-
Notifications
You must be signed in to change notification settings - Fork 103
Expand file tree
/
Copy pathIdentityScope.java
More file actions
257 lines (231 loc) · 7.27 KB
/
IdentityScope.java
File metadata and controls
257 lines (231 loc) · 7.27 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
/*
* Copyright (c) 1996, 2013, Oracle and/or its affiliates. All rights reserved.
* ORACLE PROPRIETARY/CONFIDENTIAL. Use is subject to license terms.
*
*
*
*
*
*
*
*
*
*
*
*
*
*
*
*
*
*
*
*
*/
package java.security;
import java.io.Serializable;
import java.util.Enumeration;
import java.util.Properties;
/**
* <p>This class represents a scope for identities. It is an Identity
* itself, and therefore has a name and can have a scope. It can also
* optionally have a public key and associated certificates.
*
* <p>An IdentityScope can contain Identity objects of all kinds, including
* Signers. All types of Identity objects can be retrieved, added, and
* removed using the same methods. Note that it is possible, and in fact
* expected, that different types of identity scopes will
* apply different policies for their various operations on the
* various types of Identities.
*
* <p>There is a one-to-one mapping between keys and identities, and
* there can only be one copy of one key per scope. For example, suppose
* <b>Acme Software, Inc</b> is a software publisher known to a user.
* Suppose it is an Identity, that is, it has a public key, and a set of
* associated certificates. It is named in the scope using the name
* "Acme Software". No other named Identity in the scope has the same
* public key. Of course, none has the same name as well.
*
* @see Identity
* @see Signer
* @see Principal
* @see Key
*
* @author Benjamin Renaud
*
* @deprecated This class is no longer used. Its functionality has been
* replaced by {@code java.security.KeyStore}, the
* {@code java.security.cert} package, and
* {@code java.security.Principal}.
*/
@Deprecated
public abstract
class IdentityScope extends Identity {
private static final long serialVersionUID = -2337346281189773310L;
/* The system's scope */
private static IdentityScope scope;
// initialize the system scope
private static void initializeSystemScope() {
String classname = AccessController.doPrivileged(
new PrivilegedAction<String>() {
public String run() {
return Security.getProperty("system.scope");
}
});
if (classname == null) {
return;
} else {
try {
Class.forName(classname);
} catch (ClassNotFoundException e) {
//Security.error("unable to establish a system scope from " +
// classname);
e.printStackTrace();
}
}
}
/**
* This constructor is used for serialization only and should not
* be used by subclasses.
*/
protected IdentityScope() {
this("restoring...");
}
/**
* Constructs a new identity scope with the specified name.
*
* @param name the scope name.
*/
public IdentityScope(String name) {
super(name);
}
/**
* Constructs a new identity scope with the specified name and scope.
*
* @param name the scope name.
* @param scope the scope for the new identity scope.
*
* @exception KeyManagementException if there is already an identity
* with the same name in the scope.
*/
public IdentityScope(String name, IdentityScope scope)
throws KeyManagementException {
super(name, scope);
}
/**
* Returns the system's identity scope.
*
* @return the system's identity scope, or {@code null} if none has been
* set.
*
* @see #setSystemScope
*/
public static IdentityScope getSystemScope() {
if (scope == null) {
initializeSystemScope();
}
return scope;
}
/**
* Sets the system's identity scope.
*
* <p>First, if there is a security manager, its
* {@code checkSecurityAccess}
* method is called with {@code "setSystemScope"}
* as its argument to see if it's ok to set the identity scope.
*
* @param scope the scope to set.
*
* @exception SecurityException if a security manager exists and its
* {@code checkSecurityAccess} method doesn't allow
* setting the identity scope.
*
* @see #getSystemScope
* @see SecurityManager#checkSecurityAccess
*/
protected static void setSystemScope(IdentityScope scope) {
check("setSystemScope");
IdentityScope.scope = scope;
}
/**
* Returns the number of identities within this identity scope.
*
* @return the number of identities within this identity scope.
*/
public abstract int size();
/**
* Returns the identity in this scope with the specified name (if any).
*
* @param name the name of the identity to be retrieved.
*
* @return the identity named {@code name}, or null if there are
* no identities named {@code name} in this scope.
*/
public abstract Identity getIdentity(String name);
/**
* Retrieves the identity whose name is the same as that of the
* specified principal. (Note: Identity implements Principal.)
*
* @param principal the principal corresponding to the identity
* to be retrieved.
*
* @return the identity whose name is the same as that of the
* principal, or null if there are no identities of the same name
* in this scope.
*/
public Identity getIdentity(Principal principal) {
return getIdentity(principal.getName());
}
/**
* Retrieves the identity with the specified public key.
*
* @param key the public key for the identity to be returned.
*
* @return the identity with the given key, or null if there are
* no identities in this scope with that key.
*/
public abstract Identity getIdentity(PublicKey key);
/**
* Adds an identity to this identity scope.
*
* @param identity the identity to be added.
*
* @exception KeyManagementException if the identity is not
* valid, a name conflict occurs, another identity has the same
* public key as the identity being added, or another exception
* occurs. */
public abstract void addIdentity(Identity identity)
throws KeyManagementException;
/**
* Removes an identity from this identity scope.
*
* @param identity the identity to be removed.
*
* @exception KeyManagementException if the identity is missing,
* or another exception occurs.
*/
public abstract void removeIdentity(Identity identity)
throws KeyManagementException;
/**
* Returns an enumeration of all identities in this identity scope.
*
* @return an enumeration of all identities in this identity scope.
*/
public abstract Enumeration<Identity> identities();
/**
* Returns a string representation of this identity scope, including
* its name, its scope name, and the number of identities in this
* identity scope.
*
* @return a string representation of this identity scope.
*/
public String toString() {
return super.toString() + "[" + size() + "]";
}
private static void check(String directive) {
SecurityManager security = System.getSecurityManager();
if (security != null) {
security.checkSecurityAccess(directive);
}
}
}