Overview  Package   Class  Tree  Deprecated  Index  Help 
 PREV CLASS   NEXT CLASS FRAMES    NO FRAMES    
SUMMARY: NESTED | FIELD | CONSTR | METHOD DETAIL: FIELD | CONSTR | METHOD

org.apache.derby.authentication
Class SystemPrincipal

java.lang.Object
  extended by org.apache.derby.authentication.SystemPrincipal
All Implemented Interfaces:
java.io.Serializable, java.security.Principal
public final class SystemPrincipal
extends java.lang.Object
implements java.security.Principal, java.io.Serializable

This class represents Derby's notion of a principal, a concept of user identity with controlled access to Derby System Privileges. An authenticated user may have other identities which make sense in other code domains.

Note that principal names do NOT follow Authorization Identifier rules. For instance, although edward and edWard both match the normalized authorization identifier EDWARD, the instances SystemPrincipal("edward") and SystemPrincipal("edWard") represent different principals under the methods getName(), equals(), and hashCode().

According to JAASRefGuide, Principal classes must implement Serializable.

See Also:
Principal.getName(), JAASRefGuide on Principals, Serialized Form

Field Summary
private  java.lang.String name
          The name of the principal.
(package private) static long serialVersionUID
          BTW, this class currently does not require special handling during serialization/deserialization, so, there's no need to define methods readObject(ObjectInputStream) and writeObject(ObjectOutputStream).
 
Constructor Summary
SystemPrincipal(java.lang.String name)
          Constructs a principal for a given name.
 
Method Summary
 boolean equals(java.lang.Object other)
          Compares this principal to the specified object.
 java.lang.String getName()
          Returns the name of this principal.
 int hashCode()
          Returns a hashcode for this principal.
 java.lang.String toString()
          Returns a string representation of this principal.
 
Methods inherited from class java.lang.Object
clone, finalize, getClass, notify, notifyAll, wait, wait, wait
 

Field Detail

serialVersionUID

static final long serialVersionUID
BTW, this class currently does not require special handling during serialization/deserialization, so, there's no need to define methods readObject(ObjectInputStream) and writeObject(ObjectOutputStream).

See Also:
Constant Field Values

name

private final java.lang.String name
The name of the principal.

Note that the name is not a "normalized" Authorization Identifier. This is due to peculiarities of the Java Security Runtime, which compares a javax.security.auth.Subject's Principals against the literal Principal name as declared in the policy files, and not against the return value of method getName(). So, a normalization of names within SystemPrincipal doesn't affect permission checking by the SecurityManager.

In order for a javax.security.auth.Subject to be granted permissions on the basis Authorization Identifier rules, e.g., for a Subject authenticated as edWard to fall under a policy clause declared for EDWARD, the Subject has to be constructed (or augmented) with both the literal name and the normalized Authorization Identifier.

As an alternative approach, class SystemPrincipal could implement the non-standard interface com.sun.security.auth.PrincipalComparator, which declares a method implies(Subject) that would allow for Principals to match Subjects on the basis of normalized Authorization Identifiers. But then we'd be relying upon non-standard Security Runtime behaviour.

See Also:
User Names & Authorization Identifiers in Derby
Constructor Detail

SystemPrincipal

public SystemPrincipal(java.lang.String name)
Constructs a principal for a given name.

Parameters:
name - the name of the principal
Throws:
java.lang.NullPointerException - if name is null
java.lang.IllegalArgumentException - if name is not a legal Principal name
Method Detail

equals

public boolean equals(java.lang.Object other)
Compares this principal to the specified object. Returns true if the object passed in matches the principal represented by the implementation of this interface.

Specified by:
equals in interface java.security.Principal
Overrides:
equals in class java.lang.Object
Parameters:
other - principal to compare with
Returns:
true if the principal passed in is the same as that encapsulated by this principal, and false otherwise
See Also:
Principal.equals(java.lang.Object)

getName

public java.lang.String getName()
Returns the name of this principal.

Specified by:
getName in interface java.security.Principal
Returns:
the name of this principal
See Also:
Principal.getName()

hashCode

public int hashCode()
Returns a hashcode for this principal.

Specified by:
hashCode in interface java.security.Principal
Overrides:
hashCode in class java.lang.Object
Returns:
a hashcode for this principal
See Also:
Principal.hashCode()

toString

public java.lang.String toString()
Returns a string representation of this principal.

Specified by:
toString in interface java.security.Principal
Overrides:
toString in class java.lang.Object
Returns:
a string representation of this principal
See Also:
Principal.toString()
Overview  Package   Class  Tree  Deprecated  Index  Help 
Built on Wed 2013-06-12 15:21:56+0000, from revision ???
 PREV CLASS   NEXT CLASS FRAMES    NO FRAMES    
SUMMARY: NESTED | FIELD | CONSTR | METHOD DETAIL: FIELD | CONSTR | METHOD
Apache Derby V10.10 Internals - Copyright © 2004,2013 The Apache Software Foundation. All Rights Reserved.