Class SystemPrincipal

  • All Implemented Interfaces:
    java.io.Serializable, java.security.Principal

    public final class SystemPrincipal
    extends java.lang.Object
    implements java.security.Principal, java.io.Serializable
    This class represents Derby's notion of a principal, a concept of user identity with controlled access to Derby System Privileges. An authenticated user may have other identities which make sense in other code domains.

    Note that principal names do NOT follow Authorization Identifier rules. For instance, although edward and edWard both match the normalized authorization identifier EDWARD, the instances SystemPrincipal("edward") and SystemPrincipal("edWard") represent different principals under the methods getName(), equals(), and hashCode().

    According to JAASRefGuide, Principal classes must implement Serializable.

    See Also:
    Principal.getName(), JAASRefGuide on Principals, Serialized Form
    • Field Summary

      Fields 
      Modifier and Type Field Description
      private java.lang.String name
      The name of the principal.
      (package private) static long serialVersionUID
      BTW, this class currently does not require special handling during serialization/deserialization, so, there's no need to define methods readObject(ObjectInputStream) and writeObject(ObjectOutputStream).
    • Constructor Summary

      Constructors 
      Constructor Description
      SystemPrincipal​(java.lang.String name)
      Constructs a principal for a given name.
    • Method Summary

      All Methods Static Methods Instance Methods Concrete Methods 
      Modifier and Type Method Description
      boolean equals​(java.lang.Object other)
      Compares this principal to the specified object.
      java.lang.String getName()
      Returns the name of this principal.
      int hashCode()
      Returns a hashcode for this principal.
      private void readObject​(java.io.ObjectInputStream s)
      Called upon deserialization for restoring the state of this SystemPrincipal from a stream.
      java.lang.String toString()
      Returns a string representation of this principal.
      private static void validateName​(java.lang.String name)
      Verify that the specified name of the principal is valid.
      • Methods inherited from class java.lang.Object

        clone, finalize, getClass, notify, notifyAll, wait, wait, wait
      • Methods inherited from interface java.security.Principal

        implies
    • Field Detail

      • serialVersionUID

        static final long serialVersionUID
        BTW, this class currently does not require special handling during serialization/deserialization, so, there's no need to define methods readObject(ObjectInputStream) and writeObject(ObjectOutputStream).
        See Also:
        Constant Field Values
      • name

        private final java.lang.String name
        The name of the principal.

        Note that the name is not a "normalized" Authorization Identifier. This is due to peculiarities of the Java Security Runtime, which compares a javax.security.auth.Subject's Principals against the literal Principal name as declared in the policy files, and not against the return value of method getName(). So, a normalization of names within SystemPrincipal doesn't affect permission checking by the SecurityManager.

        In order for a javax.security.auth.Subject to be granted permissions on the basis Authorization Identifier rules, e.g., for a Subject authenticated as edWard to fall under a policy clause declared for EDWARD, the Subject has to be constructed (or augmented) with both the literal name and the normalized Authorization Identifier.

        As an alternative approach, class SystemPrincipal could implement the non-standard interface com.sun.security.auth.PrincipalComparator, which declares a method implies(Subject) that would allow for Principals to match Subjects on the basis of normalized Authorization Identifiers. But then we'd be relying upon non-standard Security Runtime behaviour.

        See Also:
        User Names & Authorization Identifiers in Derby
    • Constructor Detail

      • SystemPrincipal

        public SystemPrincipal​(java.lang.String name)
        Constructs a principal for a given name.
        Parameters:
        name - the name of the principal
        Throws:
        java.lang.NullPointerException - if name is null
        java.lang.IllegalArgumentException - if name is not a legal Principal name
    • Method Detail

      • validateName

        private static void validateName​(java.lang.String name)
        Verify that the specified name of the principal is valid.
        Parameters:
        name - the name of the principal
        Throws:
        java.lang.NullPointerException - if name is null
        java.lang.IllegalArgumentException - if name is not a legal Principal name
      • equals

        public boolean equals​(java.lang.Object other)
        Compares this principal to the specified object. Returns true if the object passed in matches the principal represented by the implementation of this interface.
        Specified by:
        equals in interface java.security.Principal
        Overrides:
        equals in class java.lang.Object
        Parameters:
        other - principal to compare with
        Returns:
        true if the principal passed in is the same as that encapsulated by this principal, and false otherwise
        See Also:
        Principal.equals(java.lang.Object)
      • getName

        public java.lang.String getName()
        Returns the name of this principal.
        Specified by:
        getName in interface java.security.Principal
        Returns:
        the name of this principal
        See Also:
        Principal.getName()
      • hashCode

        public int hashCode()
        Returns a hashcode for this principal.
        Specified by:
        hashCode in interface java.security.Principal
        Overrides:
        hashCode in class java.lang.Object
        Returns:
        a hashcode for this principal
        See Also:
        Principal.hashCode()
      • toString

        public java.lang.String toString()
        Returns a string representation of this principal.
        Specified by:
        toString in interface java.security.Principal
        Overrides:
        toString in class java.lang.Object
        Returns:
        a string representation of this principal
        See Also:
        Principal.toString()
      • readObject

        private void readObject​(java.io.ObjectInputStream s)
                         throws java.io.IOException,
                                java.lang.ClassNotFoundException
        Called upon deserialization for restoring the state of this SystemPrincipal from a stream.
        Throws:
        java.io.IOException
        java.lang.ClassNotFoundException