com.tivoli.mts
Class PDPrincipal

java.lang.Object
  |
  +--com.tivoli.mts.PDPrincipal
All Implemented Interfaces:
java.security.Principal, com.ibm.security.auth.PrincipalComparator, java.io.Serializable

public class PDPrincipal
extends java.lang.Object
implements java.security.Principal, com.ibm.security.auth.PrincipalComparator, java.io.Serializable

This class implements the Principal interface and represents general information about a Policy Director user.

Principals such as this PDPrincipal may be associated with a particular Subject to augment that Subject with an additional identity. Refer to the Subject class for more information on how to achieve this. Authorization decisions can then be based upon the Principals associated with a Subject.

Author:
D. Kent Soper, Bruce Rich
See Also:
Principal, Subject, Serialized Form

Constructor Summary
PDPrincipal()
          Create a PDPrincipal for the "unauthenticated user".
PDPrincipal(java.lang.String name)
          Create a PDPrincipal with an identifying name.
PDPrincipal(java.lang.String name, char[] password)
          Create a PDPrincipal with an identifying name.
 
Method Summary
 PDPrincipal addGroupMemberships(java.lang.String serviceID, java.lang.String[] groups)
          Return a new PDPrincipal that adds these group memberships to the current PDPrincipal
 boolean equals(java.lang.Object o)
          Compares the specified Object with this PDPrincipal for equality.
 java.lang.String getName()
          Return a string name of this PDPrincipal.
 int hashCode()
          Return a hash code for this PDPrincipal.
 boolean implies(PDPermission perm)
          See if the current PDPrincipal has the specified PDPermission.
 boolean implies(PDPermission perm, PDAttrs attrsIn, PDAttrs attrsOut)
          See if the current PDPrincipal has the specified PDPermission.
 boolean implies(javax.security.auth.Subject subject)
          Check if the specified Subject is implied by this object.
 java.lang.String toString()
          Return a string representation of this PDPrincipal.
 
Methods inherited from class java.lang.Object
clone, finalize, getClass, notify, notifyAll, wait, wait, wait
 

Constructor Detail

PDPrincipal

public PDPrincipal(java.lang.String name,
                   char[] password)
            throws java.lang.NullPointerException,
                   java.lang.IllegalArgumentException,
                   java.lang.IllegalStateException
Create a PDPrincipal with an identifying name.

Parameters:
name - the identifying name.

password - the password for the identifying name.

Throws:
java.lang.NullPointerException - if the name or the password is null.
java.lang.IllegalArgumentException - if the name has zero length.
java.lang.SecurityException - if the caller does not have permission to create PDPrincipals.
java.lang.IllegalStateException - if Policy Director could not obtain this user's credentials

PDPrincipal

public PDPrincipal(java.lang.String name)
            throws java.lang.NullPointerException,
                   java.lang.IllegalArgumentException,
                   java.lang.IllegalStateException
Create a PDPrincipal with an identifying name.

Parameters:
name - the identifying name.

Throws:
java.lang.NullPointerException - if the name is null.
java.lang.IllegalArgumentException - if the name has zero length.
java.lang.SecurityException - if the caller does not have permission to create PDPrincipals.
java.lang.IllegalStateException - if Policy Director could not obtain this user's credentials

PDPrincipal

public PDPrincipal()
            throws java.lang.IllegalStateException
Create a PDPrincipal for the "unauthenticated user".

Throws:
java.lang.IllegalStateException - if Policy Director could not obtain the "unauth" credentials
Method Detail

addGroupMemberships

public PDPrincipal addGroupMemberships(java.lang.String serviceID,
                                       java.lang.String[] groups)
                                throws java.lang.NullPointerException
Return a new PDPrincipal that adds these group memberships to the current PDPrincipal
Parameters:
serviceID - the credential modification service identifier. If null, the default credential modification service will be employed.
groups - the groups to be added to the new PDPrincipal's credentials
Returns:
a new PDPrincipal that reflects the additional group memberships
Throws:
java.lang.NullPointerException - if no groups are passed in
java.lang.IllegalStateException - on remote errors

implies

public boolean implies(PDPermission perm)
See if the current PDPrincipal has the specified PDPermission.
Parameters:
perm - the PDPermission in question.
Returns:
true if the current PDPrincipal has the specified PDPermission and false otherwise.

implies

public boolean implies(PDPermission perm,
                       PDAttrs attrsIn,
                       PDAttrs attrsOut)
See if the current PDPrincipal has the specified PDPermission. Report any resulting attributes from the server.
Parameters:
perm - the PDPermission in question.
attrsIn - the input attribute list.
attrsOut - the output attribute list.
Returns:
true if the current PDPrincipal has the specified PDPermission and false otherwise.

getName

public java.lang.String getName()
Return a string name of this PDPrincipal.

Specified by:
getName in interface java.security.Principal
Returns:
a string name of this PDPrincipal

toString

public java.lang.String toString()
Return a string representation of this PDPrincipal.

Specified by:
toString in interface java.security.Principal
Overrides:
toString in class java.lang.Object
Returns:
a string representation of this PDPrincipal.

equals

public boolean equals(java.lang.Object o)
Compares the specified Object with this PDPrincipal for equality. Returns true if the given object is also a PDPrincipal and the two PDPrincipals have the same String representation.

Specified by:
equals in interface java.security.Principal
Overrides:
equals in class java.lang.Object
Parameters:
o - Object to be compared for equality with this PDPrincipal.
Returns:
true if the specified Object is equal to this PDPrincipal.

hashCode

public int hashCode()
Return a hash code for this PDPrincipal.

Specified by:
hashCode in interface java.security.Principal
Overrides:
hashCode in class java.lang.Object
Returns:
a hash code for this PDPrincipal.

implies

public boolean implies(javax.security.auth.Subject subject)
Check if the specified Subject is implied by this object.

Specified by:
implies in interface com.ibm.security.auth.PrincipalComparator
Parameters:
subject - a Subject to check for implication.
Returns:
true if the specified Subject is implied by this object, or false otherwise.