PrincipalEntry xref

View Javadoc

1   package org.eclipse.jetty.policy.entry;
2   //========================================================================
3   //Copyright (c) Webtide LLC
4   //------------------------------------------------------------------------
5   //All rights reserved. This program and the accompanying materials
6   //are made available under the terms of the Eclipse Public License v1.0
7   //and Apache License v2.0 which accompanies this distribution.
8   //
9   //The Eclipse Public License is available at
10  //http://www.eclipse.org/legal/epl-v10.html
11  //
12  //The Apache License v2.0 is available at
13  //http://www.apache.org/licenses/LICENSE-2.0.txt
14  //
15  //You may elect to redistribute this code under either of these licenses.
16  //========================================================================
17  
18  import java.security.KeyStoreException;
19  import java.security.Principal;
20  import java.security.cert.Certificate;
21  import java.security.cert.X509Certificate;
22  
23  import org.eclipse.jetty.policy.PolicyContext;
24  import org.eclipse.jetty.policy.PolicyException;
25  
26  public class PrincipalEntry extends AbstractEntry
27  {
28      /**
29       * Wildcard value denotes any class and/or any name. Must be asterisk, for proper general expansion and
30       * PrivateCredentialsPermission wildcarding
31       */
32      public static final String WILDCARD = "*"; //$NON-NLS-1$
33  
34      /**
35       * The classname part of principal clause.
36       */
37      private String klass;
38  
39      /**
40       * The name part of principal clause.
41       */
42      private String name;
43      
44      /**
45       * cached principal if already computed
46       */
47      private Principal principal;
48      
49      public Principal toPrincipal( PolicyContext context ) throws PolicyException
50      {
51          if ( principal != null && !isDirty() )
52          {
53              return principal;
54          }
55          
56          // if there is no keystore, there is no way to obtain a principal object // TODO validate we need this check
57          if ( context.getKeystore() == null )
58          {
59              return null;
60          }
61  
62          try
63          {
64              Certificate certificate = context.getKeystore().getCertificate( name );
65  
66              if ( certificate instanceof X509Certificate )
67              {
68                  principal = ( (X509Certificate) certificate ).getSubjectX500Principal();
69                  return principal;
70              }
71              else
72              {
73                  throw new PolicyException( "Unknown Certificate, unable to obtain Principal: " + certificate.getType() );
74              }
75          }
76          catch ( KeyStoreException kse )
77          {
78              throw new PolicyException( kse );
79          }
80      }
81  
82      public void expand( PolicyContext context )
83          throws PolicyException
84      {
85          name = context.evaluate( name );
86          
87          setExpanded(true);
88      }
89  
90      public String getKlass()
91      {
92          return klass;
93      }
94  
95      public void setKlass( String klass )
96      {
97          this.klass = klass;
98      }
99  
100     public String getName()
101     {
102         return name;
103     }
104 
105     public void setName( String name )
106     {
107         this.name = name;
108     }
109     
110     
111 }