGuide on Principals,
Serialized FormField Summary | |
---|---|
private java.lang.String |
name
The name of the principal. |
(package private) static long |
serialVersionUID
BTW, this class currently does not require special handling during serialization/deserialization, so, there's no need to define methods readObject(ObjectInputStream) and
writeObject(ObjectOutputStream) . |
Constructor Summary | |
---|---|
SystemPrincipal(java.lang.String name)
Constructs a principal for a given name. |
Method Summary | |
---|---|
boolean |
equals(java.lang.Object other)
Compares this principal to the specified object. |
java.lang.String |
getName()
Returns the name of this principal. |
int |
hashCode()
Returns a hashcode for this principal. |
java.lang.String |
toString()
Returns a string representation of this principal. |
Methods inherited from class java.lang.Object |
---|
clone, finalize, getClass, notify, notifyAll, wait, wait, wait |
Field Detail |
---|
static final long serialVersionUID
readObject(ObjectInputStream)
and
writeObject(ObjectOutputStream)
.
private final java.lang.String name
Note that the name is not a "normalized" Authorization Identifier.
This is due to peculiarities of the Java Security Runtime, which
compares a javax.security.auth.Subject
's Principals
against the literal Principal name as declared in the policy files,
and not against the return value of method getName()
.
So, a normalization of names within SystemPrincipal doesn't affect
permission checking by the SecurityManager.
In order for a javax.security.auth.Subject
to be
granted permissions on the basis Authorization Identifier rules, e.g.,
for a Subject authenticated as edWard to fall under a policy clause
declared for EDWARD, the Subject has to be constructed (or augmented)
with both the literal name and the normalized Authorization Identifier.
As an alternative approach, class
SystemPrincipal
could
implement the non-standard interface
com.sun.security.auth.PrincipalComparator
, which declares
a method implies(Subject)
that would allow for Principals
to match Subjects on the basis of normalized Authorization Identifiers.
But then we'd be relying upon non-standard Security Runtime behaviour.
Constructor Detail |
---|
public SystemPrincipal(java.lang.String name)
name
- the name of the principal
java.lang.NullPointerException
- if name is null
java.lang.IllegalArgumentException
- if name is not a legal Principal nameMethod Detail |
---|
public boolean equals(java.lang.Object other)
equals
in interface java.security.Principal
equals
in class java.lang.Object
other
- principal to compare with
Principal.equals(java.lang.Object)
public java.lang.String getName()
getName
in interface java.security.Principal
Principal.getName()
public int hashCode()
hashCode
in interface java.security.Principal
hashCode
in class java.lang.Object
Principal.hashCode()
public java.lang.String toString()
toString
in interface java.security.Principal
toString
in class java.lang.Object
Principal.toString()
|
Built on Thu 2011-03-10 11:54:14+0000, from revision ??? | ||||||||
PREV CLASS NEXT CLASS | FRAMES NO FRAMES | ||||||||
SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD |