View Javadoc

1   //
2   //  ========================================================================
3   //  Copyright (c) 1995-2013 Mort Bay Consulting Pty. Ltd.
4   //  ------------------------------------------------------------------------
5   //  All rights reserved. This program and the accompanying materials
6   //  are made available under the terms of the Eclipse Public License v1.0
7   //  and Apache License v2.0 which accompanies this distribution.
8   //
9   //      The Eclipse Public License is available at
10  //      http://www.eclipse.org/legal/epl-v10.html
11  //
12  //      The Apache License v2.0 is available at
13  //      http://www.opensource.org/licenses/apache2.0.php
14  //
15  //  You may elect to redistribute this code under either of these licenses.
16  //  ========================================================================
17  //
18  
19  package org.eclipse.jetty.policy.entry;
20  
21  import java.security.KeyStoreException;
22  import java.security.Principal;
23  import java.security.cert.Certificate;
24  import java.security.cert.X509Certificate;
25  
26  import org.eclipse.jetty.policy.PolicyContext;
27  import org.eclipse.jetty.policy.PolicyException;
28  
29  public class PrincipalEntry extends AbstractEntry
30  {
31      /**
32       * Wildcard value denotes any class and/or any name. Must be asterisk, for proper general expansion and
33       * PrivateCredentialsPermission wildcarding
34       */
35      public static final String WILDCARD = "*"; //$NON-NLS-1$
36  
37      /**
38       * The classname part of principal clause.
39       */
40      private String klass;
41  
42      /**
43       * The name part of principal clause.
44       */
45      private String name;
46      
47      /**
48       * cached principal if already computed
49       */
50      private Principal principal;
51      
52      public Principal toPrincipal( PolicyContext context ) throws PolicyException
53      {
54          if ( principal != null && !isDirty() )
55          {
56              return principal;
57          }
58          
59          // if there is no keystore, there is no way to obtain a principal object 
60          // TODO validate we need this check
61          if ( context.getKeystore() == null )
62          {
63              return null;
64          }
65  
66          try
67          {
68              Certificate certificate = context.getKeystore().getCertificate( name );
69  
70              if ( certificate instanceof X509Certificate )
71              {
72                  principal = ( (X509Certificate) certificate ).getSubjectX500Principal();
73                  return principal;
74              }
75              else
76              {
77                  throw new PolicyException( "Unknown Certificate, unable to obtain Principal: " + certificate.getType() );
78              }
79          }
80          catch ( KeyStoreException kse )
81          {
82              throw new PolicyException( kse );
83          }
84      }
85  
86      public void expand( PolicyContext context )
87          throws PolicyException
88      {
89          name = context.evaluate( name );
90          
91          setExpanded(true);
92      }
93  
94      public String getKlass()
95      {
96          return klass;
97      }
98  
99      public void setKlass( String klass )
100     {
101         this.klass = klass;
102     }
103 
104     public String getName()
105     {
106         return name;
107     }
108 
109     public void setName( String name )
110     {
111         this.name = name;
112     }
113     
114     
115 }