author | ohair |
Wed, 06 Apr 2011 22:06:11 -0700 | |
changeset 9035 | 1255eb81cc2f |
parent 8152 | 94e5966bdf22 |
child 14775 | 2ed01c760aea |
permissions | -rw-r--r-- |
2 | 1 |
/* |
9035
1255eb81cc2f
7033660: Update copyright year to 2011 on any files changed in 2011
ohair
parents:
8152
diff
changeset
|
2 |
* Copyright (c) 1998, 2011, Oracle and/or its affiliates. All rights reserved. |
2 | 3 |
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. |
4 |
* |
|
5 |
* This code is free software; you can redistribute it and/or modify it |
|
6 |
* under the terms of the GNU General Public License version 2 only, as |
|
5506 | 7 |
* published by the Free Software Foundation. Oracle designates this |
2 | 8 |
* particular file as subject to the "Classpath" exception as provided |
5506 | 9 |
* by Oracle in the LICENSE file that accompanied this code. |
2 | 10 |
* |
11 |
* This code is distributed in the hope that it will be useful, but WITHOUT |
|
12 |
* ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or |
|
13 |
* FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License |
|
14 |
* version 2 for more details (a copy is included in the LICENSE file that |
|
15 |
* accompanied this code). |
|
16 |
* |
|
17 |
* You should have received a copy of the GNU General Public License version |
|
18 |
* 2 along with this work; if not, write to the Free Software Foundation, |
|
19 |
* Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. |
|
20 |
* |
|
5506 | 21 |
* Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA |
22 |
* or visit www.oracle.com if you need additional information or have any |
|
23 |
* questions. |
|
2 | 24 |
*/ |
25 |
||
26 |
package javax.security.auth.login; |
|
27 |
||
28 |
import javax.security.auth.AuthPermission; |
|
29 |
||
30 |
import java.io.*; |
|
31 |
import java.util.*; |
|
32 |
import java.net.URI; |
|
33 |
import java.security.AccessController; |
|
34 |
import java.security.PrivilegedAction; |
|
35 |
import java.security.PrivilegedExceptionAction; |
|
36 |
import java.security.PrivilegedActionException; |
|
37 |
import java.security.NoSuchAlgorithmException; |
|
38 |
import java.security.NoSuchProviderException; |
|
39 |
import java.security.Provider; |
|
40 |
import java.security.Security; |
|
41 |
import java.security.SecurityPermission; |
|
42 |
||
43 |
import sun.security.jca.GetInstance; |
|
44 |
||
45 |
/** |
|
46 |
* A Configuration object is responsible for specifying which LoginModules |
|
47 |
* should be used for a particular application, and in what order the |
|
48 |
* LoginModules should be invoked. |
|
49 |
* |
|
50 |
* <p> A login configuration contains the following information. |
|
51 |
* Note that this example only represents the default syntax for the |
|
52 |
* <code>Configuration</code>. Subclass implementations of this class |
|
53 |
* may implement alternative syntaxes and may retrieve the |
|
54 |
* <code>Configuration</code> from any source such as files, databases, |
|
55 |
* or servers. |
|
56 |
* |
|
57 |
* <pre> |
|
58 |
* Name { |
|
59 |
* ModuleClass Flag ModuleOptions; |
|
60 |
* ModuleClass Flag ModuleOptions; |
|
61 |
* ModuleClass Flag ModuleOptions; |
|
62 |
* }; |
|
63 |
* Name { |
|
64 |
* ModuleClass Flag ModuleOptions; |
|
65 |
* ModuleClass Flag ModuleOptions; |
|
66 |
* }; |
|
67 |
* other { |
|
68 |
* ModuleClass Flag ModuleOptions; |
|
69 |
* ModuleClass Flag ModuleOptions; |
|
70 |
* }; |
|
71 |
* </pre> |
|
72 |
* |
|
73 |
* <p> Each entry in the <code>Configuration</code> is indexed via an |
|
74 |
* application name, <i>Name</i>, and contains a list of |
|
75 |
* LoginModules configured for that application. Each <code>LoginModule</code> |
|
76 |
* is specified via its fully qualified class name. |
|
77 |
* Authentication proceeds down the module list in the exact order specified. |
|
78 |
* If an application does not have specific entry, |
|
79 |
* it defaults to the specific entry for "<i>other</i>". |
|
80 |
* |
|
81 |
* <p> The <i>Flag</i> value controls the overall behavior as authentication |
|
82 |
* proceeds down the stack. The following represents a description of the |
|
83 |
* valid values for <i>Flag</i> and their respective semantics: |
|
84 |
* |
|
85 |
* <pre> |
|
86 |
* 1) Required - The <code>LoginModule</code> is required to succeed. |
|
87 |
* If it succeeds or fails, authentication still continues |
|
88 |
* to proceed down the <code>LoginModule</code> list. |
|
89 |
* |
|
90 |
* 2) Requisite - The <code>LoginModule</code> is required to succeed. |
|
91 |
* If it succeeds, authentication continues down the |
|
92 |
* <code>LoginModule</code> list. If it fails, |
|
93 |
* control immediately returns to the application |
|
94 |
* (authentication does not proceed down the |
|
95 |
* <code>LoginModule</code> list). |
|
96 |
* |
|
97 |
* 3) Sufficient - The <code>LoginModule</code> is not required to |
|
98 |
* succeed. If it does succeed, control immediately |
|
99 |
* returns to the application (authentication does not |
|
100 |
* proceed down the <code>LoginModule</code> list). |
|
101 |
* If it fails, authentication continues down the |
|
102 |
* <code>LoginModule</code> list. |
|
103 |
* |
|
104 |
* 4) Optional - The <code>LoginModule</code> is not required to |
|
105 |
* succeed. If it succeeds or fails, |
|
106 |
* authentication still continues to proceed down the |
|
107 |
* <code>LoginModule</code> list. |
|
108 |
* </pre> |
|
109 |
* |
|
110 |
* <p> The overall authentication succeeds only if all <i>Required</i> and |
|
111 |
* <i>Requisite</i> LoginModules succeed. If a <i>Sufficient</i> |
|
112 |
* <code>LoginModule</code> is configured and succeeds, |
|
113 |
* then only the <i>Required</i> and <i>Requisite</i> LoginModules prior to |
|
114 |
* that <i>Sufficient</i> <code>LoginModule</code> need to have succeeded for |
|
115 |
* the overall authentication to succeed. If no <i>Required</i> or |
|
116 |
* <i>Requisite</i> LoginModules are configured for an application, |
|
117 |
* then at least one <i>Sufficient</i> or <i>Optional</i> |
|
118 |
* <code>LoginModule</code> must succeed. |
|
119 |
* |
|
120 |
* <p> <i>ModuleOptions</i> is a space separated list of |
|
121 |
* <code>LoginModule</code>-specific values which are passed directly to |
|
122 |
* the underlying LoginModules. Options are defined by the |
|
123 |
* <code>LoginModule</code> itself, and control the behavior within it. |
|
124 |
* For example, a <code>LoginModule</code> may define options to support |
|
125 |
* debugging/testing capabilities. The correct way to specify options in the |
|
126 |
* <code>Configuration</code> is by using the following key-value pairing: |
|
127 |
* <i>debug="true"</i>. The key and value should be separated by an |
|
128 |
* 'equals' symbol, and the value should be surrounded by double quotes. |
|
129 |
* If a String in the form, ${system.property}, occurs in the value, |
|
130 |
* it will be expanded to the value of the system property. |
|
131 |
* Note that there is no limit to the number of |
|
132 |
* options a <code>LoginModule</code> may define. |
|
133 |
* |
|
134 |
* <p> The following represents an example <code>Configuration</code> entry |
|
135 |
* based on the syntax above: |
|
136 |
* |
|
137 |
* <pre> |
|
138 |
* Login { |
|
139 |
* com.sun.security.auth.module.UnixLoginModule required; |
|
140 |
* com.sun.security.auth.module.Krb5LoginModule optional |
|
141 |
* useTicketCache="true" |
|
142 |
* ticketCache="${user.home}${/}tickets"; |
|
143 |
* }; |
|
144 |
* </pre> |
|
145 |
* |
|
146 |
* <p> This <code>Configuration</code> specifies that an application named, |
|
147 |
* "Login", requires users to first authenticate to the |
|
148 |
* <i>com.sun.security.auth.module.UnixLoginModule</i>, which is |
|
149 |
* required to succeed. Even if the <i>UnixLoginModule</i> |
|
150 |
* authentication fails, the |
|
151 |
* <i>com.sun.security.auth.module.Krb5LoginModule</i> |
|
152 |
* still gets invoked. This helps hide the source of failure. |
|
153 |
* Since the <i>Krb5LoginModule</i> is <i>Optional</i>, the overall |
|
154 |
* authentication succeeds only if the <i>UnixLoginModule</i> |
|
155 |
* (<i>Required</i>) succeeds. |
|
156 |
* |
|
157 |
* <p> Also note that the LoginModule-specific options, |
|
158 |
* <i>useTicketCache="true"</i> and |
|
159 |
* <i>ticketCache=${user.home}${/}tickets"</i>, |
|
160 |
* are passed to the <i>Krb5LoginModule</i>. |
|
161 |
* These options instruct the <i>Krb5LoginModule</i> to |
|
162 |
* use the ticket cache at the specified location. |
|
163 |
* The system properties, <i>user.home</i> and <i>/</i> |
|
164 |
* (file.separator), are expanded to their respective values. |
|
165 |
* |
|
166 |
* <p> There is only one Configuration object installed in the runtime at any |
|
167 |
* given time. A Configuration object can be installed by calling the |
|
168 |
* <code>setConfiguration</code> method. The installed Configuration object |
|
169 |
* can be obtained by calling the <code>getConfiguration</code> method. |
|
170 |
* |
|
171 |
* <p> If no Configuration object has been installed in the runtime, a call to |
|
172 |
* <code>getConfiguration</code> installs an instance of the default |
|
173 |
* Configuration implementation (a default subclass implementation of this |
|
174 |
* abstract class). |
|
175 |
* The default Configuration implementation can be changed by setting the value |
|
176 |
* of the "login.configuration.provider" security property (in the Java |
|
177 |
* security properties file) to the fully qualified name of the desired |
|
178 |
* Configuration subclass implementation. The Java security properties file |
|
179 |
* is located in the file named <JAVA_HOME>/lib/security/java.security. |
|
180 |
* <JAVA_HOME> refers to the value of the java.home system property, |
|
181 |
* and specifies the directory where the JRE is installed. |
|
182 |
* |
|
183 |
* <p> Application code can directly subclass Configuration to provide a custom |
|
184 |
* implementation. In addition, an instance of a Configuration object can be |
|
185 |
* constructed by invoking one of the <code>getInstance</code> factory methods |
|
186 |
* with a standard type. The default policy type is "JavaLoginConfig". |
|
8152
94e5966bdf22
5001004: Required Security Algorithms need to be defined
mullan
parents:
5506
diff
changeset
|
187 |
* See the Configuration section in the <a href= |
94e5966bdf22
5001004: Required Security Algorithms need to be defined
mullan
parents:
5506
diff
changeset
|
188 |
* "{@docRoot}/../technotes/guides/security/StandardNames.html#Configuration"> |
94e5966bdf22
5001004: Required Security Algorithms need to be defined
mullan
parents:
5506
diff
changeset
|
189 |
* Java Cryptography Architecture Standard Algorithm Name Documentation</a> |
2 | 190 |
* for a list of standard Configuration types. |
191 |
* |
|
192 |
* @see javax.security.auth.login.LoginContext |
|
193 |
*/ |
|
194 |
public abstract class Configuration { |
|
195 |
||
196 |
private static Configuration configuration; |
|
197 |
private static ClassLoader contextClassLoader; |
|
198 |
||
199 |
static { |
|
200 |
contextClassLoader = AccessController.doPrivileged |
|
201 |
(new PrivilegedAction<ClassLoader>() { |
|
202 |
public ClassLoader run() { |
|
203 |
return Thread.currentThread().getContextClassLoader(); |
|
204 |
} |
|
205 |
}); |
|
206 |
}; |
|
207 |
||
208 |
private static void checkPermission(String type) { |
|
209 |
SecurityManager sm = System.getSecurityManager(); |
|
210 |
if (sm != null) { |
|
211 |
sm.checkPermission(new AuthPermission |
|
212 |
("createLoginConfiguration." + type)); |
|
213 |
} |
|
214 |
} |
|
215 |
||
216 |
/** |
|
217 |
* Sole constructor. (For invocation by subclass constructors, typically |
|
218 |
* implicit.) |
|
219 |
*/ |
|
220 |
protected Configuration() { } |
|
221 |
||
222 |
/** |
|
223 |
* Get the installed login Configuration. |
|
224 |
* |
|
225 |
* <p> |
|
226 |
* |
|
227 |
* @return the login Configuration. If a Configuration object was set |
|
228 |
* via the <code>Configuration.setConfiguration</code> method, |
|
229 |
* then that object is returned. Otherwise, a default |
|
230 |
* Configuration object is returned. |
|
231 |
* |
|
232 |
* @exception SecurityException if the caller does not have permission |
|
233 |
* to retrieve the Configuration. |
|
234 |
* |
|
235 |
* @see #setConfiguration |
|
236 |
*/ |
|
2943
0418028311a2
6845161: Bottleneck in Configuration.getConfiguration synchronized call
mullan
parents:
2
diff
changeset
|
237 |
public static Configuration getConfiguration() { |
2 | 238 |
|
239 |
SecurityManager sm = System.getSecurityManager(); |
|
240 |
if (sm != null) |
|
241 |
sm.checkPermission(new AuthPermission("getLoginConfiguration")); |
|
242 |
||
2943
0418028311a2
6845161: Bottleneck in Configuration.getConfiguration synchronized call
mullan
parents:
2
diff
changeset
|
243 |
synchronized (Configuration.class) { |
0418028311a2
6845161: Bottleneck in Configuration.getConfiguration synchronized call
mullan
parents:
2
diff
changeset
|
244 |
if (configuration == null) { |
0418028311a2
6845161: Bottleneck in Configuration.getConfiguration synchronized call
mullan
parents:
2
diff
changeset
|
245 |
String config_class = null; |
0418028311a2
6845161: Bottleneck in Configuration.getConfiguration synchronized call
mullan
parents:
2
diff
changeset
|
246 |
config_class = AccessController.doPrivileged |
0418028311a2
6845161: Bottleneck in Configuration.getConfiguration synchronized call
mullan
parents:
2
diff
changeset
|
247 |
(new PrivilegedAction<String>() { |
0418028311a2
6845161: Bottleneck in Configuration.getConfiguration synchronized call
mullan
parents:
2
diff
changeset
|
248 |
public String run() { |
0418028311a2
6845161: Bottleneck in Configuration.getConfiguration synchronized call
mullan
parents:
2
diff
changeset
|
249 |
return java.security.Security.getProperty |
0418028311a2
6845161: Bottleneck in Configuration.getConfiguration synchronized call
mullan
parents:
2
diff
changeset
|
250 |
("login.configuration.provider"); |
2 | 251 |
} |
252 |
}); |
|
2943
0418028311a2
6845161: Bottleneck in Configuration.getConfiguration synchronized call
mullan
parents:
2
diff
changeset
|
253 |
if (config_class == null) { |
0418028311a2
6845161: Bottleneck in Configuration.getConfiguration synchronized call
mullan
parents:
2
diff
changeset
|
254 |
config_class = "com.sun.security.auth.login.ConfigFile"; |
0418028311a2
6845161: Bottleneck in Configuration.getConfiguration synchronized call
mullan
parents:
2
diff
changeset
|
255 |
} |
0418028311a2
6845161: Bottleneck in Configuration.getConfiguration synchronized call
mullan
parents:
2
diff
changeset
|
256 |
|
0418028311a2
6845161: Bottleneck in Configuration.getConfiguration synchronized call
mullan
parents:
2
diff
changeset
|
257 |
try { |
0418028311a2
6845161: Bottleneck in Configuration.getConfiguration synchronized call
mullan
parents:
2
diff
changeset
|
258 |
final String finalClass = config_class; |
0418028311a2
6845161: Bottleneck in Configuration.getConfiguration synchronized call
mullan
parents:
2
diff
changeset
|
259 |
configuration = AccessController.doPrivileged |
0418028311a2
6845161: Bottleneck in Configuration.getConfiguration synchronized call
mullan
parents:
2
diff
changeset
|
260 |
(new PrivilegedExceptionAction<Configuration>() { |
0418028311a2
6845161: Bottleneck in Configuration.getConfiguration synchronized call
mullan
parents:
2
diff
changeset
|
261 |
public Configuration run() throws ClassNotFoundException, |
0418028311a2
6845161: Bottleneck in Configuration.getConfiguration synchronized call
mullan
parents:
2
diff
changeset
|
262 |
InstantiationException, |
0418028311a2
6845161: Bottleneck in Configuration.getConfiguration synchronized call
mullan
parents:
2
diff
changeset
|
263 |
IllegalAccessException { |
0418028311a2
6845161: Bottleneck in Configuration.getConfiguration synchronized call
mullan
parents:
2
diff
changeset
|
264 |
return (Configuration)Class.forName |
0418028311a2
6845161: Bottleneck in Configuration.getConfiguration synchronized call
mullan
parents:
2
diff
changeset
|
265 |
(finalClass, |
0418028311a2
6845161: Bottleneck in Configuration.getConfiguration synchronized call
mullan
parents:
2
diff
changeset
|
266 |
true, |
0418028311a2
6845161: Bottleneck in Configuration.getConfiguration synchronized call
mullan
parents:
2
diff
changeset
|
267 |
contextClassLoader).newInstance(); |
0418028311a2
6845161: Bottleneck in Configuration.getConfiguration synchronized call
mullan
parents:
2
diff
changeset
|
268 |
} |
0418028311a2
6845161: Bottleneck in Configuration.getConfiguration synchronized call
mullan
parents:
2
diff
changeset
|
269 |
}); |
0418028311a2
6845161: Bottleneck in Configuration.getConfiguration synchronized call
mullan
parents:
2
diff
changeset
|
270 |
} catch (PrivilegedActionException e) { |
0418028311a2
6845161: Bottleneck in Configuration.getConfiguration synchronized call
mullan
parents:
2
diff
changeset
|
271 |
Exception ee = e.getException(); |
0418028311a2
6845161: Bottleneck in Configuration.getConfiguration synchronized call
mullan
parents:
2
diff
changeset
|
272 |
if (ee instanceof InstantiationException) { |
0418028311a2
6845161: Bottleneck in Configuration.getConfiguration synchronized call
mullan
parents:
2
diff
changeset
|
273 |
throw (SecurityException) new |
0418028311a2
6845161: Bottleneck in Configuration.getConfiguration synchronized call
mullan
parents:
2
diff
changeset
|
274 |
SecurityException |
0418028311a2
6845161: Bottleneck in Configuration.getConfiguration synchronized call
mullan
parents:
2
diff
changeset
|
275 |
("Configuration error:" + |
0418028311a2
6845161: Bottleneck in Configuration.getConfiguration synchronized call
mullan
parents:
2
diff
changeset
|
276 |
ee.getCause().getMessage() + |
0418028311a2
6845161: Bottleneck in Configuration.getConfiguration synchronized call
mullan
parents:
2
diff
changeset
|
277 |
"\n").initCause(ee.getCause()); |
0418028311a2
6845161: Bottleneck in Configuration.getConfiguration synchronized call
mullan
parents:
2
diff
changeset
|
278 |
} else { |
0418028311a2
6845161: Bottleneck in Configuration.getConfiguration synchronized call
mullan
parents:
2
diff
changeset
|
279 |
throw (SecurityException) new |
0418028311a2
6845161: Bottleneck in Configuration.getConfiguration synchronized call
mullan
parents:
2
diff
changeset
|
280 |
SecurityException |
0418028311a2
6845161: Bottleneck in Configuration.getConfiguration synchronized call
mullan
parents:
2
diff
changeset
|
281 |
("Configuration error: " + |
0418028311a2
6845161: Bottleneck in Configuration.getConfiguration synchronized call
mullan
parents:
2
diff
changeset
|
282 |
ee.toString() + |
0418028311a2
6845161: Bottleneck in Configuration.getConfiguration synchronized call
mullan
parents:
2
diff
changeset
|
283 |
"\n").initCause(ee); |
0418028311a2
6845161: Bottleneck in Configuration.getConfiguration synchronized call
mullan
parents:
2
diff
changeset
|
284 |
} |
2 | 285 |
} |
286 |
} |
|
2943
0418028311a2
6845161: Bottleneck in Configuration.getConfiguration synchronized call
mullan
parents:
2
diff
changeset
|
287 |
return configuration; |
2 | 288 |
} |
289 |
} |
|
290 |
||
291 |
/** |
|
292 |
* Set the login <code>Configuration</code>. |
|
293 |
* |
|
294 |
* <p> |
|
295 |
* |
|
296 |
* @param configuration the new <code>Configuration</code> |
|
297 |
* |
|
298 |
* @exception SecurityException if the current thread does not have |
|
299 |
* Permission to set the <code>Configuration</code>. |
|
300 |
* |
|
301 |
* @see #getConfiguration |
|
302 |
*/ |
|
303 |
public static void setConfiguration(Configuration configuration) { |
|
304 |
SecurityManager sm = System.getSecurityManager(); |
|
305 |
if (sm != null) |
|
306 |
sm.checkPermission(new AuthPermission("setLoginConfiguration")); |
|
307 |
Configuration.configuration = configuration; |
|
308 |
} |
|
309 |
||
310 |
/** |
|
311 |
* Returns a Configuration object of the specified type. |
|
312 |
* |
|
313 |
* <p> This method traverses the list of registered security providers, |
|
314 |
* starting with the most preferred Provider. |
|
315 |
* A new Configuration object encapsulating the |
|
316 |
* ConfigurationSpi implementation from the first |
|
317 |
* Provider that supports the specified type is returned. |
|
318 |
* |
|
319 |
* <p> Note that the list of registered providers may be retrieved via |
|
320 |
* the {@link Security#getProviders() Security.getProviders()} method. |
|
321 |
* |
|
8152
94e5966bdf22
5001004: Required Security Algorithms need to be defined
mullan
parents:
5506
diff
changeset
|
322 |
* @param type the specified Configuration type. See the Configuration |
94e5966bdf22
5001004: Required Security Algorithms need to be defined
mullan
parents:
5506
diff
changeset
|
323 |
* section in the <a href= |
94e5966bdf22
5001004: Required Security Algorithms need to be defined
mullan
parents:
5506
diff
changeset
|
324 |
* "{@docRoot}/../technotes/guides/security/StandardNames.html#Configuration"> |
94e5966bdf22
5001004: Required Security Algorithms need to be defined
mullan
parents:
5506
diff
changeset
|
325 |
* Java Cryptography Architecture Standard Algorithm Name |
94e5966bdf22
5001004: Required Security Algorithms need to be defined
mullan
parents:
5506
diff
changeset
|
326 |
* Documentation</a> for a list of standard Configuration types. |
2 | 327 |
* |
328 |
* @param params parameters for the Configuration, which may be null. |
|
329 |
* |
|
330 |
* @return the new Configuration object. |
|
331 |
* |
|
332 |
* @exception SecurityException if the caller does not have permission |
|
333 |
* to get a Configuration instance for the specified type. |
|
334 |
* |
|
335 |
* @exception NullPointerException if the specified type is null. |
|
336 |
* |
|
337 |
* @exception IllegalArgumentException if the specified parameters |
|
338 |
* are not understood by the ConfigurationSpi implementation |
|
339 |
* from the selected Provider. |
|
340 |
* |
|
341 |
* @exception NoSuchAlgorithmException if no Provider supports a |
|
342 |
* ConfigurationSpi implementation for the specified type. |
|
343 |
* |
|
344 |
* @see Provider |
|
345 |
* @since 1.6 |
|
346 |
*/ |
|
347 |
public static Configuration getInstance(String type, |
|
348 |
Configuration.Parameters params) |
|
349 |
throws NoSuchAlgorithmException { |
|
350 |
||
351 |
checkPermission(type); |
|
352 |
try { |
|
353 |
GetInstance.Instance instance = GetInstance.getInstance |
|
354 |
("Configuration", |
|
355 |
ConfigurationSpi.class, |
|
356 |
type, |
|
357 |
params); |
|
358 |
return new ConfigDelegate((ConfigurationSpi)instance.impl, |
|
359 |
instance.provider, |
|
360 |
type, |
|
361 |
params); |
|
362 |
} catch (NoSuchAlgorithmException nsae) { |
|
363 |
return handleException (nsae); |
|
364 |
} |
|
365 |
} |
|
366 |
||
367 |
/** |
|
368 |
* Returns a Configuration object of the specified type. |
|
369 |
* |
|
370 |
* <p> A new Configuration object encapsulating the |
|
371 |
* ConfigurationSpi implementation from the specified provider |
|
372 |
* is returned. The specified provider must be registered |
|
373 |
* in the provider list. |
|
374 |
* |
|
375 |
* <p> Note that the list of registered providers may be retrieved via |
|
376 |
* the {@link Security#getProviders() Security.getProviders()} method. |
|
377 |
* |
|
8152
94e5966bdf22
5001004: Required Security Algorithms need to be defined
mullan
parents:
5506
diff
changeset
|
378 |
* @param type the specified Configuration type. See the Configuration |
94e5966bdf22
5001004: Required Security Algorithms need to be defined
mullan
parents:
5506
diff
changeset
|
379 |
* section in the <a href= |
94e5966bdf22
5001004: Required Security Algorithms need to be defined
mullan
parents:
5506
diff
changeset
|
380 |
* "{@docRoot}/../technotes/guides/security/StandardNames.html#Configuration"> |
94e5966bdf22
5001004: Required Security Algorithms need to be defined
mullan
parents:
5506
diff
changeset
|
381 |
* Java Cryptography Architecture Standard Algorithm Name |
94e5966bdf22
5001004: Required Security Algorithms need to be defined
mullan
parents:
5506
diff
changeset
|
382 |
* Documentation</a> for a list of standard Configuration types. |
2 | 383 |
* |
384 |
* @param params parameters for the Configuration, which may be null. |
|
385 |
* |
|
386 |
* @param provider the provider. |
|
387 |
* |
|
388 |
* @return the new Configuration object. |
|
389 |
* |
|
390 |
* @exception SecurityException if the caller does not have permission |
|
391 |
* to get a Configuration instance for the specified type. |
|
392 |
* |
|
393 |
* @exception NullPointerException if the specified type is null. |
|
394 |
* |
|
395 |
* @exception IllegalArgumentException if the specified provider |
|
396 |
* is null or empty, |
|
397 |
* or if the specified parameters are not understood by |
|
398 |
* the ConfigurationSpi implementation from the specified provider. |
|
399 |
* |
|
400 |
* @exception NoSuchProviderException if the specified provider is not |
|
401 |
* registered in the security provider list. |
|
402 |
* |
|
403 |
* @exception NoSuchAlgorithmException if the specified provider does not |
|
404 |
* support a ConfigurationSpi implementation for the specified |
|
405 |
* type. |
|
406 |
* |
|
407 |
* @see Provider |
|
408 |
* @since 1.6 |
|
409 |
*/ |
|
410 |
public static Configuration getInstance(String type, |
|
411 |
Configuration.Parameters params, |
|
412 |
String provider) |
|
413 |
throws NoSuchProviderException, NoSuchAlgorithmException { |
|
414 |
||
415 |
if (provider == null || provider.length() == 0) { |
|
416 |
throw new IllegalArgumentException("missing provider"); |
|
417 |
} |
|
418 |
||
419 |
checkPermission(type); |
|
420 |
try { |
|
421 |
GetInstance.Instance instance = GetInstance.getInstance |
|
422 |
("Configuration", |
|
423 |
ConfigurationSpi.class, |
|
424 |
type, |
|
425 |
params, |
|
426 |
provider); |
|
427 |
return new ConfigDelegate((ConfigurationSpi)instance.impl, |
|
428 |
instance.provider, |
|
429 |
type, |
|
430 |
params); |
|
431 |
} catch (NoSuchAlgorithmException nsae) { |
|
432 |
return handleException (nsae); |
|
433 |
} |
|
434 |
} |
|
435 |
||
436 |
/** |
|
437 |
* Returns a Configuration object of the specified type. |
|
438 |
* |
|
439 |
* <p> A new Configuration object encapsulating the |
|
440 |
* ConfigurationSpi implementation from the specified Provider |
|
441 |
* object is returned. Note that the specified Provider object |
|
442 |
* does not have to be registered in the provider list. |
|
443 |
* |
|
8152
94e5966bdf22
5001004: Required Security Algorithms need to be defined
mullan
parents:
5506
diff
changeset
|
444 |
* @param type the specified Configuration type. See the Configuration |
94e5966bdf22
5001004: Required Security Algorithms need to be defined
mullan
parents:
5506
diff
changeset
|
445 |
* section in the <a href= |
94e5966bdf22
5001004: Required Security Algorithms need to be defined
mullan
parents:
5506
diff
changeset
|
446 |
* "{@docRoot}/../technotes/guides/security/StandardNames.html#Configuration"> |
94e5966bdf22
5001004: Required Security Algorithms need to be defined
mullan
parents:
5506
diff
changeset
|
447 |
* Java Cryptography Architecture Standard Algorithm Name |
94e5966bdf22
5001004: Required Security Algorithms need to be defined
mullan
parents:
5506
diff
changeset
|
448 |
* Documentation</a> for a list of standard Configuration types. |
2 | 449 |
* |
450 |
* @param params parameters for the Configuration, which may be null. |
|
451 |
* |
|
452 |
* @param provider the Provider. |
|
453 |
* |
|
454 |
* @return the new Configuration object. |
|
455 |
* |
|
456 |
* @exception SecurityException if the caller does not have permission |
|
457 |
* to get a Configuration instance for the specified type. |
|
458 |
* |
|
459 |
* @exception NullPointerException if the specified type is null. |
|
460 |
* |
|
461 |
* @exception IllegalArgumentException if the specified Provider is null, |
|
462 |
* or if the specified parameters are not understood by |
|
463 |
* the ConfigurationSpi implementation from the specified Provider. |
|
464 |
* |
|
465 |
* @exception NoSuchAlgorithmException if the specified Provider does not |
|
466 |
* support a ConfigurationSpi implementation for the specified |
|
467 |
* type. |
|
468 |
* |
|
469 |
* @see Provider |
|
470 |
* @since 1.6 |
|
471 |
*/ |
|
472 |
public static Configuration getInstance(String type, |
|
473 |
Configuration.Parameters params, |
|
474 |
Provider provider) |
|
475 |
throws NoSuchAlgorithmException { |
|
476 |
||
477 |
if (provider == null) { |
|
478 |
throw new IllegalArgumentException("missing provider"); |
|
479 |
} |
|
480 |
||
481 |
checkPermission(type); |
|
482 |
try { |
|
483 |
GetInstance.Instance instance = GetInstance.getInstance |
|
484 |
("Configuration", |
|
485 |
ConfigurationSpi.class, |
|
486 |
type, |
|
487 |
params, |
|
488 |
provider); |
|
489 |
return new ConfigDelegate((ConfigurationSpi)instance.impl, |
|
490 |
instance.provider, |
|
491 |
type, |
|
492 |
params); |
|
493 |
} catch (NoSuchAlgorithmException nsae) { |
|
494 |
return handleException (nsae); |
|
495 |
} |
|
496 |
} |
|
497 |
||
498 |
private static Configuration handleException(NoSuchAlgorithmException nsae) |
|
499 |
throws NoSuchAlgorithmException { |
|
500 |
Throwable cause = nsae.getCause(); |
|
501 |
if (cause instanceof IllegalArgumentException) { |
|
502 |
throw (IllegalArgumentException)cause; |
|
503 |
} |
|
504 |
throw nsae; |
|
505 |
} |
|
506 |
||
507 |
/** |
|
508 |
* Return the Provider of this Configuration. |
|
509 |
* |
|
510 |
* <p> This Configuration instance will only have a Provider if it |
|
511 |
* was obtained via a call to <code>Configuration.getInstance</code>. |
|
512 |
* Otherwise this method returns null. |
|
513 |
* |
|
514 |
* @return the Provider of this Configuration, or null. |
|
515 |
* |
|
516 |
* @since 1.6 |
|
517 |
*/ |
|
518 |
public Provider getProvider() { |
|
519 |
return null; |
|
520 |
} |
|
521 |
||
522 |
/** |
|
523 |
* Return the type of this Configuration. |
|
524 |
* |
|
525 |
* <p> This Configuration instance will only have a type if it |
|
526 |
* was obtained via a call to <code>Configuration.getInstance</code>. |
|
527 |
* Otherwise this method returns null. |
|
528 |
* |
|
529 |
* @return the type of this Configuration, or null. |
|
530 |
* |
|
531 |
* @since 1.6 |
|
532 |
*/ |
|
533 |
public String getType() { |
|
534 |
return null; |
|
535 |
} |
|
536 |
||
537 |
/** |
|
538 |
* Return Configuration parameters. |
|
539 |
* |
|
540 |
* <p> This Configuration instance will only have parameters if it |
|
541 |
* was obtained via a call to <code>Configuration.getInstance</code>. |
|
542 |
* Otherwise this method returns null. |
|
543 |
* |
|
544 |
* @return Configuration parameters, or null. |
|
545 |
* |
|
546 |
* @since 1.6 |
|
547 |
*/ |
|
548 |
public Configuration.Parameters getParameters() { |
|
549 |
return null; |
|
550 |
} |
|
551 |
||
552 |
/** |
|
553 |
* Retrieve the AppConfigurationEntries for the specified <i>name</i> |
|
554 |
* from this Configuration. |
|
555 |
* |
|
556 |
* <p> |
|
557 |
* |
|
558 |
* @param name the name used to index the Configuration. |
|
559 |
* |
|
560 |
* @return an array of AppConfigurationEntries for the specified <i>name</i> |
|
561 |
* from this Configuration, or null if there are no entries |
|
562 |
* for the specified <i>name</i> |
|
563 |
*/ |
|
564 |
public abstract AppConfigurationEntry[] getAppConfigurationEntry |
|
565 |
(String name); |
|
566 |
||
567 |
/** |
|
568 |
* Refresh and reload the Configuration. |
|
569 |
* |
|
570 |
* <p> This method causes this Configuration object to refresh/reload its |
|
571 |
* contents in an implementation-dependent manner. |
|
572 |
* For example, if this Configuration object stores its entries in a file, |
|
573 |
* calling <code>refresh</code> may cause the file to be re-read. |
|
574 |
* |
|
575 |
* <p> The default implementation of this method does nothing. |
|
576 |
* This method should be overridden if a refresh operation is supported |
|
577 |
* by the implementation. |
|
578 |
* |
|
579 |
* @exception SecurityException if the caller does not have permission |
|
580 |
* to refresh its Configuration. |
|
581 |
*/ |
|
582 |
public void refresh() { } |
|
583 |
||
584 |
/** |
|
585 |
* This subclass is returned by the getInstance calls. All Configuration |
|
586 |
* calls are delegated to the underlying ConfigurationSpi. |
|
587 |
*/ |
|
588 |
private static class ConfigDelegate extends Configuration { |
|
589 |
||
590 |
private ConfigurationSpi spi; |
|
591 |
private Provider p; |
|
592 |
private String type; |
|
593 |
private Configuration.Parameters params; |
|
594 |
||
595 |
private ConfigDelegate(ConfigurationSpi spi, Provider p, |
|
596 |
String type, Configuration.Parameters params) { |
|
597 |
this.spi = spi; |
|
598 |
this.p = p; |
|
599 |
this.type = type; |
|
600 |
this.params = params; |
|
601 |
} |
|
602 |
||
603 |
public String getType() { return type; } |
|
604 |
||
605 |
public Configuration.Parameters getParameters() { return params; } |
|
606 |
||
607 |
public Provider getProvider() { return p; } |
|
608 |
||
609 |
public AppConfigurationEntry[] getAppConfigurationEntry(String name) { |
|
610 |
return spi.engineGetAppConfigurationEntry(name); |
|
611 |
} |
|
612 |
||
613 |
public void refresh() { |
|
614 |
spi.engineRefresh(); |
|
615 |
} |
|
616 |
} |
|
617 |
||
618 |
/** |
|
619 |
* This represents a marker interface for Configuration parameters. |
|
620 |
* |
|
621 |
* @since 1.6 |
|
622 |
*/ |
|
623 |
public static interface Parameters { } |
|
624 |
} |