Clover Coverage Report
Coverage timestamp: Sun Mar 23 2008 08:24:39 GMT
47   302   17   2.76
24   104   0.7   17
17     1.94  
1    
 
 
  UserEntry       Line # 53 47 17 65.9% 0.65909094
 
  (1)
 
1    /*
2    * Copyright (c) 2000-2005, University of Salford
3    * All rights reserved.
4    *
5    * Redistribution and use in source and binary forms, with or without
6    * modification, are permitted provided that the following conditions are met:
7    *
8    * Redistributions of source code must retain the above copyright notice, this
9    * list of conditions and the following disclaimer.
10    *
11    * Redistributions in binary form must reproduce the above copyright notice,
12    * this list of conditions and the following disclaimer in the documentation
13    * and/or other materials provided with the distribution.
14    *
15    * Neither the name of the University of Salford nor the names of its
16    * contributors may be used to endorse or promote products derived from this
17    * software without specific prior written permission.
18    *
19    * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
20    * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
21    * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
22    * ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE
23    * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
24    * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
25    * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
26    * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
27    * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
28    * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
29    * POSSIBILITY OF SUCH DAMAGE.
30    */
31   
32    package issrg.pba.repository;
33   
34    import issrg.pba.rbac.LDAPDNPrincipal;
35    import issrg.utils.repository.Entry;
36    import issrg.utils.repository.TokenLocator;
37   
38   
39    /**
40    * This is the implementation of the TokenLocator interface, where the entry
41    * and the token locator are the same and are the Distinguished Name of the
42    * entry. The
43    * object is used for matching the Subject domain and for locating the
44    * authorisation tokens of the user within the repository. Note that for the
45    * purposes of the Permis project the subject domain is identified by the
46    * entry the authorisation tokens are stored in, so this circumstance defines
47    * the return results of the methods.
48    *
49    * @author A Otenko
50    * @version 1.0
51    */
52   
 
53    public class UserEntry implements issrg.pba.rbac.policies.LDAPEntry, TokenLocator {
54    private LDAPDNPrincipal subjectDN=null;
55    private LDAPDNPrincipal issuerDN=null;
56    private java.math.BigInteger sn=null;
57   
58    protected TokenLocator alternativeDN=null;
59   
60   
61   
62    /**
63    * This method is used to initialise the object by different constructors.
64    * The method automatically checks if the parameters are correct: that either
65    * the subject or issuer DNs have been specified, and if the issuer DN has
66    * been specified, that the SN has been specified as well.
67    *
68    * @param subject is the name of the holder
69    * @param issuer is the name of the issuer for the alternate reference
70    * @param serialNumber is the serial number of the PKC
71    *
72    * @throws IllegalArgumentException if the parameters are invalid: both of
73    * the references is null, or the serialNumber is null, when the issuer
74    * name
75    * is specified
76    */
 
77  3452 toggle protected void _init_(java.security.Principal subject, java.security.Principal issuer,
78    java.math.BigInteger serialNumber){
79  3452 try{
80  3452 if (subject==null && (issuer==null || serialNumber==null)){
81  0 throw new IllegalArgumentException("Cannot instantiate: Subject DN and Issuer data are null");
82    }
83   
84  3452 if ((issuer==null) ^ (serialNumber==null)){
85  0 throw new IllegalArgumentException("Cannot instantiate: Issuer data incomplete");
86    }
87   
88  3452 if (subject!=null){
89  3452 subjectDN=new LDAPDNPrincipal(subject.getName());
90    }
91   
92  3452 sn=serialNumber;
93   
94  3452 if (issuer!=null){
95  0 issuerDN=new LDAPDNPrincipal(issuer.getName());
96  0 alternativeDN = new EntryLocator(this, new LDAPDNPrincipal(
97    issuerSerialToDN(issuerDN.getName(), sn)
98    ), null, null);
99    }
100    }catch(issrg.utils.RFC2253ParsingException rpe){
101  0 throw new IllegalArgumentException("Cannot instantiate: Error while parsing DN occured: "+rpe.getMessage());
102    }
103    }
104   
105    /**
106    * This variable sets the attribute type for the serial number in the DN, when
107    * constructing it for the IssuerSerial case.
108    */
109    final public static String SN_ATTRIBUTE_TYPE = "SN";
110   
111    /**
112    * This is the universal way for constructing the LDAP DN for the entry, whose
113    * name is constructed out of the PKC Issuer DN and PKC SN.
114    */
 
115  0 toggle public static String issuerSerialToDN(String issuerDN, java.math.BigInteger serialNumber){
116  0 if (issuerDN==null || serialNumber==null){
117    // TODO: do I throw an exception instead?
118  0 return null;
119    }
120  0 return SN_ATTRIBUTE_TYPE+"="+serialNumber.toString()+((issuerDN.intern()=="")?"":(","+issuerDN));
121    }
122   
123   
 
124  1779 toggle protected UserEntry(){}
125   
126    /**
127    * This constructor builds an object by the name of the holder.
128    *
129    * @param subject is the name of the holder
130    */
 
131  1673 toggle public UserEntry(java.security.Principal subject){
132  1673 _init_(subject, null, null);
133    }
134   
135    /**
136    * This constructor builds an object by the name of the issuer and the
137    * serialNumber of the PKC.
138    *
139    * @param issuer is the name of the issuer
140    * @param serialNumber is the serial number of the PKC
141    */
 
142  0 toggle public UserEntry(java.security.Principal issuer, java.math.BigInteger serialNumber){
143  0 _init_(null, issuer, serialNumber);
144    }
145   
146    /**
147    * This constructor builds the object by specifying all of the parameters. Any
148    * of them can be null, but not all of them.
149    *
150    * @param subject is the name of the holder
151    * @param issuer is the name of the issuer
152    * @param serialNumber is the serial number of the PKC
153    */
 
154  0 toggle public UserEntry(java.security.Principal subject, java.security.Principal issuer,
155    java.math.BigInteger serialNumber){
156  0 _init_(subject, issuer, serialNumber);
157    }
158   
159   
160    /*
161    * USER DN METHODS
162    */
163   
164    /**
165    * This method is used to retrieve the Subject DN.
166    *
167    * @return the DN of the Subject as a Principal object
168    */
 
169  23988 toggle public java.security.Principal getSubjectDN(){
170  23988 return subjectDN;
171    }
172   
173    /**
174    * This method is used to retrieve the Issuer DN.
175    *
176    * @return the DN of the Issuer as a Principal object
177    */
 
178  0 toggle public java.security.Principal getIssuerDN(){
179  0 return issuerDN;
180    }
181   
182    /**
183    * This method is used to retrieve the serial number of the relevant PKC
184    *
185    * @return the BigInteger, representing the serial number
186    */
 
187  0 toggle public java.math.BigInteger getSerialNumber(){
188  0 return sn;
189    }
190   
191   
192    /*
193    * TOKEN LOCATOR METHODS
194    */
195   
196    /**
197    * This method returns the Subject DN as the main locator.
198    *
199    * @return the main locator DN
200    */
 
201  23988 toggle public java.security.Principal getLocator(){
202  23988 return getSubjectDN();
203    }
204   
205    /**
206    * This implementation assumes that since the DN of the entry is globally
207    * unique, it makes sense in any repository, so null is returned.
208    *
209    * @return null to assume the default repository
210    */
 
211  1353 toggle public issrg.utils.repository.AttributeRepository getRepository(){
212  1353 return null;
213    }
214   
215   
216    /**
217    * This method returns the Issuer DN combined with PKC Serial number as the
218    * alternative token locator.
219    *
220    * @return the alternative locator
221    */
 
222  23898 toggle public TokenLocator getAlternativeLocator(){
223  23898 return alternativeDN;
224    }
225   
 
226  6470 toggle public Entry getEntry(){
227  6470 return this;
228    }
229   
230    /*
231    * LDAP ENTRY METHODS
232    */
233   
234    /**
235    * This method returns the main locator, or the alternative locator, if the
236    * former is null.
237    *
238    * @return a valid locator
239    */
 
240  22455 toggle public LDAPDNPrincipal getDN(){
241  22455 java.security.Principal s=null;
242  22455 TokenLocator t=this;
243   
244  44910 while (s==null && t!=null){
245  22455 s=t.getLocator();
246  22455 t=t.getAlternativeLocator();
247    }
248   
249  22455 return (LDAPDNPrincipal)s;
250    }
251   
252    /**
253    * This method will return the Entry Name - it is the same as getSubjectDN();
254    */
 
255  6506 toggle public java.security.Principal getEntryName(){
256  6506 return getDN();
257    }
258   
259    /**
260    * This method always throws a SecurityException, since LDAP is not trusted to
261    * return the object class for DNs (user entries).
262    *
263    * @param what is the object class to compare to
264    *
265    * @return does not return anything
266    *
267    * @throws SecurityException, since the User is not trusted to tell their
268    * object Class
269    */
 
270  0 toggle public boolean isObjectClass(String what){
271  0 throw new java.lang.SecurityException("LDAP is not trusted to retrieve objectClass for its entries");
272    }
273   
274   
275    /**
276    * Equality is performed by calling equals method on the objects representing
277    * Locator and Alternative Locator. These are LDAPDNPrincipal for UserEntry.
278    */
 
279  90 toggle public boolean equals(Object o){
280  90 if (o instanceof UserEntry){
281  90 UserEntry u = (UserEntry) o;
282   
283  90 java.security.Principal l=null;
284  90 TokenLocator t;
285   
286  135 for(t=this; t!=null; t=t.getAlternativeLocator()){
287  90 l=t.getLocator();
288   
289  0 if (l==null) continue;
290   
291  90 TokenLocator u1;
292  135 for (u1=u; u1!=null; u1=u1.getAlternativeLocator()){
293  90 java.security.Principal l1=u1.getLocator();
294  90 if (l.equals(l1)) return true;
295    }
296    }
297    }
298   
299  45 return false;
300    }
301    }
302