IdentityScope.java revision 51b1b6997fd3f980076b8081f7f1165ccc2a4008
151b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski/* 251b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * Copyright (c) 1996, 2010, Oracle and/or its affiliates. All rights reserved. 351b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. 451b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * 551b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * This code is free software; you can redistribute it and/or modify it 651b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * under the terms of the GNU General Public License version 2 only, as 751b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * published by the Free Software Foundation. Oracle designates this 851b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * particular file as subject to the "Classpath" exception as provided 951b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * by Oracle in the LICENSE file that accompanied this code. 1051b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * 1151b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * This code is distributed in the hope that it will be useful, but WITHOUT 1251b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or 1351b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License 1451b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * version 2 for more details (a copy is included in the LICENSE file that 1551b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * accompanied this code). 1651b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * 1751b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * You should have received a copy of the GNU General Public License version 1851b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * 2 along with this work; if not, write to the Free Software Foundation, 1951b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. 2051b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * 2151b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA 2251b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * or visit www.oracle.com if you need additional information or have any 2351b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * questions. 2451b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski */ 2551b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski 2651b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebskipackage java.security; 2751b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski 2851b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebskiimport java.io.Serializable; 2951b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebskiimport java.util.Enumeration; 3051b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebskiimport java.util.Properties; 3151b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski 3251b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski/** 3351b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * <p>This class represents a scope for identities. It is an Identity 3451b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * itself, and therefore has a name and can have a scope. It can also 3551b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * optionally have a public key and associated certificates. 3651b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * 3751b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * <p>An IdentityScope can contain Identity objects of all kinds, including 3851b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * Signers. All types of Identity objects can be retrieved, added, and 3951b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * removed using the same methods. Note that it is possible, and in fact 4051b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * expected, that different types of identity scopes will 4151b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * apply different policies for their various operations on the 4251b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * various types of Identities. 4351b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * 4451b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * <p>There is a one-to-one mapping between keys and identities, and 4551b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * there can only be one copy of one key per scope. For example, suppose 4651b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * <b>Acme Software, Inc</b> is a software publisher known to a user. 4751b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * Suppose it is an Identity, that is, it has a public key, and a set of 4851b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * associated certificates. It is named in the scope using the name 4951b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * "Acme Software". No other named Identity in the scope has the same 5051b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * public key. Of course, none has the same name as well. 5151b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * 5251b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * @see Identity 5351b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * @see Signer 5451b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * @see Principal 5551b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * @see Key 5651b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * 5751b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * @author Benjamin Renaud 5851b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * 5951b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * @deprecated This class is no longer used. Its functionality has been 6051b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * replaced by <code>java.security.KeyStore</code>, the 6151b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * <code>java.security.cert</code> package, and 6251b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * <code>java.security.Principal</code>. 6351b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski */ 6451b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski@Deprecated 6551b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebskipublic abstract 6651b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebskiclass IdentityScope extends Identity { 6751b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski 6851b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski private static final long serialVersionUID = -2337346281189773310L; 6951b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski 7051b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski /* The system's scope */ 7151b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski private static IdentityScope scope; 7251b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski 7351b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski // initialize the system scope 7451b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski private static void initializeSystemScope() { 7551b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski 7651b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski String classname = AccessController.doPrivileged( 7751b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski new PrivilegedAction<String>() { 7851b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski public String run() { 7951b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski return Security.getProperty("system.scope"); 8051b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski } 8151b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski }); 8251b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski 8351b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski if (classname == null) { 8451b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski return; 8551b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski 8651b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski } else { 8751b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski 8851b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski try { 8951b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski Class.forName(classname); 9051b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski } catch (ClassNotFoundException e) { 9151b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski //Security.error("unable to establish a system scope from " + 9251b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski // classname); 9351b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski e.printStackTrace(); 9451b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski } 9551b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski } 9651b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski } 9751b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski 9851b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski /** 9951b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * This constructor is used for serialization only and should not 10051b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * be used by subclasses. 10151b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski */ 10251b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski protected IdentityScope() { 10351b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski this("restoring..."); 10451b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski } 10551b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski 10651b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski /** 10751b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * Constructs a new identity scope with the specified name. 10851b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * 10951b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * @param name the scope name. 11051b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski */ 11151b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski public IdentityScope(String name) { 11251b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski super(name); 11351b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski } 11451b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski 11551b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski /** 11651b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * Constructs a new identity scope with the specified name and scope. 11751b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * 11851b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * @param name the scope name. 11951b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * @param scope the scope for the new identity scope. 12051b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * 12151b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * @exception KeyManagementException if there is already an identity 12251b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * with the same name in the scope. 12351b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski */ 12451b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski public IdentityScope(String name, IdentityScope scope) 12551b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski throws KeyManagementException { 12651b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski super(name, scope); 12751b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski } 12851b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski 12951b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski /** 13051b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * Returns the system's identity scope. 13151b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * 13251b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * @return the system's identity scope, or {@code null} if none has been 13351b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * set. 13451b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * 13551b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * @see #setSystemScope 13651b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski */ 13751b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski public static IdentityScope getSystemScope() { 13851b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski if (scope == null) { 13951b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski initializeSystemScope(); 14051b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski } 14151b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski return scope; 14251b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski } 14351b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski 14451b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski 14551b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski /** 14651b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * Sets the system's identity scope. 14751b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * 14851b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * <p>First, if there is a security manager, its 14951b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * <code>checkSecurityAccess</code> 15051b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * method is called with <code>"setSystemScope"</code> 15151b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * as its argument to see if it's ok to set the identity scope. 15251b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * 15351b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * @param scope the scope to set. 15451b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * 15551b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * @exception SecurityException if a security manager exists and its 15651b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * <code>checkSecurityAccess</code> method doesn't allow 15751b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * setting the identity scope. 15851b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * 15951b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * @see #getSystemScope 16051b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * @see SecurityManager#checkSecurityAccess 16151b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski */ 16251b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski protected static void setSystemScope(IdentityScope scope) { 16351b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski check("setSystemScope"); 16451b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski IdentityScope.scope = scope; 16551b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski } 16651b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski 16751b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski /** 16851b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * Returns the number of identities within this identity scope. 16951b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * 17051b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * @return the number of identities within this identity scope. 17151b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski */ 17251b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski public abstract int size(); 17351b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski 17451b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski /** 17551b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * Returns the identity in this scope with the specified name (if any). 17651b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * 17751b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * @param name the name of the identity to be retrieved. 17851b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * 17951b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * @return the identity named <code>name</code>, or null if there are 18051b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * no identities named <code>name</code> in this scope. 18151b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski */ 18251b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski public abstract Identity getIdentity(String name); 18351b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski 18451b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski /** 18551b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * Retrieves the identity whose name is the same as that of the 18651b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * specified principal. (Note: Identity implements Principal.) 18751b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * 18851b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * @param principal the principal corresponding to the identity 18951b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * to be retrieved. 19051b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * 19151b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * @return the identity whose name is the same as that of the 19251b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * principal, or null if there are no identities of the same name 19351b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * in this scope. 19451b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski */ 19551b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski public Identity getIdentity(Principal principal) { 19651b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski return getIdentity(principal.getName()); 19751b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski } 19851b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski 19951b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski /** 20051b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * Retrieves the identity with the specified public key. 20151b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * 20251b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * @param key the public key for the identity to be returned. 20351b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * 20451b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * @return the identity with the given key, or null if there are 20551b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * no identities in this scope with that key. 20651b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski */ 20751b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski public abstract Identity getIdentity(PublicKey key); 20851b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski 20951b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski /** 21051b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * Adds an identity to this identity scope. 21151b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * 21251b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * @param identity the identity to be added. 21351b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * 21451b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * @exception KeyManagementException if the identity is not 21551b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * valid, a name conflict occurs, another identity has the same 21651b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * public key as the identity being added, or another exception 21751b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * occurs. */ 21851b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski public abstract void addIdentity(Identity identity) 21951b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski throws KeyManagementException; 22051b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski 22151b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski /** 22251b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * Removes an identity from this identity scope. 22351b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * 22451b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * @param identity the identity to be removed. 22551b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * 22651b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * @exception KeyManagementException if the identity is missing, 22751b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * or another exception occurs. 22851b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski */ 22951b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski public abstract void removeIdentity(Identity identity) 23051b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski throws KeyManagementException; 23151b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski 23251b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski /** 23351b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * Returns an enumeration of all identities in this identity scope. 23451b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * 23551b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * @return an enumeration of all identities in this identity scope. 23651b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski */ 23751b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski public abstract Enumeration<Identity> identities(); 23851b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski 23951b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski /** 24051b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * Returns a string representation of this identity scope, including 24151b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * its name, its scope name, and the number of identities in this 24251b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * identity scope. 24351b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * 24451b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * @return a string representation of this identity scope. 24551b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski */ 24651b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski public String toString() { 24751b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski return super.toString() + "[" + size() + "]"; 24851b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski } 24951b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski 25051b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski private static void check(String directive) { 25151b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski SecurityManager security = System.getSecurityManager(); 25251b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski if (security != null) { 25351b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski security.checkSecurityAccess(directive); 25451b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski } 25551b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski } 25651b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski 25751b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski} 258