jespa.security

Class SecurityPrincipal

java.lang.Object

jespa.security.SecurityPrincipal

All Implemented Interfaces:

java.security.Principal

public class SecurityPrincipal
extends java.lang.Object
implements java.security.Principal

An object representing an account with a name and domain. The class also notes the canonical form in which the the account name was supplied. Currently this class supports four different canonical forms:

Canonical forms of account names

Canonical Form	Example	Description
1 - Distinguished Name	CN=Alice Baker,CN=Users,DC=example,DC=com	An X.500 style Distinguished Name (DN) or Relative Distinguished Name (RDN) like CN=Alice Baker.
2 - Username	alice	A simple username without a domain.
3 - Backslash	EXAMPLE\alice	A Windows-style qualified account name with NetBIOS short domain name. A DNS domain name may also be used like "example.com\alice".
4 - Principal	alice@example.com	A qualified account name with a DNS domain.

Field Summary

Fields

Modifier and Type	Field and Description
protected int	canonicalForm
protected java.lang.String	domain
protected java.lang.String	name

Constructor Summary

Constructors

Constructor and Description
SecurityPrincipal(java.lang.String acctname) Create a new SecurityPrincipal with an account name like "alice@example.com", "EXAMPLE\alice" or "alice".
SecurityPrincipal(java.lang.String dname, java.lang.String uname) Create a new SecurityPrincipal from a domain and username.

Method Summary

Modifier and Type	Method and Description
boolean	equals(java.lang.Object obj) Compare two principals for equality using a case insensitive comparison of the username and domain.
int	getCanonicalForm()
java.lang.String	getCanonicalName(int form) Return the full principal name in the desired canonical form (see table of values above).
java.lang.String	getDomain() Return the domain component of this principal name.
java.lang.String	getName() Return the full principal name in the canonical form in which it was supplied or in principal name form (2) if the domain and username were supplied separately.
java.lang.String	getUsername() Return the username component of this principal name.
int	hashCode() Return a hash value for the name and possibly domain.
java.lang.String	toString() Returns the same value as getName().

Methods inherited from class java.lang.Object

clone, finalize, getClass, notify, notifyAll, wait, wait, wait

Methods inherited from interface java.security.Principal

implies

Field Detail

canonicalForm

protected int canonicalForm

domain

protected java.lang.String domain

name

protected java.lang.String name

Constructor Detail

SecurityPrincipal

public SecurityPrincipal(java.lang.String acctname)
                  throws SecurityProviderException

Create a new SecurityPrincipal with an account name like "alice@example.com", "EXAMPLE\alice" or "alice".

Parameters:

acctname - the account name (preferrably qualified with a domain name)

Throws:

SecurityProviderException - if a username component cannot be parsed from the supplied account name

SecurityPrincipal

public SecurityPrincipal(java.lang.String dname,
                         java.lang.String uname)
                  throws SecurityProviderException

Create a new SecurityPrincipal from a domain and username. If the username contains an '@' or '\', the supplied domain parameter will be ignored.

Parameters:

dname - the domain name of the principal

uname - the username of the principal

Throws:

SecurityProviderException - if a username is null, empty or contains only whitespace

Method Detail

getDomain

public java.lang.String getDomain()

Return the domain component of this principal name.

Returns:

the domain component of this principal name

getUsername

public java.lang.String getUsername()

Return the username component of this principal name.

Returns:

the username component of this principal name

getName

public java.lang.String getName()

Return the full principal name in the canonical form in which it was supplied or in principal name form (2) if the domain and username were supplied separately.

Specified by:

getName in interface java.security.Principal

getCanonicalName

public java.lang.String getCanonicalName(int form)
                                  throws SecurityProviderException

Return the full principal name in the desired canonical form (see table of values above). This method does not canonicalize the domain. Meaning if "EXAMPLE\alice" is supplied and the principal name canonical form (4) is requested, the returned string will be "alice@EXAMPLE". A security provider should be used to properly canonicalize a principal name.

Parameters:

form - the canonical form (1 - DN or RDN; 2 - username; 3 - backslash; 4 - principal)

Returns:

the canonicalized name

Throws:

SecurityProviderException

getCanonicalForm

public int getCanonicalForm()

hashCode

public int hashCode()

Return a hash value for the name and possibly domain.

Specified by:

hashCode in interface java.security.Principal

Overrides:

hashCode in class java.lang.Object

equals

public boolean equals(java.lang.Object obj)

Compare two principals for equality using a case insensitive comparison of the username and domain. This method does not canonicalize domains - meaning even though EXAMPLE\alice and alice@example.com may refer to the same account, they will not be considered equal because the domains do not match.

Specified by:

equals in interface java.security.Principal

Overrides:

equals in class java.lang.Object

Parameters:

obj - the other SecurityPrincipal being compaired

toString

public java.lang.String toString()

Returns the same value as getName().

Specified by:

toString in interface java.security.Principal

Overrides:

toString in class java.lang.Object