1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
|
/*******************************************************************************
* Copyright (c) 2001, 2008 IBM Corporation and others.
*
* This program and the accompanying materials
* are made available under the terms of the Eclipse Public License 2.0
* which accompanies this distribution, and is available at
* https://www.eclipse.org/legal/epl-2.0/
*
* SPDX-License-Identifier: EPL-2.0
*
* Contributors:
* IBM Corporation - initial API and implementation
*******************************************************************************/
package org.eclipse.equinox.internal.useradmin;
import java.util.Dictionary;
import java.util.Vector;
import org.osgi.service.useradmin.UserAdminEvent;
import org.osgi.service.useradmin.UserAdminPermission;
/**
* A User managed by a {@link UserAdmin} service.
* <p>
* In this context, the term "user" is not limited to just
* human beings.
* Instead, it refers to any entity that may have any number of
* credentials associated with it that it may use to authenticate itself.
* <p>
* In general, User objects are associated with a specific {@link UserAdmin}
* service (namely the one that created them), and cannot be used with other
* UserAdmin services.
* <p>
* A User may have credentials (and properties, inherited from {@link Role})
* associated with it. Specific {@link UserAdminPermission}s are required to
* read or change a User's credentials.
* <p>
* Credentials are Dictionary objects and have semantics that are similar
* to the properties in Role.
*/
public class User extends Role implements org.osgi.service.useradmin.User {
protected UserAdminHashtable credentials;
protected User(String name, UserAdmin useradmin) {
super(name, useradmin);
this.useradmin = useradmin;
credentials = new UserAdminHashtable(this, useradmin, UserAdminHashtable.CREDENTIALS);
}
/**
* Returns a Dictionary of the credentials of this User. Any changes
* to the returned Dictionary will change the credentials of this User.
* This will cause a UserAdminEvent of type
* {@link UserAdminEvent#ROLE_CHANGED} to be broadcast to any
* UserAdminListeners.
* <p>
* Only objects of type String may be used as credential keys, and only
* objects of type <code>String</code> or of type <code>byte[]</code>
* may be used as credential values. Any other types will cause an exception
* of type <code>IllegalArgumentException</code> to be raised.
* <p>
* In order to retrieve a credential from the returned Dictionary,
* a {@link UserAdminPermission} named after the credential name (or
* a prefix of it) with action <code>getCredential</code> is required.
* <p>
* In order to add or remove a credential from the returned Dictionary,
* a {@link UserAdminPermission} named after the credential name (or
* a prefix of it) with action <code>changeCredential</code> is required.
*
* @return Dictionary containing the credentials of this User.
*/
@Override
public Dictionary<String, Object> getCredentials() {
useradmin.checkAlive();
return credentials;
}
/**
* Checks to see if this User has a credential with the specified key
* set to the specified value.
* <p>
* If the specified credential value is not of type <tt>String</tt> or
* <tt>byte[]</tt>, it is ignored, that is, <tt>false</tt> is returned
* (as opposed to an <tt>IllegalArgumentException</tt> being raised).
*
* @param key The credential key.
* @param value The credential value.
*
* @return <code>true</code> if this user has the specified credential;
* <code>false</code> otherwise.
*
* @throws SecurityException If a security manager exists and the caller
* does not have the <tt>UserAdminPermission</tt> named after the credential
* key (or a prefix of it) with action <code>getCredential</code>.
*/
@Override
public boolean hasCredential(String key, Object value) {
useradmin.checkAlive();
Object checkValue = credentials.get(key);
if (checkValue != null) {
if (value instanceof String) {
if (checkValue.equals(value)) {
return (true);
}
} else if (value instanceof byte[]) {
if (!(checkValue instanceof byte[]))
return (false);
byte[] valueArray = (byte[]) value;
byte[] checkValueArray = (byte[]) checkValue;
int length = valueArray.length;
if (length != checkValueArray.length) {
return (false);
}
for (int i = 0; i < length; i++) {
if (valueArray[i] != checkValueArray[i]) {
return (false);
}
}
return (true);
}
}
return (false); //if checkValue is null
}
/**
* Returns the type of this role.
*
* @return The role's type.
*/
@Override
public int getType() {
useradmin.checkAlive();
return org.osgi.service.useradmin.Role.USER;
}
//A user always implies itself
@Override
protected boolean isImpliedBy(Role role, Vector<String> checkLoop) {
if (checkLoop.contains(name)) {
//we have a circular dependency
return (false);
}
checkLoop.addElement(name);
return ((role.getName()).equals(name));
}
}
|
