alvinalexander.com | career | drupal | java | mac | mysql | perl | scala | uml | unix  

Java example source code file (SubjectCodeSource.java)

This example Java source code file (SubjectCodeSource.java) is included in the alvinalexander.com "Java Source Code Warehouse" project. The intent of this project is to help you "Learn Java by Example" TM.

Learn more about this Java project at its project page.

Java - Java tags/keywords

access, class, classloader, constructor, exception, failure, linkedlist, listiterator, net, network, params, pass, principalentry, reflection, security, string, subjectcodesource, url, util

The SubjectCodeSource.java Java example source code

/*
 * Copyright (c) 1999, 2013, Oracle and/or its affiliates. All rights reserved.
 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
 *
 * This code is free software; you can redistribute it and/or modify it
 * under the terms of the GNU General Public License version 2 only, as
 * published by the Free Software Foundation.  Oracle designates this
 * particular file as subject to the "Classpath" exception as provided
 * by Oracle in the LICENSE file that accompanied this code.
 *
 * This code is distributed in the hope that it will be useful, but WITHOUT
 * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
 * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
 * version 2 for more details (a copy is included in the LICENSE file that
 * accompanied this code).
 *
 * You should have received a copy of the GNU General Public License version
 * 2 along with this work; if not, write to the Free Software Foundation,
 * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
 *
 * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
 * or visit www.oracle.com if you need additional information or have any
 * questions.
 */

package sun.security.provider;

import java.net.URL;
import java.util.*;
import java.security.CodeSource;
import java.security.Principal;
import java.security.cert.Certificate;
import java.lang.reflect.Constructor;

import javax.security.auth.Subject;
import sun.security.provider.PolicyParser.PrincipalEntry;

/**
 * <p> This SubjectCodeSource class contains
 * a <code>URL, signer certificates, and either a Subject
 * (that represents the <code>Subject in the current
 * <code>AccessControlContext), or a linked list of Principals
 * (that represent a "subject" in a <code>Policy).
 *
 */
class SubjectCodeSource extends CodeSource implements java.io.Serializable {

    private static final long serialVersionUID = 6039418085604715275L;

    private static final java.util.ResourceBundle rb =
        java.security.AccessController.doPrivileged
        (new java.security.PrivilegedAction<java.util.ResourceBundle>() {
            public java.util.ResourceBundle run() {
                return (java.util.ResourceBundle.getBundle
                        ("sun.security.util.AuthResources"));
            }
        });

    private Subject subject;
    private LinkedList<PrincipalEntry> principals;
    private static final Class<?>[] PARAMS = { String.class };
    private static final sun.security.util.Debug debug =
        sun.security.util.Debug.getInstance("auth", "\t[Auth Access]");
    private ClassLoader sysClassLoader;

    /**
     * Creates a new <code>SubjectCodeSource
     * with the given <code>Subject, principals, URL,
     * and signers (Certificates).  The <code>Subject
     * represents the <code>Subject associated with the current
     * <code>AccessControlContext.
     * The Principals are given as a <code>LinkedList
     * of <code>PolicyParser.PrincipalEntry objects.
     * Typically either a <code>Subject will be provided,
     * or a list of <code>principals will be provided
     * (not both).
     *
     * <p>
     *
     * @param subject the <code>Subject associated with this
     *                  <code>SubjectCodeSource 

* * @param url the <code>URL associated with this * <code>SubjectCodeSource

* * @param certs the signers associated with this * <code>SubjectCodeSource

*/ SubjectCodeSource(Subject subject, LinkedList<PrincipalEntry> principals, URL url, Certificate[] certs) { super(url, certs); this.subject = subject; this.principals = (principals == null ? new LinkedList<PrincipalEntry>() : new LinkedList<PrincipalEntry>(principals)); sysClassLoader = java.security.AccessController.doPrivileged (new java.security.PrivilegedAction<ClassLoader>() { public ClassLoader run() { return ClassLoader.getSystemClassLoader(); } }); } /** * Get the Principals associated with this <code>SubjectCodeSource. * The Principals are retrieved as a <code>LinkedList * of <code>PolicyParser.PrincipalEntry objects. * * <p> * * @return the Principals associated with this * <code>SubjectCodeSource as a LinkedList * of <code>PolicyParser.PrincipalEntry objects. */ LinkedList<PrincipalEntry> getPrincipals() { return principals; } /** * Get the <code>Subject associated with this * <code>SubjectCodeSource. The Subject * represents the <code>Subject associated with the * current <code>AccessControlContext. * * <p> * * @return the <code>Subject associated with this * <code>SubjectCodeSource. */ Subject getSubject() { return subject; } /** * Returns true if this <code>SubjectCodeSource object "implies" * the specified <code>CodeSource. * More specifically, this method makes the following checks. * If any fail, it returns false. If they all succeed, it returns true. * * <p> * <ol> * <li> The provided codesource must not be null. * <li> codesource must be an instance of SubjectCodeSource. * <li> super.implies(codesource) must return true. * <li> for each principal in this codesource's principal list: * <ol> * <li> if the principal is an instanceof * <code>Principal, then the principal must * imply the provided codesource's <code>Subject. * <li> if the principal is not an instanceof * <code>Principal, then the provided * codesource's <code>Subject must have an * associated <code>Principal, P, where * P.getClass().getName equals principal.principalClass, * and P.getName() equals principal.principalName. * </ol> * </ol> * * <p> * * @param codesource the <code>CodeSource to compare against. * * @return true if this <code>SubjectCodeSource implies the * the specified <code>CodeSource. */ public boolean implies(CodeSource codesource) { LinkedList<PrincipalEntry> subjectList = null; if (codesource == null || !(codesource instanceof SubjectCodeSource) || !(super.implies(codesource))) { if (debug != null) debug.println("\tSubjectCodeSource.implies: FAILURE 1"); return false; } SubjectCodeSource that = (SubjectCodeSource)codesource; // if the principal list in the policy "implies" // the Subject associated with the current AccessControlContext, // then return true if (this.principals == null) { if (debug != null) debug.println("\tSubjectCodeSource.implies: PASS 1"); return true; } if (that.getSubject() == null || that.getSubject().getPrincipals().size() == 0) { if (debug != null) debug.println("\tSubjectCodeSource.implies: FAILURE 2"); return false; } ListIterator<PrincipalEntry> li = this.principals.listIterator(0); while (li.hasNext()) { PrincipalEntry pppe = li.next(); try { // use new Principal.implies method Class<?> pClass = Class.forName(pppe.principalClass, true, sysClassLoader); if (!Principal.class.isAssignableFrom(pClass)) { // not the right subtype throw new ClassCastException(pppe.principalClass + " is not a Principal"); } Constructor<?> c = pClass.getConstructor(PARAMS); Principal p = (Principal)c.newInstance(new Object[] { pppe.principalName }); if (!p.implies(that.getSubject())) { if (debug != null) debug.println("\tSubjectCodeSource.implies: FAILURE 3"); return false; } else { if (debug != null) debug.println("\tSubjectCodeSource.implies: PASS 2"); return true; } } catch (Exception e) { // simply compare Principals if (subjectList == null) { if (that.getSubject() == null) { if (debug != null) debug.println("\tSubjectCodeSource.implies: " + "FAILURE 4"); return false; } Iterator<Principal> i = that.getSubject().getPrincipals().iterator(); subjectList = new LinkedList<PrincipalEntry>(); while (i.hasNext()) { Principal p = i.next(); PrincipalEntry spppe = new PrincipalEntry (p.getClass().getName(), p.getName()); subjectList.add(spppe); } } if (!subjectListImpliesPrincipalEntry(subjectList, pppe)) { if (debug != null) debug.println("\tSubjectCodeSource.implies: FAILURE 5"); return false; } } } if (debug != null) debug.println("\tSubjectCodeSource.implies: PASS 3"); return true; } /** * This method returns, true, if the provided <i>subjectList * "contains" the <code>Principal specified * in the provided <i>pppe argument. * * Note that the provided <i>pppe argument may have * wildcards (*) for the <code>Principal class and name, * which need to be considered. * * <p> * * @param subjectList a list of PolicyParser.PrincipalEntry objects * that correspond to all the Principals in the Subject currently * on this thread's AccessControlContext. <p> * * @param pppe the Principals specified in a grant entry. * * @return true if the provided <i>subjectList "contains" * the <code>Principal specified in the provided * <i>pppe argument. */ private boolean subjectListImpliesPrincipalEntry( LinkedList<PrincipalEntry> subjectList, PrincipalEntry pppe) { ListIterator<PrincipalEntry> li = subjectList.listIterator(0); while (li.hasNext()) { PrincipalEntry listPppe = li.next(); if (pppe.getPrincipalClass().equals (PrincipalEntry.WILDCARD_CLASS) || pppe.getPrincipalClass().equals(listPppe.getPrincipalClass())) { if (pppe.getPrincipalName().equals (PrincipalEntry.WILDCARD_NAME) || pppe.getPrincipalName().equals(listPppe.getPrincipalName())) return true; } } return false; } /** * Tests for equality between the specified object and this * object. Two <code>SubjectCodeSource objects are considered equal * if their locations are of identical value, if the two sets of * Certificates are of identical values, and if the * Subjects are equal, and if the PolicyParser.PrincipalEntry values * are of identical values. It is not required that * the Certificates or PolicyParser.PrincipalEntry values * be in the same order. * * <p> * * @param obj the object to test for equality with this object. * * @return true if the objects are considered equal, false otherwise. */ public boolean equals(Object obj) { if (obj == this) return true; if (super.equals(obj) == false) return false; if (!(obj instanceof SubjectCodeSource)) return false; SubjectCodeSource that = (SubjectCodeSource)obj; // the principal lists must match try { if (this.getSubject() != that.getSubject()) return false; } catch (SecurityException se) { return false; } if ((this.principals == null && that.principals != null) || (this.principals != null && that.principals == null)) return false; if (this.principals != null && that.principals != null) { if (!this.principals.containsAll(that.principals) || !that.principals.containsAll(this.principals)) return false; } return true; } /** * Return a hashcode for this <code>SubjectCodeSource. * * <p> * * @return a hashcode for this <code>SubjectCodeSource. */ public int hashCode() { return super.hashCode(); } /** * Return a String representation of this <code>SubjectCodeSource. * * <p> * * @return a String representation of this <code>SubjectCodeSource. */ public String toString() { String returnMe = super.toString(); if (getSubject() != null) { if (debug != null) { final Subject finalSubject = getSubject(); returnMe = returnMe + "\n" + java.security.AccessController.doPrivileged (new java.security.PrivilegedAction<String>() { public String run() { return finalSubject.toString(); } }); } else { returnMe = returnMe + "\n" + getSubject().toString(); } } if (principals != null) { ListIterator<PrincipalEntry> li = principals.listIterator(); while (li.hasNext()) { PrincipalEntry pppe = li.next(); returnMe = returnMe + rb.getString("NEWLINE") + pppe.getPrincipalClass() + " " + pppe.getPrincipalName(); } } return returnMe; } }

Other Java examples (source code examples)

Here is a short list of links related to this Java SubjectCodeSource.java source code file:

... this post is sponsored by my books ...

#1 New Release!

FP Best Seller

 

new blog posts

 

Copyright 1998-2024 Alvin Alexander, alvinalexander.com
All Rights Reserved.

A percentage of advertising revenue from
pages under the /java/jwarehouse URI on this website is
paid back to open source projects.