summaryrefslogtreecommitdiff
path: root/libjava/classpath/javax/security/auth/kerberos/KerberosPrincipal.java
diff options
context:
space:
mode:
Diffstat (limited to 'libjava/classpath/javax/security/auth/kerberos/KerberosPrincipal.java')
-rw-r--r--libjava/classpath/javax/security/auth/kerberos/KerberosPrincipal.java207
1 files changed, 207 insertions, 0 deletions
diff --git a/libjava/classpath/javax/security/auth/kerberos/KerberosPrincipal.java b/libjava/classpath/javax/security/auth/kerberos/KerberosPrincipal.java
new file mode 100644
index 000000000..4ba767226
--- /dev/null
+++ b/libjava/classpath/javax/security/auth/kerberos/KerberosPrincipal.java
@@ -0,0 +1,207 @@
+/* KerberosPrincipal.java -- a kerberos principal
+ Copyright (C) 2006 Free Software Foundation, Inc.
+
+This file is part of GNU Classpath.
+
+GNU Classpath is free software; you can redistribute it and/or modify
+it under the terms of the GNU General Public License as published by
+the Free Software Foundation; either version 2, or (at your option)
+any later version.
+
+GNU Classpath is distributed in the hope that it will be useful, but
+WITHOUT ANY WARRANTY; without even the implied warranty of
+MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+General Public License for more details.
+
+You should have received a copy of the GNU General Public License
+along with GNU Classpath; see the file COPYING. If not, write to the
+Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
+02110-1301 USA.
+
+Linking this library statically or dynamically with other modules is
+making a combined work based on this library. Thus, the terms and
+conditions of the GNU General Public License cover the whole
+combination.
+
+As a special exception, the copyright holders of this library give you
+permission to link this library with independent modules to produce an
+executable, regardless of the license terms of these independent
+modules, and to copy and distribute the resulting executable under
+terms of your choice, provided that you also meet, for each linked
+independent module, the terms and conditions of the license of that
+module. An independent module is a module which is not derived from
+or based on this library. If you modify this library, you may extend
+this exception to your version of the library, but you are not
+obligated to do so. If you do not wish to do so, delete this
+exception statement from your version. */
+
+
+package javax.security.auth.kerberos;
+
+import gnu.classpath.NotImplementedException;
+import gnu.classpath.SystemProperties;
+
+import java.io.Serializable;
+import java.security.Principal;
+
+/**
+ * This represents a Kerberos principal. See the Kerberos
+ * authentication RFC for more information:
+ * <a href="http://www.ietf.org/rfc/rfc1510.txt">RFC 1510</a>.
+ *
+ * @since 1.4
+ */
+public final class KerberosPrincipal
+ implements Serializable, Principal
+{
+ // Uncomment when serialization is correct.
+ // private static final long serialVersionUID = -7374788026156829911L;
+
+ /**
+ * Constant from the RFC: "Just the name of the principal as in DCE, or
+ * for users".
+ */
+ public static final int KRB_NT_PRINCIPAL = 1;
+
+ /**
+ * Constant from the RFC: "Service and other unique instance (krbtgt)".
+ */
+ public static final int KRB_NT_SRV_HST = 3;
+
+ /**
+ * Constant from the RFC: "Service with host name as instance (telnet,
+ * rcommands)".
+ */
+ public static final int KRB_NT_SRV_INST = 2;
+
+ /**
+ * Constant from the RFC: "Service with host as remaining components".
+ */
+ public static final int KRB_NT_SRV_XHST = 4;
+
+ /**
+ * Constant from the RFC: "Unique ID".
+ */
+ public static final int KRB_NT_UID = 5;
+
+ /**
+ * Constant from the RFC: "Name type not known".
+ */
+ public static final int KRB_NT_UNKNOWN = 0;
+
+ private String name;
+ private int type;
+ private String realm;
+
+ /**
+ * Create a new instance with the given name and a type of
+ * {@link #KRB_NT_PRINCIPAL}.
+ * @param name the principal's name
+ */
+ public KerberosPrincipal(String name)
+ {
+ this(name, KRB_NT_PRINCIPAL);
+ }
+
+ /**
+ * Create a new instance with the given name and type. The name is
+ * parsed according to the rules in the RFC. If there is no realm,
+ * then the local realm is used instead.
+ *
+ * @param name the principal's name
+ * @param type the principal's type
+ */
+ public KerberosPrincipal(String name, int type)
+ // Marked as unimplemented because we don't look for the realm as needed.
+ throws NotImplementedException
+ {
+ if (type < KRB_NT_UNKNOWN || type > KRB_NT_UID)
+ throw new IllegalArgumentException("unknown type: " + type);
+ this.name = name;
+ this.type = type;
+ this.realm = parseRealm();
+ }
+
+ private String parseRealm()
+ {
+ // Handle quoting as specified by the Kerberos RFC.
+ int i, len = name.length();
+ boolean quoted = false;
+ for (i = 0; i < len; ++i)
+ {
+ if (quoted)
+ {
+ quoted = false;
+ continue;
+ }
+ char c = name.charAt(i);
+ if (c == '\\')
+ {
+ quoted = true;
+ continue;
+ }
+ if (c == '@')
+ break;
+ }
+ if (quoted || i == len - 1)
+ throw new IllegalArgumentException("malformed principal: " + name);
+ if (i < len)
+ {
+ // We have the realm. FIXME: verify its syntax?
+ return name.substring(i + 1);
+ }
+ // Try to find the default realm.
+ String def = SystemProperties.getProperty("java.security.krb5.realm");
+ if (def != null)
+ return def;
+ // Now ask the system.
+ // FIXME: use java.security.krb5.conf,
+ // or $JAVA_HOME/lib/security/krb5.conf to find the krb config file.
+ // Then pass to native code using krb5_set_config_files() and
+ // krb5_get_default_realm(). But... what about /etc/krb5.conf?
+ throw new IllegalArgumentException("default realm can't be found");
+ }
+
+ /**
+ * Return the name of this principal.
+ */
+ public String getName()
+ {
+ return name;
+ }
+
+ /**
+ * Return the realm of this principal.
+ */
+ public String getRealm()
+ {
+ return realm;
+ }
+
+ /**
+ * Return the type of this principal.
+ */
+ public int getNameType()
+ {
+ return type;
+ }
+
+ public int hashCode()
+ {
+ return name.hashCode();
+ }
+
+ public boolean equals(Object other)
+ {
+ if (! (other instanceof KerberosPrincipal))
+ return false;
+ KerberosPrincipal kp = (KerberosPrincipal) other;
+ return name.equals(kp.name) && type == kp.type;
+ }
+
+ public String toString()
+ {
+ // This is what came to mind.
+ return name + ":" + type;
+ }
+}