1 /* DelegationPermission.java -- kerberos delegation permission
2    Copyright (C) 2006 Free Software Foundation, Inc.
3 
4 This file is part of GNU Classpath.
5 
6 GNU Classpath is free software; you can redistribute it and/or modify
7 it under the terms of the GNU General Public License as published by
8 the Free Software Foundation; either version 2, or (at your option)
9 any later version.
10 
11 GNU Classpath is distributed in the hope that it will be useful, but
12 WITHOUT ANY WARRANTY; without even the implied warranty of
13 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
14 General Public License for more details.
15 
16 You should have received a copy of the GNU General Public License
17 along with GNU Classpath; see the file COPYING.  If not, write to the
18 Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
19 02110-1301 USA.
20 
21 Linking this library statically or dynamically with other modules is
22 making a combined work based on this library.  Thus, the terms and
23 conditions of the GNU General Public License cover the whole
24 combination.
25 
26 As a special exception, the copyright holders of this library give you
27 permission to link this library with independent modules to produce an
28 executable, regardless of the license terms of these independent
29 modules, and to copy and distribute the resulting executable under
30 terms of your choice, provided that you also meet, for each linked
31 independent module, the terms and conditions of the license of that
32 module.  An independent module is a module which is not derived from
33 or based on this library.  If you modify this library, you may extend
34 this exception to your version of the library, but you are not
35 obligated to do so.  If you do not wish to do so, delete this
36 exception statement from your version. */
37 
38 
39 package javax.security.auth.kerberos;
40 
41 import java.security.BasicPermission;
42 import java.security.Permission;
43 import java.security.PermissionCollection;
44 import java.util.Enumeration;
45 import java.util.Vector;
46 
47 /**
48  * @since 1.4
49  */
50 public final class DelegationPermission
51     extends BasicPermission
52 {
53   // FIXME: Enable this when serialization works.
54   // private static final long serialVersionUID = 883133252142523922L;
55 
56   /**
57    * Create a new instance with the given name.
58    */
DelegationPermission(String name)59   public DelegationPermission(String name)
60   {
61     super(name);
62     checkSyntax(name);
63   }
64 
65   /**
66    * Create a new instance with the given name and actions.
67    *
68    * The name consists of two parts: first the subordinate
69    * service principal, then the target service principal.
70    * Each principal is surrounded by quotes; the two are separated
71    * by a space.
72    *
73    * @param name the name
74    * @param actions the actions; this is ignored
75    */
DelegationPermission(String name, String actions)76   public DelegationPermission(String name, String actions)
77   {
78     super(name, actions);
79     checkSyntax(name);
80   }
81 
checkSyntax(String name)82   private static void checkSyntax(String name)
83   {
84     int index = name.indexOf('"', 1);
85     int len = name.length();
86     if (name.charAt(0) != '"' || name.charAt(len - 1) != '"'
87         || index == -1 || index + 3 >= len
88         || name.charAt(index + 1) != ' '
89         || name.charAt(index + 2) != '"')
90       // FIXME: better message here.
91       throw new IllegalArgumentException("invalid syntax for principals");
92   }
93 
implies(Permission perm)94   public boolean implies(Permission perm)
95   {
96     return equals(perm);
97   }
98 
newPermissionCollection()99   public PermissionCollection newPermissionCollection()
100   {
101     // FIXME: don't know how to serialize here.  I suspect this
102     // class has to have a particular name, etc ...
103     return new PermissionCollection()
104     {
105       private Vector permissions = new Vector();
106 
107       public void add(Permission perm)
108       {
109         if (isReadOnly())
110           throw new SecurityException("readonly");
111         if (! (perm instanceof DelegationPermission))
112           throw new IllegalArgumentException("can only add DelegationPermissions");
113         permissions.add(perm);
114       }
115 
116       public boolean implies(Permission perm)
117       {
118         if (! (perm instanceof DelegationPermission))
119           return false;
120         Enumeration e = elements();
121         while (e.hasMoreElements())
122           {
123             DelegationPermission dp = (DelegationPermission) e.nextElement();
124             if (dp.implies(perm))
125               return true;
126           }
127         return false;
128       }
129 
130       public Enumeration elements()
131       {
132         return permissions.elements();
133       }
134     };
135   }
136 }
137