issrg.pba.repository
Class UserEntry

java.lang.Object
  extended by issrg.pba.repository.UserEntry
All Implemented Interfaces:
LDAPEntry, Entry, TokenLocator
Direct Known Subclasses:
ACUserEntry, IssuerEntry

public class UserEntry
extends java.lang.Object
implements LDAPEntry, TokenLocator

This is the implementation of the TokenLocator interface, where the entry and the token locator are the same and are the Distinguished Name of the entry. The object is used for matching the Subject domain and for locating the authorisation tokens of the user within the repository. Note that for the purposes of the Permis project the subject domain is identified by the entry the authorisation tokens are stored in, so this circumstance defines the return results of the methods.

Version:
1.0
Author:
A Otenko

Field Summary
protected  TokenLocator alternativeDN
           
static java.lang.String SN_ATTRIBUTE_TYPE
          This variable sets the attribute type for the serial number in the DN, when constructing it for the IssuerSerial case.
 
Constructor Summary
protected UserEntry()
           
  UserEntry(java.security.Principal subject)
          This constructor builds an object by the name of the holder.
  UserEntry(java.security.Principal issuer, java.math.BigInteger serialNumber)
          This constructor builds an object by the name of the issuer and the serialNumber of the PKC.
  UserEntry(java.security.Principal subject, java.security.Principal issuer, java.math.BigInteger serialNumber)
          This constructor builds the object by specifying all of the parameters.
 
Method Summary
protected  void _init_(java.security.Principal subject, java.security.Principal issuer, java.math.BigInteger serialNumber)
          This method is used to initialise the object by different constructors.
 boolean equals(java.lang.Object o)
          Equality is performed by calling equals method on the objects representing Locator and Alternative Locator.
 TokenLocator getAlternativeLocator()
          This method returns the Issuer DN combined with PKC Serial number as the alternative token locator.
 LDAPDNPrincipal getDN()
          This method returns the main locator, or the alternative locator, if the former is null.
 Entry getEntry()
          This method returns the name of the entry the object locates.
 java.security.Principal getEntryName()
          This method will return the Entry Name - it is the same as getSubjectDN();
 java.security.Principal getIssuerDN()
          This method is used to retrieve the Issuer DN.
 java.security.Principal getLocator()
          This method returns the Subject DN as the main locator.
 AttributeRepository getRepository()
          This implementation assumes that since the DN of the entry is globally unique, it makes sense in any repository, so null is returned.
 java.math.BigInteger getSerialNumber()
          This method is used to retrieve the serial number of the relevant PKC
 java.security.Principal getSubjectDN()
          This method is used to retrieve the Subject DN.
 boolean isObjectClass(java.lang.String what)
          This method always throws a SecurityException, since LDAP is not trusted to return the object class for DNs (user entries).
static java.lang.String issuerSerialToDN(java.lang.String issuerDN, java.math.BigInteger serialNumber)
          This is the universal way for constructing the LDAP DN for the entry, whose name is constructed out of the PKC Issuer DN and PKC SN.
 
Methods inherited from class java.lang.Object
clone, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
 

Field Detail

alternativeDN

protected TokenLocator alternativeDN

SN_ATTRIBUTE_TYPE

public static final java.lang.String SN_ATTRIBUTE_TYPE
This variable sets the attribute type for the serial number in the DN, when constructing it for the IssuerSerial case.

See Also:
Constant Field Values
Constructor Detail

UserEntry

protected UserEntry()

UserEntry

public UserEntry(java.security.Principal subject)
This constructor builds an object by the name of the holder.

Parameters:
subject - is the name of the holder

UserEntry

public UserEntry(java.security.Principal issuer,
                 java.math.BigInteger serialNumber)
This constructor builds an object by the name of the issuer and the serialNumber of the PKC.

Parameters:
issuer - is the name of the issuer
serialNumber - is the serial number of the PKC

UserEntry

public UserEntry(java.security.Principal subject,
                 java.security.Principal issuer,
                 java.math.BigInteger serialNumber)
This constructor builds the object by specifying all of the parameters. Any of them can be null, but not all of them.

Parameters:
subject - is the name of the holder
issuer - is the name of the issuer
serialNumber - is the serial number of the PKC
Method Detail

_init_

protected void _init_(java.security.Principal subject,
                      java.security.Principal issuer,
                      java.math.BigInteger serialNumber)
This method is used to initialise the object by different constructors. The method automatically checks if the parameters are correct: that either the subject or issuer DNs have been specified, and if the issuer DN has been specified, that the SN has been specified as well.

Parameters:
subject - is the name of the holder
issuer - is the name of the issuer for the alternate reference
serialNumber - is the serial number of the PKC
Throws:
java.lang.IllegalArgumentException - if the parameters are invalid: both of the references is null, or the serialNumber is null, when the issuer name is specified

issuerSerialToDN

public static java.lang.String issuerSerialToDN(java.lang.String issuerDN,
                                                java.math.BigInteger serialNumber)
This is the universal way for constructing the LDAP DN for the entry, whose name is constructed out of the PKC Issuer DN and PKC SN.


getSubjectDN

public java.security.Principal getSubjectDN()
This method is used to retrieve the Subject DN.

Returns:
the DN of the Subject as a Principal object

getIssuerDN

public java.security.Principal getIssuerDN()
This method is used to retrieve the Issuer DN.

Returns:
the DN of the Issuer as a Principal object

getSerialNumber

public java.math.BigInteger getSerialNumber()
This method is used to retrieve the serial number of the relevant PKC

Returns:
the BigInteger, representing the serial number

getLocator

public java.security.Principal getLocator()
This method returns the Subject DN as the main locator.

Specified by:
getLocator in interface TokenLocator
Returns:
the main locator DN

getRepository

public AttributeRepository getRepository()
This implementation assumes that since the DN of the entry is globally unique, it makes sense in any repository, so null is returned.

Specified by:
getRepository in interface TokenLocator
Returns:
null to assume the default repository

getAlternativeLocator

public TokenLocator getAlternativeLocator()
This method returns the Issuer DN combined with PKC Serial number as the alternative token locator.

Specified by:
getAlternativeLocator in interface TokenLocator
Returns:
the alternative locator

getEntry

public Entry getEntry()
Description copied from interface: TokenLocator
This method returns the name of the entry the object locates.

Specified by:
getEntry in interface TokenLocator
Returns:
the Entry object representing the entry name

getDN

public LDAPDNPrincipal getDN()
This method returns the main locator, or the alternative locator, if the former is null.

Specified by:
getDN in interface LDAPEntry
Returns:
a valid locator

getEntryName

public java.security.Principal getEntryName()
This method will return the Entry Name - it is the same as getSubjectDN();

Specified by:
getEntryName in interface Entry
Returns:
Principal naming the entry; cannot be null

isObjectClass

public boolean isObjectClass(java.lang.String what)
This method always throws a SecurityException, since LDAP is not trusted to return the object class for DNs (user entries).

Specified by:
isObjectClass in interface LDAPEntry
Parameters:
what - is the object class to compare to
Returns:
does not return anything
Throws:
SecurityException, - since the User is not trusted to tell their object Class

equals

public boolean equals(java.lang.Object o)
Equality is performed by calling equals method on the objects representing Locator and Alternative Locator. These are LDAPDNPrincipal for UserEntry.

Overrides:
equals in class java.lang.Object