java.io.Serializable
, java.security.Principal
public final class SystemPrincipal
extends java.lang.Object
implements java.security.Principal, java.io.Serializable
Note that principal names do NOT follow Authorization Identifier rules.
For instance, although edward and edWard both match the normalized
authorization identifier EDWARD, the instances
SystemPrincipal("edward")
and
SystemPrincipal("edWard")
represent different principals
under the methods getName()
, equals()
, and
hashCode()
.
According to JAASRefGuide, Principal classes must implement Serializable.
Principal.getName()
,
JAASRefGuide on Principals,
Serialized FormModifier and Type | Field | Description |
---|---|---|
private java.lang.String |
name |
The name of the principal.
|
(package private) static long |
serialVersionUID |
BTW, this class currently does not require special handling during
serialization/deserialization, so, there's no need to define methods
readObject(ObjectInputStream) and
writeObject(ObjectOutputStream) . |
Constructor | Description |
---|---|
SystemPrincipal(java.lang.String name) |
Constructs a principal for a given name.
|
Modifier and Type | Method | Description |
---|---|---|
boolean |
equals(java.lang.Object other) |
Compares this principal to the specified object.
|
java.lang.String |
getName() |
Returns the name of this principal.
|
int |
hashCode() |
Returns a hashcode for this principal.
|
private void |
readObject(java.io.ObjectInputStream s) |
Called upon deserialization for restoring the state of this
SystemPrincipal from a stream.
|
java.lang.String |
toString() |
Returns a string representation of this principal.
|
private static void |
validateName(java.lang.String name) |
Verify that the specified name of the principal is valid.
|
static final long serialVersionUID
readObject(ObjectInputStream)
and
writeObject(ObjectOutputStream)
.private final java.lang.String name
Note that the name is not a "normalized" Authorization Identifier.
This is due to peculiarities of the Java Security Runtime, which
compares a javax.security.auth.Subject
's Principals
against the literal Principal name as declared in the policy files,
and not against the return value of method getName()
.
So, a normalization of names within SystemPrincipal doesn't affect
permission checking by the SecurityManager.
In order for a javax.security.auth.Subject
to be
granted permissions on the basis Authorization Identifier rules, e.g.,
for a Subject authenticated as edWard to fall under a policy clause
declared for EDWARD, the Subject has to be constructed (or augmented)
with both the literal name and the normalized Authorization Identifier.
As an alternative approach, class SystemPrincipal
could
implement the non-standard interface
com.sun.security.auth.PrincipalComparator
, which declares
a method implies(Subject)
that would allow for Principals
to match Subjects on the basis of normalized Authorization Identifiers.
But then we'd be relying upon non-standard Security Runtime behaviour.
public SystemPrincipal(java.lang.String name)
name
- the name of the principaljava.lang.NullPointerException
- if name is nulljava.lang.IllegalArgumentException
- if name is not a legal Principal nameprivate static void validateName(java.lang.String name)
name
- the name of the principaljava.lang.NullPointerException
- if name is nulljava.lang.IllegalArgumentException
- if name is not a legal Principal namepublic boolean equals(java.lang.Object other)
equals
in interface java.security.Principal
equals
in class java.lang.Object
other
- principal to compare withPrincipal.equals(java.lang.Object)
public java.lang.String getName()
getName
in interface java.security.Principal
Principal.getName()
public int hashCode()
hashCode
in interface java.security.Principal
hashCode
in class java.lang.Object
Principal.hashCode()
public java.lang.String toString()
toString
in interface java.security.Principal
toString
in class java.lang.Object
Principal.toString()
private void readObject(java.io.ObjectInputStream s) throws java.io.IOException, java.lang.ClassNotFoundException
java.io.IOException
java.lang.ClassNotFoundException
Apache Derby V10.14 Internals - Copyright © 2004,2018 The Apache Software Foundation. All Rights Reserved.