001: /*
002: * @(#)IdentityScope.java 1.53 06/10/10
003: *
004: * Copyright 1990-2006 Sun Microsystems, Inc. All Rights Reserved.
005: * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER
006: *
007: * This program is free software; you can redistribute it and/or
008: * modify it under the terms of the GNU General Public License version
009: * 2 only, as published by the Free Software Foundation.
010: *
011: * This program is distributed in the hope that it will be useful, but
012: * WITHOUT ANY WARRANTY; without even the implied warranty of
013: * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
014: * General Public License version 2 for more details (a copy is
015: * included at /legal/license.txt).
016: *
017: * You should have received a copy of the GNU General Public License
018: * version 2 along with this work; if not, write to the Free Software
019: * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
020: * 02110-1301 USA
021: *
022: * Please contact Sun Microsystems, Inc., 4150 Network Circle, Santa
023: * Clara, CA 95054 or visit www.sun.com if you need additional
024: * information or have any questions.
025: *
026: */
027:
028: package java.security;
029:
030: import java.io.Serializable;
031: import java.util.Enumeration;
032: import java.util.Properties;
033:
034: /**
035: * <p>This class represents a scope for identities. It is an Identity
036: * itself, and therefore has a name and can have a scope. It can also
037: * optionally have a public key and associated certificates.
038: *
039: * <p>An IdentityScope can contain Identity objects of all kinds, including
040: * Signers. All types of Identity objects can be retrieved, added, and
041: * removed using the same methods. Note that it is possible, and in fact
042: * expected, that different types of identity scopes will
043: * apply different policies for their various operations on the
044: * various types of Identities.
045: *
046: * <p>There is a one-to-one mapping between keys and identities, and
047: * there can only be one copy of one key per scope. For example, suppose
048: * <b>Acme Software, Inc</b> is a software publisher known to a user.
049: * Suppose it is an Identity, that is, it has a public key, and a set of
050: * associated certificates. It is named in the scope using the name
051: * "Acme Software". No other named Identity in the scope has the same
052: * public key. Of course, none has the same name as well.
053: *
054: * @see Identity
055: * @see Signer
056: * @see Principal
057: * @see Key
058: *
059: * @version 1.46 00/02/02
060: * @author Benjamin Renaud
061: *
062: * @deprecated This class is no longer used. Its functionality has been
063: * replaced by <code>java.security.KeyStore</code>, the
064: * <code>java.security.cert</code> package, and
065: * <code>java.security.Principal</code>.
066: */
067:
068: public abstract class IdentityScope extends Identity {
069:
070: /* The system's scope */
071: private static IdentityScope scope;
072:
073: // initialize the system scope
074: private static void initializeSystemScope() {
075:
076: String classname = (String) AccessController
077: .doPrivileged(new PrivilegedAction() {
078: public Object run() {
079: return Security.getProperty("system.scope");
080: }
081: });
082:
083: if (classname == null) {
084: return;
085:
086: } else {
087:
088: try {
089: Class.forName(classname);
090: } catch (ClassNotFoundException e) {
091: Security
092: .error("unable to establish a system scope from "
093: + classname);
094: e.printStackTrace();
095: }
096: }
097: }
098:
099: /**
100: * This constructor is used for serialization only and should not
101: * be used by subclasses.
102: */
103: protected IdentityScope() {
104: this ("restoring...");
105: }
106:
107: /**
108: * Constructs a new identity scope with the specified name.
109: *
110: * @param name the scope name.
111: */
112: public IdentityScope(String name) {
113: super (name);
114: }
115:
116: /**
117: * Constructs a new identity scope with the specified name and scope.
118: *
119: * @param name the scope name.
120: * @param scope the scope for the new identity scope.
121: *
122: * @exception KeyManagementException if there is already an identity
123: * with the same name in the scope.
124: */
125: public IdentityScope(String name, IdentityScope scope)
126: throws KeyManagementException {
127: super (name, scope);
128: }
129:
130: /**
131: * Returns the system's identity scope.
132: *
133: * @return the system's identity scope.
134: *
135: * @see #setSystemScope
136: */
137: public static IdentityScope getSystemScope() {
138: if (scope == null) {
139: initializeSystemScope();
140: }
141: return scope;
142: }
143:
144: /**
145: * Sets the system's identity scope.
146: *
147: * <p>First, if there is a security manager, its
148: * <code>checkSecurityAccess</code>
149: * method is called with <code>"setSystemScope"</code>
150: * as its argument to see if it's ok to set the identity scope.
151: *
152: * @param scope the scope to set.
153: *
154: * @exception SecurityException if a security manager exists and its
155: * <code>checkSecurityAccess</code> method doesn't allow
156: * setting the identity scope.
157: *
158: * @see #getSystemScope
159: * @see SecurityManager#checkSecurityAccess
160: */
161: protected static void setSystemScope(IdentityScope scope) {
162: check("setSystemScope");
163: IdentityScope.scope = scope;
164: }
165:
166: /**
167: * Returns the number of identities within this identity scope.
168: *
169: * @return the number of identities within this identity scope.
170: */
171: public abstract int size();
172:
173: /**
174: * Returns the identity in this scope with the specified name (if any).
175: *
176: * @param name the name of the identity to be retrieved.
177: *
178: * @return the identity named <code>name</code>, or null if there are
179: * no identities named <code>name</code> in this scope.
180: */
181: public abstract Identity getIdentity(String name);
182:
183: /**
184: * Retrieves the identity whose name is the same as that of the
185: * specified principal. (Note: Identity implements Principal.)
186: *
187: * @param principal the principal corresponding to the identity
188: * to be retrieved.
189: *
190: * @return the identity whose name is the same as that of the
191: * principal, or null if there are no identities of the same name
192: * in this scope.
193: */
194: public Identity getIdentity(Principal principal) {
195: return getIdentity(principal.getName());
196: }
197:
198: /**
199: * Retrieves the identity with the specified public key.
200: *
201: * @param key the public key for the identity to be returned.
202: *
203: * @return the identity with the given key, or null if there are
204: * no identities in this scope with that key.
205: */
206: public abstract Identity getIdentity(PublicKey key);
207:
208: /**
209: * Adds an identity to this identity scope.
210: *
211: * @param identity the identity to be added.
212: *
213: * @exception KeyManagementException if the identity is not
214: * valid, a name conflict occurs, another identity has the same
215: * public key as the identity being added, or another exception
216: * occurs. */
217: public abstract void addIdentity(Identity identity)
218: throws KeyManagementException;
219:
220: /**
221: * Removes an identity from this identity scope.
222: *
223: * @param identity the identity to be removed.
224: *
225: * @exception KeyManagementException if the identity is missing,
226: * or another exception occurs.
227: */
228: public abstract void removeIdentity(Identity identity)
229: throws KeyManagementException;
230:
231: /**
232: * Returns an enumeration of all identities in this identity scope.
233: *
234: * @return an enumeration of all identities in this identity scope.
235: */
236: public abstract Enumeration identities();
237:
238: /**
239: * Returns a string representation of this identity scope, including
240: * its name, its scope name, and the number of identities in this
241: * identity scope.
242: *
243: * @return a string representation of this identity scope.
244: */
245: public String toString() {
246: return super .toString() + "[" + size() + "]";
247: }
248:
249: private static void check(String directive) {
250: SecurityManager security = System.getSecurityManager();
251: if (security != null) {
252: security.checkSecurityAccess(directive);
253: }
254: }
255:
256: }
|