archive/jdk
1
0
Fork 0
mirror of https://github.com/openjdk/jdk.git synced 2025-09-23 20:44:41 +02:00
Code Issues Projects Releases Packages Wiki Activity Actions

8020557: javadoc cleanup in javax.security

Browse source 
Reviewed-by: darcy
This commit is contained in:
Jason Uh 2013-07-16 12:19:41 -07:00
parent 1b0b4ca8c7
commit f76ebb663c
69 changed files with 1603 additions and 1756 deletions
Download patch file Download diff file Expand all files Collapse all files

54
jdk/src/share/classes/javax/security/auth/AuthPermission.java
View file

@ -1,5 +1,5 @@
/*
* Copyright (c) 1998, 2005, Oracle and/or its affiliates. All rights reserved.
* Copyright (c) 1998, 2013, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@ -41,10 +41,10 @@ package javax.security.auth;
*
* <pre>
* doAs - allow the caller to invoke the
* <code>Subject.doAs</code> methods.
* {@code Subject.doAs} methods.
*
* doAsPrivileged - allow the caller to invoke the
* <code>Subject.doAsPrivileged</code> methods.
* {@code Subject.doAsPrivileged} methods.
*
* getSubject - allow for the retrieval of the
* Subject(s) associated with the
@ -52,39 +52,39 @@ package javax.security.auth;
*
* getSubjectFromDomainCombiner - allow for the retrieval of the
* Subject associated with the
* a <code>SubjectDomainCombiner</code>.
* a {@code SubjectDomainCombiner}.
*
* setReadOnly - allow the caller to set a Subject
* to be read-only.
*
* modifyPrincipals - allow the caller to modify the <code>Set</code>
* modifyPrincipals - allow the caller to modify the {@code Set}
* of Principals associated with a
* <code>Subject</code>
* {@code Subject}
*
* modifyPublicCredentials - allow the caller to modify the
* <code>Set</code> of public credentials
* associated with a <code>Subject</code>
* {@code Set} of public credentials
* associated with a {@code Subject}
*
* modifyPrivateCredentials - allow the caller to modify the
* <code>Set</code> of private credentials
* associated with a <code>Subject</code>
* {@code Set} of private credentials
* associated with a {@code Subject}
*
* refreshCredential - allow code to invoke the <code>refresh</code>
* refreshCredential - allow code to invoke the {@code refresh}
* method on a credential which implements
* the <code>Refreshable</code> interface.
* the {@code Refreshable} interface.
*
* destroyCredential - allow code to invoke the <code>destroy</code>
* method on a credential <code>object</code>
* which implements the <code>Destroyable</code>
* destroyCredential - allow code to invoke the {@code destroy}
* method on a credential {@code object}
* which implements the {@code Destroyable}
* interface.
*
* createLoginContext.{name} - allow code to instantiate a
* <code>LoginContext</code> with the
* {@code LoginContext} with the
* specified <i>name</i>. <i>name</i>
* is used as the index into the installed login
* <code>Configuration</code>
* {@code Configuration}
* (that returned by
* <code>Configuration.getConfiguration()</code>).
* {@code Configuration.getConfiguration()}).
* <i>name</i> can be wildcarded (set to '*')
* to allow for any name.
*
@ -93,7 +93,7 @@ package javax.security.auth;
*
* createLoginConfiguration.{type} - allow code to obtain a Configuration
* object via
* <code>Configuration.getInstance</code>.
* {@code Configuration.getInstance}.
*
* setLoginConfiguration - allow for the setting of the system-wide
* login Configuration.
@ -103,15 +103,15 @@ package javax.security.auth;
* </pre>
*
* <p> The following target name has been deprecated in favor of
* <code>createLoginContext.{name}</code>.
* {@code createLoginContext.{name}}.
*
* <pre>
* createLoginContext - allow code to instantiate a
* <code>LoginContext</code>.
* {@code LoginContext}.
* </pre>
*
* <p> <code>javax.security.auth.Policy</code> has been
* deprecated in favor of <code>java.security.Policy</code>.
* <p> {@code javax.security.auth.Policy} has been
* deprecated in favor of {@code java.security.Policy}.
* Therefore, the following target names have also been deprecated:
*
* <pre>
@ -139,8 +139,8 @@ java.security.BasicPermission {
*
* @param name the name of the AuthPermission
*
* @throws NullPointerException if <code>name</code> is <code>null</code>.
* @throws IllegalArgumentException if <code>name</code> is empty.
* @throws NullPointerException if {@code name} is {@code null}.
* @throws IllegalArgumentException if {@code name} is empty.
*/
public AuthPermission(String name) {
// for backwards compatibility --
@ -160,8 +160,8 @@ java.security.BasicPermission {
*
* @param actions should be null.
*
* @throws NullPointerException if <code>name</code> is <code>null</code>.
* @throws IllegalArgumentException if <code>name</code> is empty.
* @throws NullPointerException if {@code name} is {@code null}.
* @throws IllegalArgumentException if {@code name} is empty.
*/
public AuthPermission(String name, String actions) {
// for backwards compatibility --

6
jdk/src/share/classes/javax/security/auth/DestroyFailedException.java
View file

@ -1,5 +1,5 @@
/*
* Copyright (c) 1999, 2003, Oracle and/or its affiliates. All rights reserved.
* Copyright (c) 1999, 2013, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@ -26,10 +26,10 @@
package javax.security.auth;
/**
* Signals that a <code>destroy</code> operation failed.
* Signals that a {@code destroy} operation failed.
*
* <p> This exception is thrown by credentials implementing
* the <code>Destroyable</code> interface when the <code>destroy</code>
* the {@code Destroyable} interface when the {@code destroy}
* method fails.
*
*/

14
jdk/src/share/classes/javax/security/auth/Destroyable.java
View file

@ -34,12 +34,12 @@ package javax.security.auth;
public interface Destroyable {
/**
* Destroy this <code>Object</code>.
* Destroy this {@code Object}.
*
* <p> Sensitive information associated with this <code>Object</code>
* <p> Sensitive information associated with this {@code Object}
* is destroyed or cleared. Subsequent calls to certain methods
* on this <code>Object</code> will result in an
* <code>IllegalStateException</code> being thrown.
* on this {@code Object} will result in an
* {@code IllegalStateException} being thrown.
*
* <p>
* The default implementation throws {@code DestroyFailedException}.
@ -47,19 +47,19 @@ public interface Destroyable {
* @exception DestroyFailedException if the destroy operation fails. <p>
*
* @exception SecurityException if the caller does not have permission
* to destroy this <code>Object</code>.
* to destroy this {@code Object}.
*/
public default void destroy() throws DestroyFailedException {
throw new DestroyFailedException();
}
/**
* Determine if this <code>Object</code> has been destroyed.
* Determine if this {@code Object} has been destroyed.
*
* <p>
* The default implementation returns false.
*
* @return true if this <code>Object</code> has been destroyed,
* @return true if this {@code Object} has been destroyed,
* false otherwise.
*/
public default boolean isDestroyed() {

72
jdk/src/share/classes/javax/security/auth/Policy.java
View file

@ -1,5 +1,5 @@
/*
* Copyright (c) 1998, 2012, Oracle and/or its affiliates. All rights reserved.
* Copyright (c) 1998, 2013, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@ -32,11 +32,11 @@ import sun.security.util.Debug;
* <p> This is an abstract class for representing the system policy for
* Subject-based authorization. A subclass implementation
* of this class provides a means to specify a Subject-based
* access control <code>Policy</code>.
* access control {@code Policy}.
*
* <p> A <code>Policy</code> object can be queried for the set of
* <p> A {@code Policy} object can be queried for the set of
* Permissions granted to code running as a
* <code>Principal</code> in the following manner:
* {@code Principal} in the following manner:
*
* <pre>
* policy = Policy.getPolicy();
@ -44,20 +44,20 @@ import sun.security.util.Debug;
* codeSource);
* </pre>
*
* The <code>Policy</code> object consults the local policy and returns
* and appropriate <code>Permissions</code> object with the
* The {@code Policy} object consults the local policy and returns
* and appropriate {@code Permissions} object with the
* Permissions granted to the Principals associated with the
* provided <i>subject</i>, and granted to the code specified
* by the provided <i>codeSource</i>.
*
* <p> A <code>Policy</code> contains the following information.
* <p> A {@code Policy} contains the following information.
* Note that this example only represents the syntax for the default
* <code>Policy</code> implementation. Subclass implementations of this class
* {@code Policy} implementation. Subclass implementations of this class
* may implement alternative syntaxes and may retrieve the
* <code>Policy</code> from any source such as files, databases,
* {@code Policy} from any source such as files, databases,
* or servers.
*
* <p> Each entry in the <code>Policy</code> is represented as
* <p> Each entry in the {@code Policy} is represented as
* a <b><i>grant</i></b> entry. Each <b><i>grant</i></b> entry
* specifies a codebase, code signers, and Principals triplet,
* as well as the Permissions granted to that triplet.
@ -84,23 +84,23 @@ import sun.security.util.Debug;
* </pre>
*
* This <b><i>grant</i></b> entry specifies that code from "foo.com",
* signed by "foo', and running as a <code>SolarisPrincipal</code> with the
* name, duke, has one <code>Permission</code>. This <code>Permission</code>
* signed by "foo', and running as a {@code SolarisPrincipal} with the
* name, duke, has one {@code Permission}. This {@code Permission}
* permits the executing code to read and write files in the directory,
* "/home/duke".
*
* <p> To "run" as a particular <code>Principal</code>,
* code invokes the <code>Subject.doAs(subject, ...)</code> method.
* <p> To "run" as a particular {@code Principal},
* code invokes the {@code Subject.doAs(subject, ...)} method.
* After invoking that method, the code runs as all the Principals
* associated with the specified <code>Subject</code>.
* Note that this <code>Policy</code> (and the Permissions
* granted in this <code>Policy</code>) only become effective
* after the call to <code>Subject.doAs</code> has occurred.
* associated with the specified {@code Subject}.
* Note that this {@code Policy} (and the Permissions
* granted in this {@code Policy}) only become effective
* after the call to {@code Subject.doAs} has occurred.
*
* <p> Multiple Principals may be listed within one <b><i>grant</i></b> entry.
* All the Principals in the grant entry must be associated with
* the <code>Subject</code> provided to <code>Subject.doAs</code>
* for that <code>Subject</code> to be granted the specified Permissions.
* the {@code Subject} provided to {@code Subject.doAs}
* for that {@code Subject} to be granted the specified Permissions.
*
* <pre>
* grant Principal com.sun.security.auth.SolarisPrincipal "duke",
@ -115,7 +115,7 @@ import sun.security.util.Debug;
* as well as permission to make socket connections to "duke.com".
*
* <p> Note that non Principal-based grant entries are not permitted
* in this <code>Policy</code>. Therefore, grant entries such as:
* in this {@code Policy}. Therefore, grant entries such as:
*
* <pre>
* grant CodeBase "foo.com", Signedby "foo" {
@ -124,7 +124,7 @@ import sun.security.util.Debug;
* </pre>
*
* are rejected. Such permission must be listed in the
* <code>java.security.Policy</code>.
* {@code java.security.Policy}.
*
* <p> The default {@code Policy} implementation can be changed by
* setting the value of the {@code auth.policy.provider} security property to
@ -179,14 +179,14 @@ public abstract class Policy {
/**
* Returns the installed Policy object.
* This method first calls
* <code>SecurityManager.checkPermission</code> with the
* <code>AuthPermission("getPolicy")</code> permission
* {@code SecurityManager.checkPermission} with the
* {@code AuthPermission("getPolicy")} permission
* to ensure the caller has permission to get the Policy object.
*
* <p>
*
* @return the installed Policy. The return value cannot be
* <code>null</code>.
* {@code null}.
*
* @exception java.lang.SecurityException if the current thread does not
* have permission to get the Policy object.
@ -252,8 +252,8 @@ public abstract class Policy {
/**
* Sets the system-wide Policy object. This method first calls
* <code>SecurityManager.checkPermission</code> with the
* <code>AuthPermission("setPolicy")</code>
* {@code SecurityManager.checkPermission} with the
* {@code AuthPermission("setPolicy")}
* permission to ensure the caller has permission to set the Policy.
*
* <p>
@ -313,25 +313,25 @@ public abstract class Policy {
/**
* Retrieve the Permissions granted to the Principals associated with
* the specified <code>CodeSource</code>.
* the specified {@code CodeSource}.
*
* <p>
*
* @param subject the <code>Subject</code>
* @param subject the {@code Subject}
* whose associated Principals,
* in conjunction with the provided
* <code>CodeSource</code>, determines the Permissions
* {@code CodeSource}, determines the Permissions
* returned by this method. This parameter
* may be <code>null</code>. <p>
* may be {@code null}. <p>
*
* @param cs the code specified by its <code>CodeSource</code>
* @param cs the code specified by its {@code CodeSource}
* that determines, in conjunction with the provided
* <code>Subject</code>, the Permissions
* {@code Subject}, the Permissions
* returned by this method. This parameter may be
* <code>null</code>.
* {@code null}.
*
* @return the Collection of Permissions granted to all the
* <code>Subject</code> and code specified in
* {@code Subject} and code specified in
* the provided <i>subject</i> and <i>cs</i>
* parameters.
*/
@ -345,7 +345,7 @@ public abstract class Policy {
* <p>This method causes this object to refresh/reload its current
* Policy. This is implementation-dependent.
* For example, if the Policy object is stored in
* a file, calling <code>refresh</code> will cause the file to be re-read.
* a file, calling {@code refresh} will cause the file to be re-read.
*
* <p>
*

82
jdk/src/share/classes/javax/security/auth/PrivateCredentialPermission.java
View file

@ -1,5 +1,5 @@
/*
* Copyright (c) 1999, 2011, Oracle and/or its affiliates. All rights reserved.
* Copyright (c) 1999, 2013, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@ -34,10 +34,10 @@ import sun.security.util.ResourcesMgr;
/**
* This class is used to protect access to private Credentials
* belonging to a particular <code>Subject</code>. The <code>Subject</code>
* belonging to a particular {@code Subject}. The {@code Subject}
* is represented by a Set of Principals.
*
* <p> The target name of this <code>Permission</code> specifies
* <p> The target name of this {@code Permission} specifies
* a Credential class name, and a Set of Principals.
* The only valid value for this Permission's actions is, "read".
* The target name must abide by the following syntax:
@ -65,12 +65,12 @@ import sun.security.util.ResourcesMgr;
*
* If CredentialClass is "*", then access is granted to
* all private Credentials belonging to the specified
* <code>Subject</code>.
* {@code Subject}.
* If "PrincipalName" is "*", then access is granted to the
* specified Credential owned by any <code>Subject</code> that has the
* specified <code>Principal</code> (the actual PrincipalName doesn't matter).
* specified Credential owned by any {@code Subject} that has the
* specified {@code Principal} (the actual PrincipalName doesn't matter).
* For example, the following grants access to the
* a.b.Credential owned by any <code>Subject</code> that has
* a.b.Credential owned by any {@code Subject} that has
* an a.b.Principal.
*
* <pre>
@ -83,7 +83,7 @@ import sun.security.util.ResourcesMgr;
*
* If both the PrincipalClass and "PrincipalName" are "*",
* then access is granted to the specified Credential owned by
* any <code>Subject</code>.
* any {@code Subject}.
*
* <p> In addition, the PrincipalClass/PrincipalName pairing may be repeated:
*
@ -96,7 +96,7 @@ import sun.security.util.ResourcesMgr;
* </pre>
*
* The above grants access to the private Credential, "a.b.Credential",
* belonging to a <code>Subject</code> with at least two associated Principals:
* belonging to a {@code Subject} with at least two associated Principals:
* "a.b.Principal" with the name, "duke", and "c.d.Principal", with the name,
* "dukette".
*
@ -115,7 +115,7 @@ public final class PrivateCredentialPermission extends Permission {
/**
* @serial The Principals associated with this permission.
* The set contains elements of type,
* <code>PrivateCredentialPermission.CredOwner</code>.
* {@code PrivateCredentialPermission.CredOwner}.
*/
private Set<Principal> principals; // ignored - kept around for compatibility
private transient CredOwner[] credOwners;
@ -126,8 +126,8 @@ public final class PrivateCredentialPermission extends Permission {
private boolean testing = false;
/**
* Create a new <code>PrivateCredentialPermission</code>
* with the specified <code>credentialClass</code> and Principals.
* Create a new {@code PrivateCredentialPermission}
* with the specified {@code credentialClass} and Principals.
*/
PrivateCredentialPermission(String credentialClass,
Set<Principal> principals) {
@ -153,19 +153,19 @@ public final class PrivateCredentialPermission extends Permission {
}
/**
* Creates a new <code>PrivateCredentialPermission</code>
* with the specified <code>name</code>. The <code>name</code>
* specifies both a Credential class and a <code>Principal</code> Set.
* Creates a new {@code PrivateCredentialPermission}
* with the specified {@code name}. The {@code name}
* specifies both a Credential class and a {@code Principal} Set.
*
* <p>
*
* @param name the name specifying the Credential class and
* <code>Principal</code> Set. <p>
* {@code Principal} Set. <p>
*
* @param actions the actions specifying that the Credential can be read.
*
* @throws IllegalArgumentException if <code>name</code> does not conform
* to the correct syntax or if <code>actions</code> is not "read".
* @throws IllegalArgumentException if {@code name} does not conform
* to the correct syntax or if {@code actions} is not "read".
*/
public PrivateCredentialPermission(String name, String actions) {
super(name);
@ -178,34 +178,34 @@ public final class PrivateCredentialPermission extends Permission {
/**
* Returns the Class name of the Credential associated with this
* <code>PrivateCredentialPermission</code>.
* {@code PrivateCredentialPermission}.
*
* <p>
*
* @return the Class name of the Credential associated with this
* <code>PrivateCredentialPermission</code>.
* {@code PrivateCredentialPermission}.
*/
public String getCredentialClass() {
return credentialClass;
}
/**
* Returns the <code>Principal</code> classes and names
* associated with this <code>PrivateCredentialPermission</code>.
* Returns the {@code Principal} classes and names
* associated with this {@code PrivateCredentialPermission}.
* The information is returned as a two-dimensional array (array[x][y]).
* The 'x' value corresponds to the number of <code>Principal</code>
* The 'x' value corresponds to the number of {@code Principal}
* class and name pairs. When (y==0), it corresponds to
* the <code>Principal</code> class value, and when (y==1),
* it corresponds to the <code>Principal</code> name value.
* the {@code Principal} class value, and when (y==1),
* it corresponds to the {@code Principal} name value.
* For example, array[0][0] corresponds to the class name of
* the first <code>Principal</code> in the array. array[0][1]
* corresponds to the <code>Principal</code> name of the
* first <code>Principal</code> in the array.
* the first {@code Principal} in the array. array[0][1]
* corresponds to the {@code Principal} name of the
* first {@code Principal} in the array.
*
* <p>
*
* @return the <code>Principal</code> class and names associated
* with this <code>PrivateCredentialPermission</code>.
* @return the {@code Principal} class and names associated
* with this {@code PrivateCredentialPermission}.
*/
public String[][] getPrincipals() {
@ -222,8 +222,8 @@ public final class PrivateCredentialPermission extends Permission {
}
/**
* Checks if this <code>PrivateCredentialPermission</code> implies
* the specified <code>Permission</code>.
* Checks if this {@code PrivateCredentialPermission} implies
* the specified {@code Permission}.
*
* <p>
*
@ -241,10 +241,10 @@ public final class PrivateCredentialPermission extends Permission {
*
* <p>
*
* @param p the <code>Permission</code> to check against.
* @param p the {@code Permission} to check against.
*
* @return true if this <code>PrivateCredentialPermission</code> implies
* the specified <code>Permission</code>, false if not.
* @return true if this {@code PrivateCredentialPermission} implies
* the specified {@code Permission}, false if not.
*/
public boolean implies(Permission p) {
@ -260,9 +260,9 @@ public final class PrivateCredentialPermission extends Permission {
}
/**
* Checks two <code>PrivateCredentialPermission</code> objects for
* Checks two {@code PrivateCredentialPermission} objects for
* equality. Checks that <i>obj</i> is a
* <code>PrivateCredentialPermission</code>,
* {@code PrivateCredentialPermission},
* and has the same credential class as this object,
* as well as the same Principals as this object.
* The order of the Principals in the respective Permission's
@ -272,7 +272,7 @@ public final class PrivateCredentialPermission extends Permission {
*
* @param obj the object we are testing for equality with this object.
*
* @return true if obj is a <code>PrivateCredentialPermission</code>,
* @return true if obj is a {@code PrivateCredentialPermission},
* has the same credential class as this object,
* and has the same Principals as this object.
*/
@ -311,9 +311,9 @@ public final class PrivateCredentialPermission extends Permission {
/**
* Return a homogeneous collection of PrivateCredentialPermissions
* in a <code>PermissionCollection</code>.
* No such <code>PermissionCollection</code> is defined,
* so this method always returns <code>null</code>.
* in a {@code PermissionCollection}.
* No such {@code PermissionCollection} is defined,
* so this method always returns {@code null}.
*
* <p>
*

6
jdk/src/share/classes/javax/security/auth/RefreshFailedException.java
View file

@ -1,5 +1,5 @@
/*
* Copyright (c) 1999, 2003, Oracle and/or its affiliates. All rights reserved.
* Copyright (c) 1999, 2013, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@ -26,10 +26,10 @@
package javax.security.auth;
/**
* Signals that a <code>refresh</code> operation failed.
* Signals that a {@code refresh} operation failed.
*
* <p> This exception is thrown by credentials implementing
* the <code>Refreshable</code> interface when the <code>refresh</code>
* the {@code Refreshable} interface when the {@code refresh}
* method fails.
*
*/

10
jdk/src/share/classes/javax/security/auth/Refreshable.java
View file

@ -1,5 +1,5 @@
/*
* Copyright (c) 1999, Oracle and/or its affiliates. All rights reserved.
* Copyright (c) 1999, 2013, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@ -37,24 +37,24 @@ package javax.security.auth;
public interface Refreshable {
/**
* Determine if this <code>Object</code> is current.
* Determine if this {@code Object} is current.
*
* <p>
*
* @return true if this <code>Object</code> is currently current,
* @return true if this {@code Object} is currently current,
* false otherwise.
*/
boolean isCurrent();
/**
* Update or extend the validity period for this
* <code>Object</code>.
* {@code Object}.
*
* <p>
*
* @exception SecurityException if the caller does not have permission
* to update or extend the validity period for this
* <code>Object</code>. <p>
* {@code Object}. <p>
*
* @exception RefreshFailedException if the refresh attempt failed.
*/

452
jdk/src/share/classes/javax/security/auth/Subject.java
View file

@ -42,39 +42,39 @@ import java.security.ProtectionDomain;
import sun.security.util.ResourcesMgr;
/**
* <p> A <code>Subject</code> represents a grouping of related information
* <p> A {@code Subject} represents a grouping of related information
* for a single entity, such as a person.
* Such information includes the Subject's identities as well as
* its security-related attributes
* (passwords and cryptographic keys, for example).
*
* <p> Subjects may potentially have multiple identities.
* Each identity is represented as a <code>Principal</code>
* within the <code>Subject</code>. Principals simply bind names to a
* <code>Subject</code>. For example, a <code>Subject</code> that happens
* Each identity is represented as a {@code Principal}
* within the {@code Subject}. Principals simply bind names to a
* {@code Subject}. For example, a {@code Subject} that happens
* to be a person, Alice, might have two Principals:
* one which binds "Alice Bar", the name on her driver license,
* to the <code>Subject</code>, and another which binds,
* to the {@code Subject}, and another which binds,
* "999-99-9999", the number on her student identification card,
* to the <code>Subject</code>. Both Principals refer to the same
* <code>Subject</code> even though each has a different name.
* to the {@code Subject}. Both Principals refer to the same
* {@code Subject} even though each has a different name.
*
* <p> A <code>Subject</code> may also own security-related attributes,
* <p> A {@code Subject} may also own security-related attributes,
* which are referred to as credentials.
* Sensitive credentials that require special protection, such as
* private cryptographic keys, are stored within a private credential
* <code>Set</code>. Credentials intended to be shared, such as
* {@code Set}. Credentials intended to be shared, such as
* public key certificates or Kerberos server tickets are stored
* within a public credential <code>Set</code>. Different permissions
* within a public credential {@code Set}. Different permissions
* are required to access and modify the different credential Sets.
*
* <p> To retrieve all the Principals associated with a <code>Subject</code>,
* invoke the <code>getPrincipals</code> method. To retrieve
* all the public or private credentials belonging to a <code>Subject</code>,
* invoke the <code>getPublicCredentials</code> method or
* <code>getPrivateCredentials</code> method, respectively.
* To modify the returned <code>Set</code> of Principals and credentials,
* use the methods defined in the <code>Set</code> class.
* <p> To retrieve all the Principals associated with a {@code Subject},
* invoke the {@code getPrincipals} method. To retrieve
* all the public or private credentials belonging to a {@code Subject},
* invoke the {@code getPublicCredentials} method or
* {@code getPrivateCredentials} method, respectively.
* To modify the returned {@code Set} of Principals and credentials,
* use the methods defined in the {@code Set} class.
* For example:
* <pre>
* Subject subject;
@ -86,13 +86,13 @@ import sun.security.util.ResourcesMgr;
* subject.getPublicCredentials().add(credential);
* </pre>
*
* <p> This <code>Subject</code> class implements <code>Serializable</code>.
* While the Principals associated with the <code>Subject</code> are serialized,
* the credentials associated with the <code>Subject</code> are not.
* Note that the <code>java.security.Principal</code> class
* does not implement <code>Serializable</code>. Therefore all concrete
* <code>Principal</code> implementations associated with Subjects
* must implement <code>Serializable</code>.
* <p> This {@code Subject} class implements {@code Serializable}.
* While the Principals associated with the {@code Subject} are serialized,
* the credentials associated with the {@code Subject} are not.
* Note that the {@code java.security.Principal} class
* does not implement {@code Serializable}. Therefore all concrete
* {@code Principal} implementations associated with Subjects
* must implement {@code Serializable}.
*
* @see java.security.Principal
* @see java.security.DomainCombiner
@ -102,14 +102,14 @@ public final class Subject implements java.io.Serializable {
private static final long serialVersionUID = -8308522755600156056L;
/**
* A <code>Set</code> that provides a view of all of this
* A {@code Set} that provides a view of all of this
* Subject's Principals
*
* <p>
*
* @serial Each element in this set is a
* <code>java.security.Principal</code>.
* The set is a <code>Subject.SecureSet</code>.
* {@code java.security.Principal}.
* The set is a {@code Subject.SecureSet}.
*/
Set<Principal> principals;
@ -135,21 +135,21 @@ public final class Subject implements java.io.Serializable {
= new ProtectionDomain[0];
/**
* Create an instance of a <code>Subject</code>
* with an empty <code>Set</code> of Principals and empty
* Create an instance of a {@code Subject}
* with an empty {@code Set} of Principals and empty
* Sets of public and private credentials.
*
* <p> The newly constructed Sets check whether this <code>Subject</code>
* <p> The newly constructed Sets check whether this {@code Subject}
* has been set read-only before permitting subsequent modifications.
* The newly created Sets also prevent illegal modifications
* by ensuring that callers have sufficient permissions.
*
* <p> To modify the Principals Set, the caller must have
* <code>AuthPermission("modifyPrincipals")</code>.
* {@code AuthPermission("modifyPrincipals")}.
* To modify the public credential Set, the caller must have
* <code>AuthPermission("modifyPublicCredentials")</code>.
* {@code AuthPermission("modifyPublicCredentials")}.
* To modify the private credential Set, the caller must have
* <code>AuthPermission("modifyPrivateCredentials")</code>.
* {@code AuthPermission("modifyPrivateCredentials")}.
*/
public Subject() {
@ -162,39 +162,39 @@ public final class Subject implements java.io.Serializable {
}
/**
* Create an instance of a <code>Subject</code> with
* Create an instance of a {@code Subject} with
* Principals and credentials.
*
* <p> The Principals and credentials from the specified Sets
* are copied into newly constructed Sets.
* These newly created Sets check whether this <code>Subject</code>
* These newly created Sets check whether this {@code Subject}
* has been set read-only before permitting subsequent modifications.
* The newly created Sets also prevent illegal modifications
* by ensuring that callers have sufficient permissions.
*
* <p> To modify the Principals Set, the caller must have
* <code>AuthPermission("modifyPrincipals")</code>.
* {@code AuthPermission("modifyPrincipals")}.
* To modify the public credential Set, the caller must have
* <code>AuthPermission("modifyPublicCredentials")</code>.
* {@code AuthPermission("modifyPublicCredentials")}.
* To modify the private credential Set, the caller must have
* <code>AuthPermission("modifyPrivateCredentials")</code>.
* {@code AuthPermission("modifyPrivateCredentials")}.
* <p>
*
* @param readOnly true if the <code>Subject</code> is to be read-only,
* @param readOnly true if the {@code Subject} is to be read-only,
* and false otherwise. <p>
*
* @param principals the <code>Set</code> of Principals
* to be associated with this <code>Subject</code>. <p>
* @param principals the {@code Set} of Principals
* to be associated with this {@code Subject}. <p>
*
* @param pubCredentials the <code>Set</code> of public credentials
* to be associated with this <code>Subject</code>. <p>
* @param pubCredentials the {@code Set} of public credentials
* to be associated with this {@code Subject}. <p>
*
* @param privCredentials the <code>Set</code> of private credentials
* to be associated with this <code>Subject</code>.
* @param privCredentials the {@code Set} of private credentials
* to be associated with this {@code Subject}.
*
* @exception NullPointerException if the specified
* <code>principals</code>, <code>pubCredentials</code>,
* or <code>privCredentials</code> are <code>null</code>.
* {@code principals}, {@code pubCredentials},
* or {@code privCredentials} are {@code null}.
*/
public Subject(boolean readOnly, Set<? extends Principal> principals,
Set<?> pubCredentials, Set<?> privCredentials)
@ -216,24 +216,24 @@ public final class Subject implements java.io.Serializable {
}
/**
* Set this <code>Subject</code> to be read-only.
* Set this {@code Subject} to be read-only.
*
* <p> Modifications (additions and removals) to this Subject's
* <code>Principal</code> <code>Set</code> and
* {@code Principal} {@code Set} and
* credential Sets will be disallowed.
* The <code>destroy</code> operation on this Subject's credentials will
* The {@code destroy} operation on this Subject's credentials will
* still be permitted.
*
* <p> Subsequent attempts to modify the Subject's <code>Principal</code>
* <p> Subsequent attempts to modify the Subject's {@code Principal}
* and credential Sets will result in an
* <code>IllegalStateException</code> being thrown.
* Also, once a <code>Subject</code> is read-only,
* {@code IllegalStateException} being thrown.
* Also, once a {@code Subject} is read-only,
* it can not be reset to being writable again.
*
* <p>
*
* @exception SecurityException if the caller does not have permission
* to set this <code>Subject</code> to be read-only.
* to set this {@code Subject} to be read-only.
*/
public void setReadOnly() {
java.lang.SecurityManager sm = System.getSecurityManager();
@ -245,40 +245,40 @@ public final class Subject implements java.io.Serializable {
}
/**
* Query whether this <code>Subject</code> is read-only.
* Query whether this {@code Subject} is read-only.
*
* <p>
*
* @return true if this <code>Subject</code> is read-only, false otherwise.
* @return true if this {@code Subject} is read-only, false otherwise.
*/
public boolean isReadOnly() {
return this.readOnly;
}
/**
* Get the <code>Subject</code> associated with the provided
* <code>AccessControlContext</code>.
* Get the {@code Subject} associated with the provided
* {@code AccessControlContext}.
*
* <p> The <code>AccessControlContext</code> may contain many
* Subjects (from nested <code>doAs</code> calls).
* In this situation, the most recent <code>Subject</code> associated
* with the <code>AccessControlContext</code> is returned.
* <p> The {@code AccessControlContext} may contain many
* Subjects (from nested {@code doAs} calls).
* In this situation, the most recent {@code Subject} associated
* with the {@code AccessControlContext} is returned.
*
* <p>
*
* @param acc the <code>AccessControlContext</code> from which to retrieve
* the <code>Subject</code>.
* @param acc the {@code AccessControlContext} from which to retrieve
* the {@code Subject}.
*
* @return the <code>Subject</code> associated with the provided
* <code>AccessControlContext</code>, or <code>null</code>
* if no <code>Subject</code> is associated
* with the provided <code>AccessControlContext</code>.
* @return the {@code Subject} associated with the provided
* {@code AccessControlContext}, or {@code null}
* if no {@code Subject} is associated
* with the provided {@code AccessControlContext}.
*
* @exception SecurityException if the caller does not have permission
* to get the <code>Subject</code>. <p>
* to get the {@code Subject}. <p>
*
* @exception NullPointerException if the provided
* <code>AccessControlContext</code> is <code>null</code>.
* {@code AccessControlContext} is {@code null}.
*/
public static Subject getSubject(final AccessControlContext acc) {
@ -306,36 +306,36 @@ public final class Subject implements java.io.Serializable {
}
/**
* Perform work as a particular <code>Subject</code>.
* Perform work as a particular {@code Subject}.
*
* <p> This method first retrieves the current Thread's
* <code>AccessControlContext</code> via
* <code>AccessController.getContext</code>,
* and then instantiates a new <code>AccessControlContext</code>
* {@code AccessControlContext} via
* {@code AccessController.getContext},
* and then instantiates a new {@code AccessControlContext}
* using the retrieved context along with a new
* <code>SubjectDomainCombiner</code> (constructed using
* the provided <code>Subject</code>).
* Finally, this method invokes <code>AccessController.doPrivileged</code>,
* passing it the provided <code>PrivilegedAction</code>,
* as well as the newly constructed <code>AccessControlContext</code>.
* {@code SubjectDomainCombiner} (constructed using
* the provided {@code Subject}).
* Finally, this method invokes {@code AccessController.doPrivileged},
* passing it the provided {@code PrivilegedAction},
* as well as the newly constructed {@code AccessControlContext}.
*
* <p>
*
* @param subject the <code>Subject</code> that the specified
* <code>action</code> will run as. This parameter
* may be <code>null</code>. <p>
* @param subject the {@code Subject} that the specified
* {@code action} will run as. This parameter
* may be {@code null}. <p>
*
* @param <T> the type of the value returned by the PrivilegedAction's
* {@code run} method.
*
* @param action the code to be run as the specified
* <code>Subject</code>. <p>
* {@code Subject}. <p>
*
* @return the value returned by the PrivilegedAction's
* <code>run</code> method.
* {@code run} method.
*
* @exception NullPointerException if the <code>PrivilegedAction</code>
* is <code>null</code>. <p>
* @exception NullPointerException if the {@code PrivilegedAction}
* is {@code null}. <p>
*
* @exception SecurityException if the caller does not have permission
* to invoke this method.
@ -362,41 +362,41 @@ public final class Subject implements java.io.Serializable {
}
/**
* Perform work as a particular <code>Subject</code>.
* Perform work as a particular {@code Subject}.
*
* <p> This method first retrieves the current Thread's
* <code>AccessControlContext</code> via
* <code>AccessController.getContext</code>,
* and then instantiates a new <code>AccessControlContext</code>
* {@code AccessControlContext} via
* {@code AccessController.getContext},
* and then instantiates a new {@code AccessControlContext}
* using the retrieved context along with a new
* <code>SubjectDomainCombiner</code> (constructed using
* the provided <code>Subject</code>).
* Finally, this method invokes <code>AccessController.doPrivileged</code>,
* passing it the provided <code>PrivilegedExceptionAction</code>,
* as well as the newly constructed <code>AccessControlContext</code>.
* {@code SubjectDomainCombiner} (constructed using
* the provided {@code Subject}).
* Finally, this method invokes {@code AccessController.doPrivileged},
* passing it the provided {@code PrivilegedExceptionAction},
* as well as the newly constructed {@code AccessControlContext}.
*
* <p>
*
* @param subject the <code>Subject</code> that the specified
* <code>action</code> will run as. This parameter
* may be <code>null</code>. <p>
* @param subject the {@code Subject} that the specified
* {@code action} will run as. This parameter
* may be {@code null}. <p>
*
* @param <T> the type of the value returned by the
* PrivilegedExceptionAction's {@code run} method.
*
* @param action the code to be run as the specified
* <code>Subject</code>. <p>
* {@code Subject}. <p>
*
* @return the value returned by the
* PrivilegedExceptionAction's <code>run</code> method.
* PrivilegedExceptionAction's {@code run} method.
*
* @exception PrivilegedActionException if the
* <code>PrivilegedExceptionAction.run</code>
* {@code PrivilegedExceptionAction.run}
* method throws a checked exception. <p>
*
* @exception NullPointerException if the specified
* <code>PrivilegedExceptionAction</code> is
* <code>null</code>. <p>
* {@code PrivilegedExceptionAction} is
* {@code null}. <p>
*
* @exception SecurityException if the caller does not have permission
* to invoke this method.
@ -424,36 +424,36 @@ public final class Subject implements java.io.Serializable {
}
/**
* Perform privileged work as a particular <code>Subject</code>.
* Perform privileged work as a particular {@code Subject}.
*
* <p> This method behaves exactly as <code>Subject.doAs</code>,
* <p> This method behaves exactly as {@code Subject.doAs},
* except that instead of retrieving the current Thread's
* <code>AccessControlContext</code>, it uses the provided
* <code>AccessControlContext</code>. If the provided
* <code>AccessControlContext</code> is <code>null</code>,
* this method instantiates a new <code>AccessControlContext</code>
* {@code AccessControlContext}, it uses the provided
* {@code AccessControlContext}. If the provided
* {@code AccessControlContext} is {@code null},
* this method instantiates a new {@code AccessControlContext}
* with an empty collection of ProtectionDomains.
*
* <p>
*
* @param subject the <code>Subject</code> that the specified
* <code>action</code> will run as. This parameter
* may be <code>null</code>. <p>
* @param subject the {@code Subject} that the specified
* {@code action} will run as. This parameter
* may be {@code null}. <p>
*
* @param <T> the type of the value returned by the PrivilegedAction's
* {@code run} method.
*
* @param action the code to be run as the specified
* <code>Subject</code>. <p>
* {@code Subject}. <p>
*
* @param acc the <code>AccessControlContext</code> to be tied to the
* @param acc the {@code AccessControlContext} to be tied to the
* specified <i>subject</i> and <i>action</i>. <p>
*
* @return the value returned by the PrivilegedAction's
* <code>run</code> method.
* {@code run} method.
*
* @exception NullPointerException if the <code>PrivilegedAction</code>
* is <code>null</code>. <p>
* @exception NullPointerException if the {@code PrivilegedAction}
* is {@code null}. <p>
*
* @exception SecurityException if the caller does not have permission
* to invoke this method.
@ -485,41 +485,41 @@ public final class Subject implements java.io.Serializable {
}
/**
* Perform privileged work as a particular <code>Subject</code>.
* Perform privileged work as a particular {@code Subject}.
*
* <p> This method behaves exactly as <code>Subject.doAs</code>,
* <p> This method behaves exactly as {@code Subject.doAs},
* except that instead of retrieving the current Thread's
* <code>AccessControlContext</code>, it uses the provided
* <code>AccessControlContext</code>. If the provided
* <code>AccessControlContext</code> is <code>null</code>,
* this method instantiates a new <code>AccessControlContext</code>
* {@code AccessControlContext}, it uses the provided
* {@code AccessControlContext}. If the provided
* {@code AccessControlContext} is {@code null},
* this method instantiates a new {@code AccessControlContext}
* with an empty collection of ProtectionDomains.
*
* <p>
*
* @param subject the <code>Subject</code> that the specified
* <code>action</code> will run as. This parameter
* may be <code>null</code>. <p>
* @param subject the {@code Subject} that the specified
* {@code action} will run as. This parameter
* may be {@code null}. <p>
*
* @param <T> the type of the value returned by the
* PrivilegedExceptionAction's {@code run} method.
*
* @param action the code to be run as the specified
* <code>Subject</code>. <p>
* {@code Subject}. <p>
*
* @param acc the <code>AccessControlContext</code> to be tied to the
* @param acc the {@code AccessControlContext} to be tied to the
* specified <i>subject</i> and <i>action</i>. <p>
*
* @return the value returned by the
* PrivilegedExceptionAction's <code>run</code> method.
* PrivilegedExceptionAction's {@code run} method.
*
* @exception PrivilegedActionException if the
* <code>PrivilegedExceptionAction.run</code>
* {@code PrivilegedExceptionAction.run}
* method throws a checked exception. <p>
*
* @exception NullPointerException if the specified
* <code>PrivilegedExceptionAction</code> is
* <code>null</code>. <p>
* {@code PrivilegedExceptionAction} is
* {@code null}. <p>
*
* @exception SecurityException if the caller does not have permission
* to invoke this method.
@ -568,19 +568,19 @@ public final class Subject implements java.io.Serializable {
}
/**
* Return the <code>Set</code> of Principals associated with this
* <code>Subject</code>. Each <code>Principal</code> represents
* an identity for this <code>Subject</code>.
* Return the {@code Set} of Principals associated with this
* {@code Subject}. Each {@code Principal} represents
* an identity for this {@code Subject}.
*
* <p> The returned <code>Set</code> is backed by this Subject's
* internal <code>Principal</code> <code>Set</code>. Any modification
* to the returned <code>Set</code> affects the internal
* <code>Principal</code> <code>Set</code> as well.
* <p> The returned {@code Set} is backed by this Subject's
* internal {@code Principal} {@code Set}. Any modification
* to the returned {@code Set} affects the internal
* {@code Principal} {@code Set} as well.
*
* <p>
*
* @return The <code>Set</code> of Principals associated with this
* <code>Subject</code>.
* @return The {@code Set} of Principals associated with this
* {@code Subject}.
*/
public Set<Principal> getPrincipals() {
@ -590,28 +590,28 @@ public final class Subject implements java.io.Serializable {
}
/**
* Return a <code>Set</code> of Principals associated with this
* <code>Subject</code> that are instances or subclasses of the specified
* <code>Class</code>.
* Return a {@code Set} of Principals associated with this
* {@code Subject} that are instances or subclasses of the specified
* {@code Class}.
*
* <p> The returned <code>Set</code> is not backed by this Subject's
* internal <code>Principal</code> <code>Set</code>. A new
* <code>Set</code> is created and returned for each method invocation.
* Modifications to the returned <code>Set</code>
* will not affect the internal <code>Principal</code> <code>Set</code>.
* <p> The returned {@code Set} is not backed by this Subject's
* internal {@code Principal} {@code Set}. A new
* {@code Set} is created and returned for each method invocation.
* Modifications to the returned {@code Set}
* will not affect the internal {@code Principal} {@code Set}.
*
* <p>
*
* @param <T> the type of the class modeled by {@code c}
*
* @param c the returned <code>Set</code> of Principals will all be
* @param c the returned {@code Set} of Principals will all be
* instances of this class.
*
* @return a <code>Set</code> of Principals that are instances of the
* specified <code>Class</code>.
* @return a {@code Set} of Principals that are instances of the
* specified {@code Class}.
*
* @exception NullPointerException if the specified <code>Class</code>
* is <code>null</code>.
* @exception NullPointerException if the specified {@code Class}
* is {@code null}.
*/
public <T extends Principal> Set<T> getPrincipals(Class<T> c) {
@ -625,18 +625,18 @@ public final class Subject implements java.io.Serializable {
}
/**
* Return the <code>Set</code> of public credentials held by this
* <code>Subject</code>.
* Return the {@code Set} of public credentials held by this
* {@code Subject}.
*
* <p> The returned <code>Set</code> is backed by this Subject's
* internal public Credential <code>Set</code>. Any modification
* to the returned <code>Set</code> affects the internal public
* Credential <code>Set</code> as well.
* <p> The returned {@code Set} is backed by this Subject's
* internal public Credential {@code Set}. Any modification
* to the returned {@code Set} affects the internal public
* Credential {@code Set} as well.
*
* <p>
*
* @return A <code>Set</code> of public credentials held by this
* <code>Subject</code>.
* @return A {@code Set} of public credentials held by this
* {@code Subject}.
*/
public Set<Object> getPublicCredentials() {
@ -646,29 +646,29 @@ public final class Subject implements java.io.Serializable {
}
/**
* Return the <code>Set</code> of private credentials held by this
* <code>Subject</code>.
* Return the {@code Set} of private credentials held by this
* {@code Subject}.
*
* <p> The returned <code>Set</code> is backed by this Subject's
* internal private Credential <code>Set</code>. Any modification
* to the returned <code>Set</code> affects the internal private
* Credential <code>Set</code> as well.
* <p> The returned {@code Set} is backed by this Subject's
* internal private Credential {@code Set}. Any modification
* to the returned {@code Set} affects the internal private
* Credential {@code Set} as well.
*
* <p> A caller requires permissions to access the Credentials
* in the returned <code>Set</code>, or to modify the
* <code>Set</code> itself. A <code>SecurityException</code>
* in the returned {@code Set}, or to modify the
* {@code Set} itself. A {@code SecurityException}
* is thrown if the caller does not have the proper permissions.
*
* <p> While iterating through the <code>Set</code>,
* a <code>SecurityException</code> is thrown
* <p> While iterating through the {@code Set},
* a {@code SecurityException} is thrown
* if the caller does not have permission to access a
* particular Credential. The <code>Iterator</code>
* is nevertheless advanced to next element in the <code>Set</code>.
* particular Credential. The {@code Iterator}
* is nevertheless advanced to next element in the {@code Set}.
*
* <p>
*
* @return A <code>Set</code> of private credentials held by this
* <code>Subject</code>.
* @return A {@code Set} of private credentials held by this
* {@code Subject}.
*/
public Set<Object> getPrivateCredentials() {
@ -686,28 +686,28 @@ public final class Subject implements java.io.Serializable {
}
/**
* Return a <code>Set</code> of public credentials associated with this
* <code>Subject</code> that are instances or subclasses of the specified
* <code>Class</code>.
* Return a {@code Set} of public credentials associated with this
* {@code Subject} that are instances or subclasses of the specified
* {@code Class}.
*
* <p> The returned <code>Set</code> is not backed by this Subject's
* internal public Credential <code>Set</code>. A new
* <code>Set</code> is created and returned for each method invocation.
* Modifications to the returned <code>Set</code>
* will not affect the internal public Credential <code>Set</code>.
* <p> The returned {@code Set} is not backed by this Subject's
* internal public Credential {@code Set}. A new
* {@code Set} is created and returned for each method invocation.
* Modifications to the returned {@code Set}
* will not affect the internal public Credential {@code Set}.
*
* <p>
*
* @param <T> the type of the class modeled by {@code c}
*
* @param c the returned <code>Set</code> of public credentials will all be
* @param c the returned {@code Set} of public credentials will all be
* instances of this class.
*
* @return a <code>Set</code> of public credentials that are instances
* of the specified <code>Class</code>.
* @return a {@code Set} of public credentials that are instances
* of the specified {@code Class}.
*
* @exception NullPointerException if the specified <code>Class</code>
* is <code>null</code>.
* @exception NullPointerException if the specified {@code Class}
* is {@code null}.
*/
public <T> Set<T> getPublicCredentials(Class<T> c) {
@ -721,32 +721,32 @@ public final class Subject implements java.io.Serializable {
}
/**
* Return a <code>Set</code> of private credentials associated with this
* <code>Subject</code> that are instances or subclasses of the specified
* <code>Class</code>.
* Return a {@code Set} of private credentials associated with this
* {@code Subject} that are instances or subclasses of the specified
* {@code Class}.
*
* <p> The caller must have permission to access all of the
* requested Credentials, or a <code>SecurityException</code>
* requested Credentials, or a {@code SecurityException}
* will be thrown.
*
* <p> The returned <code>Set</code> is not backed by this Subject's
* internal private Credential <code>Set</code>. A new
* <code>Set</code> is created and returned for each method invocation.
* Modifications to the returned <code>Set</code>
* will not affect the internal private Credential <code>Set</code>.
* <p> The returned {@code Set} is not backed by this Subject's
* internal private Credential {@code Set}. A new
* {@code Set} is created and returned for each method invocation.
* Modifications to the returned {@code Set}
* will not affect the internal private Credential {@code Set}.
*
* <p>
*
* @param <T> the type of the class modeled by {@code c}
*
* @param c the returned <code>Set</code> of private credentials will all be
* @param c the returned {@code Set} of private credentials will all be
* instances of this class.
*
* @return a <code>Set</code> of private credentials that are instances
* of the specified <code>Class</code>.
* @return a {@code Set} of private credentials that are instances
* of the specified {@code Class}.
*
* @exception NullPointerException if the specified <code>Class</code>
* is <code>null</code>.
* @exception NullPointerException if the specified {@code Class}
* is {@code null}.
*/
public <T> Set<T> getPrivateCredentials(Class<T> c) {
@ -768,25 +768,25 @@ public final class Subject implements java.io.Serializable {
}
/**
* Compares the specified Object with this <code>Subject</code>
* Compares the specified Object with this {@code Subject}
* for equality. Returns true if the given object is also a Subject
* and the two <code>Subject</code> instances are equivalent.
* More formally, two <code>Subject</code> instances are
* equal if their <code>Principal</code> and <code>Credential</code>
* and the two {@code Subject} instances are equivalent.
* More formally, two {@code Subject} instances are
* equal if their {@code Principal} and {@code Credential}
* Sets are equal.
*
* <p>
*
* @param o Object to be compared for equality with this
* <code>Subject</code>.
* {@code Subject}.
*
* @return true if the specified Object is equal to this
* <code>Subject</code>.
* {@code Subject}.
*
* @exception SecurityException if the caller does not have permission
* to access the private credentials for this <code>Subject</code>,
* to access the private credentials for this {@code Subject},
* or if the caller does not have permission to access the
* private credentials for the provided <code>Subject</code>.
* private credentials for the provided {@code Subject}.
*/
public boolean equals(Object o) {
@ -833,11 +833,11 @@ public final class Subject implements java.io.Serializable {
}
/**
* Return the String representation of this <code>Subject</code>.
* Return the String representation of this {@code Subject}.
*
* <p>
*
* @return the String representation of this <code>Subject</code>.
* @return the String representation of this {@code Subject}.
*/
public String toString() {
return toString(true);
@ -894,11 +894,11 @@ public final class Subject implements java.io.Serializable {
}
/**
* Returns a hashcode for this <code>Subject</code>.
* Returns a hashcode for this {@code Subject}.
*
* <p>
*
* @return a hashcode for this <code>Subject</code>.
* @return a hashcode for this {@code Subject}.
*
* @exception SecurityException if the caller does not have permission
* to access this Subject's private credentials.
@ -910,10 +910,10 @@ public final class Subject implements java.io.Serializable {
* hashcodes of this Subject's Principals and credentials.
*
* If a particular credential was destroyed
* (<code>credential.hashCode()</code> throws an
* <code>IllegalStateException</code>),
* ({@code credential.hashCode()} throws an
* {@code IllegalStateException}),
* the hashcode for that credential is derived via:
* <code>credential.getClass().toString().hashCode()</code>.
* {@code credential.getClass().toString().hashCode()}.
*/
int hashCode = 0;
@ -964,7 +964,7 @@ public final class Subject implements java.io.Serializable {
s.defaultReadObject();
// The Credential <code>Set</code> is not serialized, but we do not
// The Credential {@code Set} is not serialized, but we do not
// want the default deserialization routine to set it to null.
this.pubCredentials = Collections.synchronizedSet
(new SecureSet<Object>(this, PUB_CREDENTIAL_SET));
@ -998,13 +998,13 @@ public final class Subject implements java.io.Serializable {
/**
* @serial An integer identifying the type of objects contained
* in this set. If <code>which == 1</code>,
* in this set. If {@code which == 1},
* this is a Principal set and all the elements are
* of type <code>java.security.Principal</code>.
* If <code>which == 2</code>, this is a public credential
* set and all the elements are of type <code>Object</code>.
* If <code>which == 3</code>, this is a private credential
* set and all the elements are of type <code>Object</code>.
* of type {@code java.security.Principal}.
* If {@code which == 2}, this is a public credential
* set and all the elements are of type {@code Object}.
* If {@code which == 3}, this is a private credential
* set and all the elements are of type {@code Object}.
*/
private int which;
@ -1321,7 +1321,7 @@ public final class Subject implements java.io.Serializable {
}
/**
* This class implements a <code>Set</code> which returns only
* This class implements a {@code Set} which returns only
* members that are an instance of a specified Class.
*/
private class ClassSet<T> extends AbstractSet<T> {

62
jdk/src/share/classes/javax/security/auth/SubjectDomainCombiner.java
View file

@ -1,5 +1,5 @@
/*
* Copyright (c) 1999, 2011, Oracle and/or its affiliates. All rights reserved.
* Copyright (c) 1999, 2013, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@ -39,9 +39,9 @@ import java.util.WeakHashMap;
import java.lang.ref.WeakReference;
/**
* A <code>SubjectDomainCombiner</code> updates ProtectionDomains
* with Principals from the <code>Subject</code> associated with this
* <code>SubjectDomainCombiner</code>.
* A {@code SubjectDomainCombiner} updates ProtectionDomains
* with Principals from the {@code Subject} associated with this
* {@code SubjectDomainCombiner}.
*
*/
public class SubjectDomainCombiner implements java.security.DomainCombiner {
@ -66,13 +66,13 @@ public class SubjectDomainCombiner implements java.security.DomainCombiner {
(useJavaxPolicy && cachePolicy());
/**
* Associate the provided <code>Subject</code> with this
* <code>SubjectDomainCombiner</code>.
* Associate the provided {@code Subject} with this
* {@code SubjectDomainCombiner}.
*
* <p>
*
* @param subject the <code>Subject</code> to be associated with
* with this <code>SubjectDomainCombiner</code>.
* @param subject the {@code Subject} to be associated with
* with this {@code SubjectDomainCombiner}.
*/
public SubjectDomainCombiner(Subject subject) {
this.subject = subject;
@ -85,19 +85,19 @@ public class SubjectDomainCombiner implements java.security.DomainCombiner {
}
/**
* Get the <code>Subject</code> associated with this
* <code>SubjectDomainCombiner</code>.
* Get the {@code Subject} associated with this
* {@code SubjectDomainCombiner}.
*
* <p>
*
* @return the <code>Subject</code> associated with this
* <code>SubjectDomainCombiner</code>, or <code>null</code>
* if no <code>Subject</code> is associated with this
* <code>SubjectDomainCombiner</code>.
* @return the {@code Subject} associated with this
* {@code SubjectDomainCombiner}, or {@code null}
* if no {@code Subject} is associated with this
* {@code SubjectDomainCombiner}.
*
* @exception SecurityException if the caller does not have permission
* to get the <code>Subject</code> associated with this
* <code>SubjectDomainCombiner</code>.
* to get the {@code Subject} associated with this
* {@code SubjectDomainCombiner}.
*/
public Subject getSubject() {
java.lang.SecurityManager sm = System.getSecurityManager();
@ -110,18 +110,18 @@ public class SubjectDomainCombiner implements java.security.DomainCombiner {
/**
* Update the relevant ProtectionDomains with the Principals
* from the <code>Subject</code> associated with this
* <code>SubjectDomainCombiner</code>.
* from the {@code Subject} associated with this
* {@code SubjectDomainCombiner}.
*
* <p> A new <code>ProtectionDomain</code> instance is created
* for each <code>ProtectionDomain</code> in the
* <i>currentDomains</i> array. Each new <code>ProtectionDomain</code>
* instance is created using the <code>CodeSource</code>,
* <code>Permission</code>s and <code>ClassLoader</code>
* from the corresponding <code>ProtectionDomain</code> in
* <p> A new {@code ProtectionDomain} instance is created
* for each {@code ProtectionDomain} in the
* <i>currentDomains</i> array. Each new {@code ProtectionDomain}
* instance is created using the {@code CodeSource},
* {@code Permission}s and {@code ClassLoader}
* from the corresponding {@code ProtectionDomain} in
* <i>currentDomains</i>, as well as with the Principals from
* the <code>Subject</code> associated with this
* <code>SubjectDomainCombiner</code>.
* the {@code Subject} associated with this
* {@code SubjectDomainCombiner}.
*
* <p> All of the newly instantiated ProtectionDomains are
* combined into a new array. The ProtectionDomains from the
@ -136,23 +136,23 @@ public class SubjectDomainCombiner implements java.security.DomainCombiner {
*
* @param currentDomains the ProtectionDomains associated with the
* current execution Thread, up to the most recent
* privileged <code>ProtectionDomain</code>.
* privileged {@code ProtectionDomain}.
* The ProtectionDomains are are listed in order of execution,
* with the most recently executing <code>ProtectionDomain</code>
* with the most recently executing {@code ProtectionDomain}
* residing at the beginning of the array. This parameter may
* be <code>null</code> if the current execution Thread
* be {@code null} if the current execution Thread
* has no associated ProtectionDomains.<p>
*
* @param assignedDomains the ProtectionDomains inherited from the
* parent Thread, or the ProtectionDomains from the
* privileged <i>context</i>, if a call to
* AccessController.doPrivileged(..., <i>context</i>)
* had occurred This parameter may be <code>null</code>
* had occurred This parameter may be {@code null}
* if there were no ProtectionDomains inherited from the
* parent Thread, or from the privileged <i>context</i>.
*
* @return a new array consisting of the updated ProtectionDomains,
* or <code>null</code>.
* or {@code null}.
*/
public ProtectionDomain[] combine(ProtectionDomain[] currentDomains,
ProtectionDomain[] assignedDomains) {

8
jdk/src/share/classes/javax/security/auth/callback/Callback.java
View file

@ -1,5 +1,5 @@
/*
* Copyright (c) 1999, Oracle and/or its affiliates. All rights reserved.
* Copyright (c) 1999, 2013, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@ -28,14 +28,14 @@ package javax.security.auth.callback;
/**
* <p> Implementations of this interface are passed to a
* <code>CallbackHandler</code>, allowing underlying security services
* {@code CallbackHandler}, allowing underlying security services
* the ability to interact with a calling application to retrieve specific
* authentication data such as usernames and passwords, or to display
* certain information, such as error and warning messages.
*
* <p> <code>Callback</code> implementations do not retrieve or
* <p> {@code Callback} implementations do not retrieve or
* display the information requested by underlying security services.
* <code>Callback</code> implementations simply provide the means
* {@code Callback} implementations simply provide the means
* to pass such requests to applications, and for applications,
* if appropriate, to return requested information back to the
* underlying security services.

28
jdk/src/share/classes/javax/security/auth/callback/CallbackHandler.java
View file

@ -1,5 +1,5 @@
/*
* Copyright (c) 1999, 2012, Oracle and/or its affiliates. All rights reserved.
* Copyright (c) 1999, 2013, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@ -26,7 +26,7 @@
package javax.security.auth.callback;
/**
* <p> An application implements a <code>CallbackHandler</code> and passes
* <p> An application implements a {@code CallbackHandler} and passes
* it to underlying security services so that they may interact with
* the application to retrieve specific authentication data,
* such as usernames and passwords, or to display certain information,
@ -40,12 +40,12 @@ package javax.security.auth.callback;
*
* <p> Underlying security services make requests for different types
* of information by passing individual Callbacks to the
* <code>CallbackHandler</code>. The <code>CallbackHandler</code>
* {@code CallbackHandler}. The {@code CallbackHandler}
* implementation decides how to retrieve and display information
* depending on the Callbacks passed to it. For example,
* if the underlying service needs a username and password to
* authenticate a user, it uses a <code>NameCallback</code> and
* <code>PasswordCallback</code>. The <code>CallbackHandler</code>
* authenticate a user, it uses a {@code NameCallback} and
* {@code PasswordCallback}. The {@code CallbackHandler}
* can then choose to prompt for a username and password serially,
* or to prompt for both in a single window.
*
@ -54,10 +54,10 @@ package javax.security.auth.callback;
* {@code auth.login.defaultCallbackHandler} security property.
*
* <p> If the security property is set to the fully qualified name of a
* <code>CallbackHandler</code> implementation class,
* then a <code>LoginContext</code> will load the specified
* <code>CallbackHandler</code> and pass it to the underlying LoginModules.
* The <code>LoginContext</code> only loads the default handler
* {@code CallbackHandler} implementation class,
* then a {@code LoginContext} will load the specified
* {@code CallbackHandler} and pass it to the underlying LoginModules.
* The {@code LoginContext} only loads the default handler
* if it was not provided one.
*
* <p> All default handler implementations must provide a public
@ -71,11 +71,11 @@ public interface CallbackHandler {
* <p> Retrieve or display the information requested in the
* provided Callbacks.
*
* <p> The <code>handle</code> method implementation checks the
* instance(s) of the <code>Callback</code> object(s) passed in
* <p> The {@code handle} method implementation checks the
* instance(s) of the {@code Callback} object(s) passed in
* to retrieve or display the requested information.
* The following example is provided to help demonstrate what an
* <code>handle</code> method implementation might look like.
* {@code handle} method implementation might look like.
* This example code is for guidance only. Many details,
* including proper error handling, are left out for simplicity.
*
@ -135,7 +135,7 @@ public interface CallbackHandler {
* }
* }</pre>
*
* @param callbacks an array of <code>Callback</code> objects provided
* @param callbacks an array of {@code Callback} objects provided
* by an underlying security service which contains
* the information requested to be retrieved or displayed.
*
@ -143,7 +143,7 @@ public interface CallbackHandler {
*
* @exception UnsupportedCallbackException if the implementation of this
* method does not support one or more of the Callbacks
* specified in the <code>callbacks</code> parameter.
* specified in the {@code callbacks} parameter.
*/
void handle(Callback[] callbacks)
throws java.io.IOException, UnsupportedCallbackException;

40
jdk/src/share/classes/javax/security/auth/callback/ChoiceCallback.java
View file

@ -1,5 +1,5 @@
/*
* Copyright (c) 1999, 2003, Oracle and/or its affiliates. All rights reserved.
* Copyright (c) 1999, 2013, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@ -27,8 +27,8 @@ package javax.security.auth.callback;
/**
* <p> Underlying security services instantiate and pass a
* <code>ChoiceCallback</code> to the <code>handle</code>
* method of a <code>CallbackHandler</code> to display a list of choices
* {@code ChoiceCallback} to the {@code handle}
* method of a {@code CallbackHandler} to display a list of choices
* and to retrieve the selected choice(s).
*
* @see javax.security.auth.callback.CallbackHandler
@ -60,13 +60,13 @@ public class ChoiceCallback implements Callback, java.io.Serializable {
private boolean multipleSelectionsAllowed;
/**
* @serial the selected choices, represented as indexes into the
* <code>choices</code> list.
* {@code choices} list.
* @since 1.4
*/
private int[] selections;
/**
* Construct a <code>ChoiceCallback</code> with a prompt,
* Construct a {@code ChoiceCallback} with a prompt,
* a list of choices, a default choice, and a boolean specifying
* whether or not multiple selections from the list of choices are allowed.
*
@ -79,21 +79,21 @@ public class ChoiceCallback implements Callback, java.io.Serializable {
* @param defaultChoice the choice to be used as the default choice
* when the list of choices are displayed. This value
* is represented as an index into the
* <code>choices</code> array. <p>
* {@code choices} array. <p>
*
* @param multipleSelectionsAllowed boolean specifying whether or
* not multiple selections can be made from the
* list of choices.
*
* @exception IllegalArgumentException if <code>prompt</code> is null,
* if <code>prompt</code> has a length of 0,
* if <code>choices</code> is null,
* if <code>choices</code> has a length of 0,
* if any element from <code>choices</code> is null,
* if any element from <code>choices</code>
* has a length of 0 or if <code>defaultChoice</code>
* @exception IllegalArgumentException if {@code prompt} is null,
* if {@code prompt} has a length of 0,
* if {@code choices} is null,
* if {@code choices} has a length of 0,
* if any element from {@code choices} is null,
* if any element from {@code choices}
* has a length of 0 or if {@code defaultChoice}
* does not fall within the array boundaries of
* <code>choices</code>.
* {@code choices}.
*/
public ChoiceCallback(String prompt, String[] choices,
int defaultChoice, boolean multipleSelectionsAllowed) {
@ -142,7 +142,7 @@ public class ChoiceCallback implements Callback, java.io.Serializable {
* <p>
*
* @return the defaultChoice, represented as an index into
* the <code>choices</code> list.
* the {@code choices} list.
*/
public int getDefaultChoice() {
return defaultChoice;
@ -150,7 +150,7 @@ public class ChoiceCallback implements Callback, java.io.Serializable {
/**
* Get the boolean determining whether multiple selections from
* the <code>choices</code> list are allowed.
* the {@code choices} list are allowed.
*
* <p>
*
@ -166,7 +166,7 @@ public class ChoiceCallback implements Callback, java.io.Serializable {
* <p>
*
* @param selection the selection represented as an index into the
* <code>choices</code> list.
* {@code choices} list.
*
* @see #getSelectedIndexes
*/
@ -181,11 +181,11 @@ public class ChoiceCallback implements Callback, java.io.Serializable {
* <p>
*
* @param selections the selections represented as indexes into the
* <code>choices</code> list.
* {@code choices} list.
*
* @exception UnsupportedOperationException if multiple selections are
* not allowed, as determined by
* <code>allowMultipleSelections</code>.
* {@code allowMultipleSelections}.
*
* @see #getSelectedIndexes
*/
@ -201,7 +201,7 @@ public class ChoiceCallback implements Callback, java.io.Serializable {
* <p>
*
* @return the selected choices, represented as indexes into the
* <code>choices</code> list.
* {@code choices} list.
*
* @see #setSelectedIndexes
*/

236
jdk/src/share/classes/javax/security/auth/callback/ConfirmationCallback.java
View file

@ -1,5 +1,5 @@
/*
* Copyright (c) 1999, 2003, Oracle and/or its affiliates. All rights reserved.
* Copyright (c) 1999, 2013, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@ -27,8 +27,8 @@ package javax.security.auth.callback;
/**
* <p> Underlying security services instantiate and pass a
* <code>ConfirmationCallback</code> to the <code>handle</code>
* method of a <code>CallbackHandler</code> to ask for YES/NO,
* {@code ConfirmationCallback} to the {@code handle}
* method of a {@code CallbackHandler} to ask for YES/NO,
* OK/CANCEL, YES/NO/CANCEL or other similar confirmations.
*
* @see javax.security.auth.callback.CallbackHandler
@ -40,9 +40,9 @@ public class ConfirmationCallback implements Callback, java.io.Serializable {
/**
* Unspecified option type.
*
* <p> The <code>getOptionType</code> method returns this
* value if this <code>ConfirmationCallback</code> was instantiated
* with <code>options</code> instead of an <code>optionType</code>.
* <p> The {@code getOptionType} method returns this
* value if this {@code ConfirmationCallback} was instantiated
* with {@code options} instead of an {@code optionType}.
*/
public static final int UNSPECIFIED_OPTION = -1;
@ -50,9 +50,9 @@ public class ConfirmationCallback implements Callback, java.io.Serializable {
* YES/NO confirmation option.
*
* <p> An underlying security service specifies this as the
* <code>optionType</code> to a <code>ConfirmationCallback</code>
* {@code optionType} to a {@code ConfirmationCallback}
* constructor if it requires a confirmation which can be answered
* with either <code>YES</code> or <code>NO</code>.
* with either {@code YES} or {@code NO}.
*/
public static final int YES_NO_OPTION = 0;
@ -60,9 +60,9 @@ public class ConfirmationCallback implements Callback, java.io.Serializable {
* YES/NO/CANCEL confirmation confirmation option.
*
* <p> An underlying security service specifies this as the
* <code>optionType</code> to a <code>ConfirmationCallback</code>
* {@code optionType} to a {@code ConfirmationCallback}
* constructor if it requires a confirmation which can be answered
* with either <code>YES</code>, <code>NO</code> or <code>CANCEL</code>.
* with either {@code YES}, {@code NO} or {@code CANCEL}.
*/
public static final int YES_NO_CANCEL_OPTION = 1;
@ -70,45 +70,45 @@ public class ConfirmationCallback implements Callback, java.io.Serializable {
* OK/CANCEL confirmation confirmation option.
*
* <p> An underlying security service specifies this as the
* <code>optionType</code> to a <code>ConfirmationCallback</code>
* {@code optionType} to a {@code ConfirmationCallback}
* constructor if it requires a confirmation which can be answered
* with either <code>OK</code> or <code>CANCEL</code>.
* with either {@code OK} or {@code CANCEL}.
*/
public static final int OK_CANCEL_OPTION = 2;
/**
* YES option.
*
* <p> If an <code>optionType</code> was specified to this
* <code>ConfirmationCallback</code>, this option may be specified as a
* <code>defaultOption</code> or returned as the selected index.
* <p> If an {@code optionType} was specified to this
* {@code ConfirmationCallback}, this option may be specified as a
* {@code defaultOption} or returned as the selected index.
*/
public static final int YES = 0;
/**
* NO option.
*
* <p> If an <code>optionType</code> was specified to this
* <code>ConfirmationCallback</code>, this option may be specified as a
* <code>defaultOption</code> or returned as the selected index.
* <p> If an {@code optionType} was specified to this
* {@code ConfirmationCallback}, this option may be specified as a
* {@code defaultOption} or returned as the selected index.
*/
public static final int NO = 1;
/**
* CANCEL option.
*
* <p> If an <code>optionType</code> was specified to this
* <code>ConfirmationCallback</code>, this option may be specified as a
* <code>defaultOption</code> or returned as the selected index.
* <p> If an {@code optionType} was specified to this
* {@code ConfirmationCallback}, this option may be specified as a
* {@code defaultOption} or returned as the selected index.
*/
public static final int CANCEL = 2;
/**
* OK option.
*
* <p> If an <code>optionType</code> was specified to this
* <code>ConfirmationCallback</code>, this option may be specified as a
* <code>defaultOption</code> or returned as the selected index.
* <p> If an {@code optionType} was specified to this
* {@code ConfirmationCallback}, this option may be specified as a
* {@code defaultOption} or returned as the selected index.
*/
public static final int OK = 3;
@ -152,7 +152,7 @@ public class ConfirmationCallback implements Callback, java.io.Serializable {
private int selection;
/**
* Construct a <code>ConfirmationCallback</code> with a
* Construct a {@code ConfirmationCallback} with a
* message type, an option type and a default option.
*
* <p> Underlying security services use this constructor if
@ -161,27 +161,27 @@ public class ConfirmationCallback implements Callback, java.io.Serializable {
*
* <p>
*
* @param messageType the message type (<code>INFORMATION</code>,
* <code>WARNING</code> or <code>ERROR</code>). <p>
* @param messageType the message type ({@code INFORMATION},
* {@code WARNING} or {@code ERROR}). <p>
*
* @param optionType the option type (<code>YES_NO_OPTION</code>,
* <code>YES_NO_CANCEL_OPTION</code> or
* <code>OK_CANCEL_OPTION</code>). <p>
* @param optionType the option type ({@code YES_NO_OPTION},
* {@code YES_NO_CANCEL_OPTION} or
* {@code OK_CANCEL_OPTION}). <p>
*
* @param defaultOption the default option
* from the provided optionType (<code>YES</code>,
* <code>NO</code>, <code>CANCEL</code> or
* <code>OK</code>).
* from the provided optionType ({@code YES},
* {@code NO}, {@code CANCEL} or
* {@code OK}).
*
* @exception IllegalArgumentException if messageType is not either
* <code>INFORMATION</code>, <code>WARNING</code>,
* or <code>ERROR</code>, if optionType is not either
* <code>YES_NO_OPTION</code>,
* <code>YES_NO_CANCEL_OPTION</code>, or
* <code>OK_CANCEL_OPTION</code>,
* or if <code>defaultOption</code>
* {@code INFORMATION}, {@code WARNING},
* or {@code ERROR}, if optionType is not either
* {@code YES_NO_OPTION},
* {@code YES_NO_CANCEL_OPTION}, or
* {@code OK_CANCEL_OPTION},
* or if {@code defaultOption}
* does not correspond to one of the options in
* <code>optionType</code>.
* {@code optionType}.
*/
public ConfirmationCallback(int messageType,
int optionType, int defaultOption) {
@ -212,35 +212,35 @@ public class ConfirmationCallback implements Callback, java.io.Serializable {
}
/**
* Construct a <code>ConfirmationCallback</code> with a
* Construct a {@code ConfirmationCallback} with a
* message type, a list of options and a default option.
*
* <p> Underlying security services use this constructor if
* they require a confirmation different from the available preset
* confirmations provided (for example, CONTINUE/ABORT or STOP/GO).
* The confirmation options are listed in the <code>options</code> array,
* and are displayed by the <code>CallbackHandler</code> implementation
* The confirmation options are listed in the {@code options} array,
* and are displayed by the {@code CallbackHandler} implementation
* in a manner consistent with the way preset options are displayed.
*
* <p>
*
* @param messageType the message type (<code>INFORMATION</code>,
* <code>WARNING</code> or <code>ERROR</code>). <p>
* @param messageType the message type ({@code INFORMATION},
* {@code WARNING} or {@code ERROR}). <p>
*
* @param options the list of confirmation options. <p>
*
* @param defaultOption the default option, represented as an index
* into the <code>options</code> array.
* into the {@code options} array.
*
* @exception IllegalArgumentException if messageType is not either
* <code>INFORMATION</code>, <code>WARNING</code>,
* or <code>ERROR</code>, if <code>options</code> is null,
* if <code>options</code> has a length of 0,
* if any element from <code>options</code> is null,
* if any element from <code>options</code>
* has a length of 0, or if <code>defaultOption</code>
* {@code INFORMATION}, {@code WARNING},
* or {@code ERROR}, if {@code options} is null,
* if {@code options} has a length of 0,
* if any element from {@code options} is null,
* if any element from {@code options}
* has a length of 0, or if {@code defaultOption}
* does not lie within the array boundaries of
* <code>options</code>.
* {@code options}.
*/
public ConfirmationCallback(int messageType,
String[] options, int defaultOption) {
@ -261,7 +261,7 @@ public class ConfirmationCallback implements Callback, java.io.Serializable {
}
/**
* Construct a <code>ConfirmationCallback</code> with a prompt,
* Construct a {@code ConfirmationCallback} with a prompt,
* message type, an option type and a default option.
*
* <p> Underlying security services use this constructor if
@ -272,29 +272,29 @@ public class ConfirmationCallback implements Callback, java.io.Serializable {
*
* @param prompt the prompt used to describe the list of options. <p>
*
* @param messageType the message type (<code>INFORMATION</code>,
* <code>WARNING</code> or <code>ERROR</code>). <p>
* @param messageType the message type ({@code INFORMATION},
* {@code WARNING} or {@code ERROR}). <p>
*
* @param optionType the option type (<code>YES_NO_OPTION</code>,
* <code>YES_NO_CANCEL_OPTION</code> or
* <code>OK_CANCEL_OPTION</code>). <p>
* @param optionType the option type ({@code YES_NO_OPTION},
* {@code YES_NO_CANCEL_OPTION} or
* {@code OK_CANCEL_OPTION}). <p>
*
* @param defaultOption the default option
* from the provided optionType (<code>YES</code>,
* <code>NO</code>, <code>CANCEL</code> or
* <code>OK</code>).
* from the provided optionType ({@code YES},
* {@code NO}, {@code CANCEL} or
* {@code OK}).
*
* @exception IllegalArgumentException if <code>prompt</code> is null,
* if <code>prompt</code> has a length of 0,
* @exception IllegalArgumentException if {@code prompt} is null,
* if {@code prompt} has a length of 0,
* if messageType is not either
* <code>INFORMATION</code>, <code>WARNING</code>,
* or <code>ERROR</code>, if optionType is not either
* <code>YES_NO_OPTION</code>,
* <code>YES_NO_CANCEL_OPTION</code>, or
* <code>OK_CANCEL_OPTION</code>,
* or if <code>defaultOption</code>
* {@code INFORMATION}, {@code WARNING},
* or {@code ERROR}, if optionType is not either
* {@code YES_NO_OPTION},
* {@code YES_NO_CANCEL_OPTION}, or
* {@code OK_CANCEL_OPTION},
* or if {@code defaultOption}
* does not correspond to one of the options in
* <code>optionType</code>.
* {@code optionType}.
*/
public ConfirmationCallback(String prompt, int messageType,
int optionType, int defaultOption) {
@ -327,39 +327,39 @@ public class ConfirmationCallback implements Callback, java.io.Serializable {
}
/**
* Construct a <code>ConfirmationCallback</code> with a prompt,
* Construct a {@code ConfirmationCallback} with a prompt,
* message type, a list of options and a default option.
*
* <p> Underlying security services use this constructor if
* they require a confirmation different from the available preset
* confirmations provided (for example, CONTINUE/ABORT or STOP/GO).
* The confirmation options are listed in the <code>options</code> array,
* and are displayed by the <code>CallbackHandler</code> implementation
* The confirmation options are listed in the {@code options} array,
* and are displayed by the {@code CallbackHandler} implementation
* in a manner consistent with the way preset options are displayed.
*
* <p>
*
* @param prompt the prompt used to describe the list of options. <p>
*
* @param messageType the message type (<code>INFORMATION</code>,
* <code>WARNING</code> or <code>ERROR</code>). <p>
* @param messageType the message type ({@code INFORMATION},
* {@code WARNING} or {@code ERROR}). <p>
*
* @param options the list of confirmation options. <p>
*
* @param defaultOption the default option, represented as an index
* into the <code>options</code> array.
* into the {@code options} array.
*
* @exception IllegalArgumentException if <code>prompt</code> is null,
* if <code>prompt</code> has a length of 0,
* @exception IllegalArgumentException if {@code prompt} is null,
* if {@code prompt} has a length of 0,
* if messageType is not either
* <code>INFORMATION</code>, <code>WARNING</code>,
* or <code>ERROR</code>, if <code>options</code> is null,
* if <code>options</code> has a length of 0,
* if any element from <code>options</code> is null,
* if any element from <code>options</code>
* has a length of 0, or if <code>defaultOption</code>
* {@code INFORMATION}, {@code WARNING},
* or {@code ERROR}, if {@code options} is null,
* if {@code options} has a length of 0,
* if any element from {@code options} is null,
* if any element from {@code options}
* has a length of 0, or if {@code defaultOption}
* does not lie within the array boundaries of
* <code>options</code>.
* {@code options}.
*/
public ConfirmationCallback(String prompt, int messageType,
String[] options, int defaultOption) {
@ -386,8 +386,8 @@ public class ConfirmationCallback implements Callback, java.io.Serializable {
*
* <p>
*
* @return the prompt, or null if this <code>ConfirmationCallback</code>
* was instantiated without a <code>prompt</code>.
* @return the prompt, or null if this {@code ConfirmationCallback}
* was instantiated without a {@code prompt}.
*/
public String getPrompt() {
return prompt;
@ -398,8 +398,8 @@ public class ConfirmationCallback implements Callback, java.io.Serializable {
*
* <p>
*
* @return the message type (<code>INFORMATION</code>,
* <code>WARNING</code> or <code>ERROR</code>).
* @return the message type ({@code INFORMATION},
* {@code WARNING} or {@code ERROR}).
*/
public int getMessageType() {
return messageType;
@ -408,20 +408,20 @@ public class ConfirmationCallback implements Callback, java.io.Serializable {
/**
* Get the option type.
*
* <p> If this method returns <code>UNSPECIFIED_OPTION</code>, then this
* <code>ConfirmationCallback</code> was instantiated with
* <code>options</code> instead of an <code>optionType</code>.
* In this case, invoke the <code>getOptions</code> method
* <p> If this method returns {@code UNSPECIFIED_OPTION}, then this
* {@code ConfirmationCallback} was instantiated with
* {@code options} instead of an {@code optionType}.
* In this case, invoke the {@code getOptions} method
* to determine which confirmation options to display.
*
* <p>
*
* @return the option type (<code>YES_NO_OPTION</code>,
* <code>YES_NO_CANCEL_OPTION</code> or
* <code>OK_CANCEL_OPTION</code>), or
* <code>UNSPECIFIED_OPTION</code> if this
* <code>ConfirmationCallback</code> was instantiated with
* <code>options</code> instead of an <code>optionType</code>.
* @return the option type ({@code YES_NO_OPTION},
* {@code YES_NO_CANCEL_OPTION} or
* {@code OK_CANCEL_OPTION}), or
* {@code UNSPECIFIED_OPTION} if this
* {@code ConfirmationCallback} was instantiated with
* {@code options} instead of an {@code optionType}.
*/
public int getOptionType() {
return optionType;
@ -433,8 +433,8 @@ public class ConfirmationCallback implements Callback, java.io.Serializable {
* <p>
*
* @return the list of confirmation options, or null if this
* <code>ConfirmationCallback</code> was instantiated with
* an <code>optionType</code> instead of <code>options</code>.
* {@code ConfirmationCallback} was instantiated with
* an {@code optionType} instead of {@code options}.
*/
public String[] getOptions() {
return options;
@ -446,14 +446,14 @@ public class ConfirmationCallback implements Callback, java.io.Serializable {
* <p>
*
* @return the default option, represented as
* <code>YES</code>, <code>NO</code>, <code>OK</code> or
* <code>CANCEL</code> if an <code>optionType</code>
* {@code YES}, {@code NO}, {@code OK} or
* {@code CANCEL} if an {@code optionType}
* was specified to the constructor of this
* <code>ConfirmationCallback</code>.
* {@code ConfirmationCallback}.
* Otherwise, this method returns the default option as
* an index into the
* <code>options</code> array specified to the constructor
* of this <code>ConfirmationCallback</code>.
* {@code options} array specified to the constructor
* of this {@code ConfirmationCallback}.
*/
public int getDefaultOption() {
return defaultOption;
@ -464,13 +464,13 @@ public class ConfirmationCallback implements Callback, java.io.Serializable {
*
* <p>
*
* @param selection the selection represented as <code>YES</code>,
* <code>NO</code>, <code>OK</code> or <code>CANCEL</code>
* if an <code>optionType</code> was specified to the constructor
* of this <code>ConfirmationCallback</code>.
* @param selection the selection represented as {@code YES},
* {@code NO}, {@code OK} or {@code CANCEL}
* if an {@code optionType} was specified to the constructor
* of this {@code ConfirmationCallback}.
* Otherwise, the selection represents the index into the
* <code>options</code> array specified to the constructor
* of this <code>ConfirmationCallback</code>.
* {@code options} array specified to the constructor
* of this {@code ConfirmationCallback}.
*
* @see #getSelectedIndex
*/
@ -484,14 +484,14 @@ public class ConfirmationCallback implements Callback, java.io.Serializable {
* <p>
*
* @return the selected confirmation option represented as
* <code>YES</code>, <code>NO</code>, <code>OK</code> or
* <code>CANCEL</code> if an <code>optionType</code>
* {@code YES}, {@code NO}, {@code OK} or
* {@code CANCEL} if an {@code optionType}
* was specified to the constructor of this
* <code>ConfirmationCallback</code>.
* {@code ConfirmationCallback}.
* Otherwise, this method returns the selected confirmation
* option as an index into the
* <code>options</code> array specified to the constructor
* of this <code>ConfirmationCallback</code>.
* {@code options} array specified to the constructor
* of this {@code ConfirmationCallback}.
*
* @see #setSelectedIndex
*/

18
jdk/src/share/classes/javax/security/auth/callback/LanguageCallback.java
View file

@ -1,5 +1,5 @@
/*
* Copyright (c) 1999, 2003, Oracle and/or its affiliates. All rights reserved.
* Copyright (c) 1999, 2013, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@ -29,8 +29,8 @@ import java.util.Locale;
/**
* <p> Underlying security services instantiate and pass a
* <code>LanguageCallback</code> to the <code>handle</code>
* method of a <code>CallbackHandler</code> to retrieve the <code>Locale</code>
* {@code LanguageCallback} to the {@code handle}
* method of a {@code CallbackHandler} to retrieve the {@code Locale}
* used for localizing text.
*
* @see javax.security.auth.callback.CallbackHandler
@ -46,16 +46,16 @@ public class LanguageCallback implements Callback, java.io.Serializable {
private Locale locale;
/**
* Construct a <code>LanguageCallback</code>.
* Construct a {@code LanguageCallback}.
*/
public LanguageCallback() { }
/**
* Set the retrieved <code>Locale</code>.
* Set the retrieved {@code Locale}.
*
* <p>
*
* @param locale the retrieved <code>Locale</code>.
* @param locale the retrieved {@code Locale}.
*
* @see #getLocale
*/
@ -64,12 +64,12 @@ public class LanguageCallback implements Callback, java.io.Serializable {
}
/**
* Get the retrieved <code>Locale</code>.
* Get the retrieved {@code Locale}.
*
* <p>
*
* @return the retrieved <code>Locale</code>, or null
* if no <code>Locale</code> could be retrieved.
* @return the retrieved {@code Locale}, or null
* if no {@code Locale} could be retrieved.
*
* @see #setLocale
*/

26
jdk/src/share/classes/javax/security/auth/callback/NameCallback.java
View file

@ -1,5 +1,5 @@
/*
* Copyright (c) 1999, 2003, Oracle and/or its affiliates. All rights reserved.
* Copyright (c) 1999, 2013, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@ -27,8 +27,8 @@ package javax.security.auth.callback;
/**
* <p> Underlying security services instantiate and pass a
* <code>NameCallback</code> to the <code>handle</code>
* method of a <code>CallbackHandler</code> to retrieve name information.
* {@code NameCallback} to the {@code handle}
* method of a {@code CallbackHandler} to retrieve name information.
*
* @see javax.security.auth.callback.CallbackHandler
*/
@ -53,14 +53,14 @@ public class NameCallback implements Callback, java.io.Serializable {
private String inputName;
/**
* Construct a <code>NameCallback</code> with a prompt.
* Construct a {@code NameCallback} with a prompt.
*
* <p>
*
* @param prompt the prompt used to request the name.
*
* @exception IllegalArgumentException if <code>prompt</code> is null
* or if <code>prompt</code> has a length of 0.
* @exception IllegalArgumentException if {@code prompt} is null
* or if {@code prompt} has a length of 0.
*/
public NameCallback(String prompt) {
if (prompt == null || prompt.length() == 0)
@ -69,7 +69,7 @@ public class NameCallback implements Callback, java.io.Serializable {
}
/**
* Construct a <code>NameCallback</code> with a prompt
* Construct a {@code NameCallback} with a prompt
* and default name.
*
* <p>
@ -79,10 +79,10 @@ public class NameCallback implements Callback, java.io.Serializable {
* @param defaultName the name to be used as the default name displayed
* with the prompt.
*
* @exception IllegalArgumentException if <code>prompt</code> is null,
* if <code>prompt</code> has a length of 0,
* if <code>defaultName</code> is null,
* or if <code>defaultName</code> has a length of 0.
* @exception IllegalArgumentException if {@code prompt} is null,
* if {@code prompt} has a length of 0,
* if {@code defaultName} is null,
* or if {@code defaultName} has a length of 0.
*/
public NameCallback(String prompt, String defaultName) {
if (prompt == null || prompt.length() == 0 ||
@ -109,8 +109,8 @@ public class NameCallback implements Callback, java.io.Serializable {
*
* <p>
*
* @return the default name, or null if this <code>NameCallback</code>
* was not instantiated with a <code>defaultName</code>.
* @return the default name, or null if this {@code NameCallback}
* was not instantiated with a {@code defaultName}.
*/
public String getDefaultName() {
return defaultName;

12
jdk/src/share/classes/javax/security/auth/callback/PasswordCallback.java
View file

@ -1,5 +1,5 @@
/*
* Copyright (c) 1999, 2003, Oracle and/or its affiliates. All rights reserved.
* Copyright (c) 1999, 2013, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@ -27,8 +27,8 @@ package javax.security.auth.callback;
/**
* <p> Underlying security services instantiate and pass a
* <code>PasswordCallback</code> to the <code>handle</code>
* method of a <code>CallbackHandler</code> to retrieve password information.
* {@code PasswordCallback} to the {@code handle}
* method of a {@code CallbackHandler} to retrieve password information.
*
* @see javax.security.auth.callback.CallbackHandler
*/
@ -53,7 +53,7 @@ public class PasswordCallback implements Callback, java.io.Serializable {
private char[] inputPassword;
/**
* Construct a <code>PasswordCallback</code> with a prompt
* Construct a {@code PasswordCallback} with a prompt
* and a boolean specifying whether the password should be displayed
* as it is being typed.
*
@ -64,8 +64,8 @@ public class PasswordCallback implements Callback, java.io.Serializable {
* @param echoOn true if the password should be displayed
* as it is being typed.
*
* @exception IllegalArgumentException if <code>prompt</code> is null or
* if <code>prompt</code> has a length of 0.
* @exception IllegalArgumentException if {@code prompt} is null or
* if {@code prompt} has a length of 0.
*/
public PasswordCallback(String prompt, boolean echoOn) {
if (prompt == null || prompt.length() == 0)

26
jdk/src/share/classes/javax/security/auth/callback/TextInputCallback.java
View file

@ -1,5 +1,5 @@
/*
* Copyright (c) 1999, 2003, Oracle and/or its affiliates. All rights reserved.
* Copyright (c) 1999, 2013, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@ -27,8 +27,8 @@ package javax.security.auth.callback;
/**
* <p> Underlying security services instantiate and pass a
* <code>TextInputCallback</code> to the <code>handle</code>
* method of a <code>CallbackHandler</code> to retrieve generic text
* {@code TextInputCallback} to the {@code handle}
* method of a {@code CallbackHandler} to retrieve generic text
* information.
*
* @see javax.security.auth.callback.CallbackHandler
@ -54,14 +54,14 @@ public class TextInputCallback implements Callback, java.io.Serializable {
private String inputText;
/**
* Construct a <code>TextInputCallback</code> with a prompt.
* Construct a {@code TextInputCallback} with a prompt.
*
* <p>
*
* @param prompt the prompt used to request the information.
*
* @exception IllegalArgumentException if <code>prompt</code> is null
* or if <code>prompt</code> has a length of 0.
* @exception IllegalArgumentException if {@code prompt} is null
* or if {@code prompt} has a length of 0.
*/
public TextInputCallback(String prompt) {
if (prompt == null || prompt.length() == 0)
@ -70,7 +70,7 @@ public class TextInputCallback implements Callback, java.io.Serializable {
}
/**
* Construct a <code>TextInputCallback</code> with a prompt
* Construct a {@code TextInputCallback} with a prompt
* and default input value.
*
* <p>
@ -80,10 +80,10 @@ public class TextInputCallback implements Callback, java.io.Serializable {
* @param defaultText the text to be used as the default text displayed
* with the prompt.
*
* @exception IllegalArgumentException if <code>prompt</code> is null,
* if <code>prompt</code> has a length of 0,
* if <code>defaultText</code> is null
* or if <code>defaultText</code> has a length of 0.
* @exception IllegalArgumentException if {@code prompt} is null,
* if {@code prompt} has a length of 0,
* if {@code defaultText} is null
* or if {@code defaultText} has a length of 0.
*/
public TextInputCallback(String prompt, String defaultText) {
if (prompt == null || prompt.length() == 0 ||
@ -110,8 +110,8 @@ public class TextInputCallback implements Callback, java.io.Serializable {
*
* <p>
*
* @return the default text, or null if this <code>TextInputCallback</code>
* was not instantiated with <code>defaultText</code>.
* @return the default text, or null if this {@code TextInputCallback}
* was not instantiated with {@code defaultText}.
*/
public String getDefaultText() {
return defaultText;

24
jdk/src/share/classes/javax/security/auth/callback/TextOutputCallback.java
View file

@ -1,5 +1,5 @@
/*
* Copyright (c) 1999, 2003, Oracle and/or its affiliates. All rights reserved.
* Copyright (c) 1999, 2013, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@ -27,8 +27,8 @@ package javax.security.auth.callback;
/**
* <p> Underlying security services instantiate and pass a
* <code>TextOutputCallback</code> to the <code>handle</code>
* method of a <code>CallbackHandler</code> to display information messages,
* {@code TextOutputCallback} to the {@code handle}
* method of a {@code CallbackHandler} to display information messages,
* warning messages and error messages.
*
* @see javax.security.auth.callback.CallbackHandler
@ -61,16 +61,16 @@ public class TextOutputCallback implements Callback, java.io.Serializable {
*
* <p>
*
* @param messageType the message type (<code>INFORMATION</code>,
* <code>WARNING</code> or <code>ERROR</code>). <p>
* @param messageType the message type ({@code INFORMATION},
* {@code WARNING} or {@code ERROR}). <p>
*
* @param message the message to be displayed. <p>
*
* @exception IllegalArgumentException if <code>messageType</code>
* is not either <code>INFORMATION</code>,
* <code>WARNING</code> or <code>ERROR</code>,
* if <code>message</code> is null,
* or if <code>message</code> has a length of 0.
* @exception IllegalArgumentException if {@code messageType}
* is not either {@code INFORMATION},
* {@code WARNING} or {@code ERROR},
* if {@code message} is null,
* or if {@code message} has a length of 0.
*/
public TextOutputCallback(int messageType, String message) {
if ((messageType != INFORMATION &&
@ -87,8 +87,8 @@ public class TextOutputCallback implements Callback, java.io.Serializable {
*
* <p>
*
* @return the message type (<code>INFORMATION</code>,
* <code>WARNING</code> or <code>ERROR</code>).
* @return the message type ({@code INFORMATION},
* {@code WARNING} or {@code ERROR}).
*/
public int getMessageType() {
return messageType;

16
jdk/src/share/classes/javax/security/auth/callback/UnsupportedCallbackException.java
View file

@ -1,5 +1,5 @@
/*
* Copyright (c) 1999, 2003, Oracle and/or its affiliates. All rights reserved.
* Copyright (c) 1999, 2013, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@ -26,8 +26,8 @@
package javax.security.auth.callback;
/**
* Signals that a <code>CallbackHandler</code> does not
* recognize a particular <code>Callback</code>.
* Signals that a {@code CallbackHandler} does not
* recognize a particular {@code Callback}.
*
*/
public class UnsupportedCallbackException extends Exception {
@ -40,12 +40,12 @@ public class UnsupportedCallbackException extends Exception {
private Callback callback;
/**
* Constructs a <code>UnsupportedCallbackException</code>
* Constructs a {@code UnsupportedCallbackException}
* with no detail message.
*
* <p>
*
* @param callback the unrecognized <code>Callback</code>.
* @param callback the unrecognized {@code Callback}.
*/
public UnsupportedCallbackException(Callback callback) {
super();
@ -59,7 +59,7 @@ public class UnsupportedCallbackException extends Exception {
*
* <p>
*
* @param callback the unrecognized <code>Callback</code>. <p>
* @param callback the unrecognized {@code Callback}. <p>
*
* @param msg the detail message.
*/
@ -69,11 +69,11 @@ public class UnsupportedCallbackException extends Exception {
}
/**
* Get the unrecognized <code>Callback</code>.
* Get the unrecognized {@code Callback}.
*
* <p>
*
* @return the unrecognized <code>Callback</code>.
* @return the unrecognized {@code Callback}.
*/
public Callback getCallback() {
return callback;

35
jdk/src/share/classes/javax/security/auth/callback/package-info.java Normal file
View file

@ -0,0 +1,35 @@
/*
* Copyright (c) 2000, 2013, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
* under the terms of the GNU General Public License version 2 only, as
* published by the Free Software Foundation. Oracle designates this
* particular file as subject to the "Classpath" exception as provided
* by Oracle in the LICENSE file that accompanied this code.
*
* This code is distributed in the hope that it will be useful, but WITHOUT
* ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
* FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
* version 2 for more details (a copy is included in the LICENSE file that
* accompanied this code).
*
* You should have received a copy of the GNU General Public License version
* 2 along with this work; if not, write to the Free Software Foundation,
* Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
*
* Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
* or visit www.oracle.com if you need additional information or have any
* questions.
*/
/**
* This package provides the classes necessary for services
* to interact with applications in order to retrieve
* information (authentication data including usernames
* or passwords, for example) or to display information
* (error and warning messages, for example).
*
* @since JDK1.4
*/
package javax.security.auth.callback;

57
jdk/src/share/classes/javax/security/auth/callback/package.html
View file

@ -1,57 +0,0 @@
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 3.2 Final//EN">
<html>
<head>
<!--
Copyright (c) 2000, Oracle and/or its affiliates. All rights reserved.
DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
This code is free software; you can redistribute it and/or modify it
under the terms of the GNU General Public License version 2 only, as
published by the Free Software Foundation. Oracle designates this
particular file as subject to the "Classpath" exception as provided
by Oracle in the LICENSE file that accompanied this code.
This code is distributed in the hope that it will be useful, but WITHOUT
ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
version 2 for more details (a copy is included in the LICENSE file that
accompanied this code).
You should have received a copy of the GNU General Public License version
2 along with this work; if not, write to the Free Software Foundation,
Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
or visit www.oracle.com if you need additional information or have any
questions.
-->
</head>
<body bgcolor="white">
This package provides the classes necessary for services
to interact with applications in order to retrieve
information (authentication data including usernames
or passwords, for example) or to display information
(error and warning messages, for example).
<!--
<h2>Package Specification</h2>
##### FILL IN ANY SPECS NEEDED BY JAVA COMPATIBILITY KIT #####
<ul>
<li><a href="">##### REFER TO ANY FRAMEMAKER SPECIFICATION HERE #####</a>
</ul>
<h2>Related Documentation</h2>
For overviews, tutorials, examples, guides, and tool documentation, please see:
<ul>
<li><a href="">##### REFER TO NON-SPEC DOCUMENTATION HERE #####</a>
</ul>
-->
@since JDK1.4
</body>
</html>

18
jdk/src/share/classes/javax/security/auth/kerberos/DelegationPermission.java
View file

@ -1,5 +1,5 @@
/*
* Copyright (c) 2000, 2012, Oracle and/or its affiliates. All rights reserved.
* Copyright (c) 2000, 2013, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@ -38,7 +38,7 @@ import java.io.IOException;
* This class is used to restrict the usage of the Kerberos
* delegation model, ie: forwardable and proxiable tickets.
* <p>
* The target name of this <code>Permission</code> specifies a pair of
* The target name of this {@code Permission} specifies a pair of
* kerberos service principals. The first is the subordinate service principal
* being entrusted to use the TGT. The second service principal designates
* the target service the subordinate service principal is to
@ -71,15 +71,15 @@ public final class DelegationPermission extends BasicPermission
private transient String subordinate, service;
/**
* Create a new <code>DelegationPermission</code>
* Create a new {@code DelegationPermission}
* with the specified subordinate and target principals.
*
* <p>
*
* @param principals the name of the subordinate and target principals
*
* @throws NullPointerException if <code>principals</code> is <code>null</code>.
* @throws IllegalArgumentException if <code>principals</code> is empty.
* @throws NullPointerException if {@code principals} is {@code null}.
* @throws IllegalArgumentException if {@code principals} is empty.
*/
public DelegationPermission(String principals) {
super(principals);
@ -87,7 +87,7 @@ public final class DelegationPermission extends BasicPermission
}
/**
* Create a new <code>DelegationPermission</code>
* Create a new {@code DelegationPermission}
* with the specified subordinate and target principals.
* <p>
*
@ -95,8 +95,8 @@ public final class DelegationPermission extends BasicPermission
* <p>
* @param actions should be null.
*
* @throws NullPointerException if <code>principals</code> is <code>null</code>.
* @throws IllegalArgumentException if <code>principals</code> is empty.
* @throws NullPointerException if {@code principals} is {@code null}.
* @throws IllegalArgumentException if {@code principals} is empty.
*/
public DelegationPermission(String principals, String actions) {
super(principals, actions);
@ -134,7 +134,7 @@ public final class DelegationPermission extends BasicPermission
* Checks if this Kerberos delegation permission object "implies" the
* specified permission.
* <P>
* If none of the above are true, <code>implies</code> returns false.
* If none of the above are true, {@code implies} returns false.
* @param p the permission to check against.
*
* @return true if the specified permission is implied by this object,

10
jdk/src/share/classes/javax/security/auth/kerberos/KerberosKey.java
View file

@ -1,5 +1,5 @@
/*
* Copyright (c) 2000, 2011, Oracle and/or its affiliates. All rights reserved.
* Copyright (c) 2000, 2013, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@ -76,7 +76,7 @@ public class KerberosKey implements SecretKey, Destroyable {
private int versionNum;
/**
* <code>KeyImpl</code> is serialized by writing out the ASN1 Encoded bytes
* {@code KeyImpl} is serialized by writing out the ASN1 Encoded bytes
* of the encryption key.
* The ASN1 encoding is defined in RFC4120 and as follows:
* <pre>
@ -241,7 +241,7 @@ public class KerberosKey implements SecretKey, Destroyable {
/**
* Returns a hashcode for this KerberosKey.
*
* @return a hashCode() for the <code>KerberosKey</code>
* @return a hashCode() for the {@code KerberosKey}
* @since 1.6
*/
public int hashCode() {
@ -260,8 +260,8 @@ public class KerberosKey implements SecretKey, Destroyable {
/**
* Compares the specified Object with this KerberosKey for equality.
* Returns true if the given object is also a
* <code>KerberosKey</code> and the two
* <code>KerberosKey</code> instances are equivalent.
* {@code KerberosKey} and the two
* {@code KerberosKey} instances are equivalent.
*
* @param other the Object to compare to
* @return true if the specified object is equal to this KerberosKey,

20
jdk/src/share/classes/javax/security/auth/kerberos/KerberosPrincipal.java
View file

@ -1,5 +1,5 @@
/*
* Copyright (c) 2000, 2012, Oracle and/or its affiliates. All rights reserved.
* Copyright (c) 2000, 2013, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@ -181,11 +181,11 @@ public final class KerberosPrincipal
/**
* Returns a hashcode for this principal. The hash code is defined to
* be the result of the following calculation:
* <pre><code>
* <pre>{@code
* hashCode = getName().hashCode();
* </code></pre>
* }</pre>
*
* @return a hashCode() for the <code>KerberosPrincipal</code>
* @return a hashCode() for the {@code KerberosPrincipal}
*/
public int hashCode() {
return getName().hashCode();
@ -194,11 +194,11 @@ public final class KerberosPrincipal
/**
* Compares the specified Object with this Principal for equality.
* Returns true if the given object is also a
* <code>KerberosPrincipal</code> and the two
* <code>KerberosPrincipal</code> instances are equivalent.
* More formally two <code>KerberosPrincipal</code> instances are equal
* if the values returned by <code>getName()</code> are equal and the
* values returned by <code>getNameType()</code> are equal.
* {@code KerberosPrincipal} and the two
* {@code KerberosPrincipal} instances are equivalent.
* More formally two {@code KerberosPrincipal} instances are equal
* if the values returned by {@code getName()} are equal and the
* values returned by {@code getNameType()} are equal.
*
* @param other the Object to compare to
* @return true if the Object passed in represents the same principal
@ -225,7 +225,7 @@ public final class KerberosPrincipal
/**
* Save the KerberosPrincipal object to a stream
*
* @serialData this <code>KerberosPrincipal</code> is serialized
* @serialData this {@code KerberosPrincipal} is serialized
* by writing out the PrincipalName and the
* realm in their DER-encoded form as specified in Section 5.2.2 of
* <a href=http://www.ietf.org/rfc/rfc4120.txt> RFC4120</a>.

10
jdk/src/share/classes/javax/security/auth/kerberos/KerberosTicket.java
View file

@ -1,5 +1,5 @@
/*
* Copyright (c) 2000, 2008, Oracle and/or its affiliates. All rights reserved.
* Copyright (c) 2000, 2013, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@ -103,7 +103,7 @@ public class KerberosTicket implements Destroyable, Refreshable,
private byte[] asn1Encoding;
/**
*<code>KeyImpl</code> is serialized by writing out the ASN1 Encoded bytes
*{@code KeyImpl} is serialized by writing out the ASN1 Encoded bytes
* of the encryption key. The ASN1 encoding is defined in RFC4120 and as
* follows:
* <pre>
@ -667,7 +667,7 @@ public class KerberosTicket implements Destroyable, Refreshable,
/**
* Returns a hashcode for this KerberosTicket.
*
* @return a hashCode() for the <code>KerberosTicket</code>
* @return a hashCode() for the {@code KerberosTicket}
* @since 1.6
*/
public int hashCode() {
@ -704,8 +704,8 @@ public class KerberosTicket implements Destroyable, Refreshable,
/**
* Compares the specified Object with this KerberosTicket for equality.
* Returns true if the given object is also a
* <code>KerberosTicket</code> and the two
* <code>KerberosTicket</code> instances are equivalent.
* {@code KerberosTicket} and the two
* {@code KerberosTicket} instances are equivalent.
*
* @param other the Object to compare to
* @return true if the specified object is equal to this KerberosTicket,

4
jdk/src/share/classes/javax/security/auth/kerberos/KeyImpl.java
View file

@ -1,5 +1,5 @@
/*
* Copyright (c) 2000, 2010, Oracle and/or its affiliates. All rights reserved.
* Copyright (c) 2000, 2013, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@ -166,7 +166,7 @@ class KeyImpl implements SecretKey, Destroyable, Serializable {
}
/**
* @serialData this <code>KeyImpl</code> is serialized by
* @serialData this {@code KeyImpl} is serialized by
* writing out the ASN1 Encoded bytes of the encryption key.
* The ASN1 encoding is defined in RFC4120 and as follows:
* EncryptionKey ::= SEQUENCE {

8
jdk/src/share/classes/javax/security/auth/kerberos/KeyTab.java
View file

@ -1,5 +1,5 @@
/*
* Copyright (c) 2011, Oracle and/or its affiliates. All rights reserved.
* Copyright (c) 2011, 2013, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@ -312,7 +312,7 @@ public final class KeyTab {
/**
* Returns a hashcode for this KeyTab.
*
* @return a hashCode() for the <code>KeyTab</code>
* @return a hashCode() for the {@code KeyTab}
*/
public int hashCode() {
return Objects.hash(file, princ, bound);
@ -321,8 +321,8 @@ public final class KeyTab {
/**
* Compares the specified Object with this KeyTab for equality.
* Returns true if the given object is also a
* <code>KeyTab</code> and the two
* <code>KeyTab</code> instances are equivalent.
* {@code KeyTab} and the two
* {@code KeyTab} instances are equivalent.
*
* @param other the Object to compare to
* @return true if the specified object is equal to this KeyTab

12
jdk/src/share/classes/javax/security/auth/kerberos/ServicePermission.java
View file

@ -1,5 +1,5 @@
/*
* Copyright (c) 2000, 2012, Oracle and/or its affiliates. All rights reserved.
* Copyright (c) 2000, 2013, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@ -50,7 +50,7 @@ import java.io.IOException;
* used within.
* <p>
* The service principal name is the canonical name of the
* <code>KereberosPrincipal</code> supplying the service, that is
* {@code KereberosPrincipal} supplying the service, that is
* the KerberosPrincipal represents a Kerberos service
* principal. This name is treated in a case sensitive manner.
* An asterisk may appear by itself, to signify any service principal.
@ -135,9 +135,9 @@ public final class ServicePermission extends Permission
// created and re-used in the getAction function.
/**
* Create a new <code>ServicePermission</code>
* with the specified <code>servicePrincipal</code>
* and <code>action</code>.
* Create a new {@code ServicePermission}
* with the specified {@code servicePrincipal}
* and {@code action}.
*
* @param servicePrincipal the name of the service principal.
* An asterisk may appear by itself, to signify any service principal.
@ -169,7 +169,7 @@ public final class ServicePermission extends Permission
* Checks if this Kerberos service permission object "implies" the
* specified permission.
* <P>
* If none of the above are true, <code>implies</code> returns false.
* If none of the above are true, {@code implies} returns false.
* @param p the permission to check against.
*
* @return true if the specified permission is implied by this object,

53
jdk/src/share/classes/javax/security/auth/kerberos/package-info.java Normal file
View file

@ -0,0 +1,53 @@
/*
* Copyright (c) 2001, 2013, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
* under the terms of the GNU General Public License version 2 only, as
* published by the Free Software Foundation. Oracle designates this
* particular file as subject to the "Classpath" exception as provided
* by Oracle in the LICENSE file that accompanied this code.
*
* This code is distributed in the hope that it will be useful, but WITHOUT
* ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
* FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
* version 2 for more details (a copy is included in the LICENSE file that
* accompanied this code).
*
* You should have received a copy of the GNU General Public License version
* 2 along with this work; if not, write to the Free Software Foundation,
* Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
*
* Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
* or visit www.oracle.com if you need additional information or have any
* questions.
*/
/**
* This package contains utility classes related to the Kerberos network
* authentication protocol. They do not provide much Kerberos support
* themselves.<p>
*
* The Kerberos network authentication protocol is defined in
* <a href=http://www.ietf.org/rfc/rfc4120.txt>RFC 4120</a>. The Java
* platform contains support for the client side of Kerberos via the
* {@link org.ietf.jgss} package. There might also be
* a login module that implements
* {@link javax.security.auth.spi.LoginModule LoginModule} to authenticate
* Kerberos principals.<p>
*
* You can provide the name of your default realm and Key Distribution
* Center (KDC) host for that realm using the system properties
* {@code java.security.krb5.realm} and {@code java.security.krb5.kdc}.
* Both properties must be set.
* Alternatively, the {@code java.security.krb5.conf} system property can
* be set to the location of an MIT style {@code krb5.conf} configuration
* file. If none of these system properties are set, the {@code krb5.conf}
* file is searched for in an implementation-specific manner. Typically,
* an implementation will first look for a {@code krb5.conf} file in
* {@code <java-home>/lib/security} and failing that, in an OS-specific
* location.<p>
*
* @since JDK1.4
*/
package javax.security.auth.kerberos;

74
jdk/src/share/classes/javax/security/auth/kerberos/package.html
View file

@ -1,74 +0,0 @@
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 3.2 Final//EN">
<html>
<head>
<!--
Copyright (c) 2001, 2006, Oracle and/or its affiliates. All rights reserved.
DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
This code is free software; you can redistribute it and/or modify it
under the terms of the GNU General Public License version 2 only, as
published by the Free Software Foundation. Oracle designates this
particular file as subject to the "Classpath" exception as provided
by Oracle in the LICENSE file that accompanied this code.
This code is distributed in the hope that it will be useful, but WITHOUT
ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
version 2 for more details (a copy is included in the LICENSE file that
accompanied this code).
You should have received a copy of the GNU General Public License version
2 along with this work; if not, write to the Free Software Foundation,
Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
or visit www.oracle.com if you need additional information or have any
questions.
-->
</head>
<body bgcolor="white">
This package contains utility classes related to the Kerberos network
authentication protocol. They do not provide much Kerberos support
themselves.<p>
The Kerberos network authentication protocol is defined in
<a href=http://www.ietf.org/rfc/rfc4120.txt>RFC 4120</a>. The Java
platform contains support for the client side of Kerberos via the
{@link org.ietf.jgss} package. There might also be
a login module that implements
{@link javax.security.auth.spi.LoginModule LoginModule} to authenticate
Kerberos principals.<p>
You can provide the name of your default realm and Key Distribution
Center (KDC) host for that realm using the system properties
{@code java.security.krb5.realm} and {@code java.security.krb5.kdc}.
Both properties must be set.
Alternatively, the {@code java.security.krb5.conf} system property can
be set to the location of an MIT style {@code krb5.conf} configuration
file. If none of these system properties are set, the {@code krb5.conf}
file is searched for in an implementation-specific manner. Typically,
an implementation will first look for a {@code krb5.conf} file in
{@code <java-home>/lib/security} and failing that, in an OS-specific
location.<p>
<!--
<h2>Package Specification</h2>
##### FILL IN ANY SPECS NEEDED BY JAVA COMPATIBILITY KIT #####
<ul>
<li><a href="">##### REFER TO ANY FRAMEMAKER SPECIFICATION HERE #####</a>
</ul>
<h2>Related Documentation</h2>
For overviews, tutorials, examples, guides, and tool documentation, please see:
<ul>
<li><a href="">##### REFER TO NON-SPEC DOCUMENTATION HERE #####</a>
</ul>
-->
@since JDK1.4
</body>
</html>

6
jdk/src/share/classes/javax/security/auth/login/AccountExpiredException.java
View file

@ -1,5 +1,5 @@
/*
* Copyright (c) 1998, 2003, Oracle and/or its affiliates. All rights reserved.
* Copyright (c) 1998, 2013, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@ -29,9 +29,9 @@ package javax.security.auth.login;
* Signals that a user account has expired.
*
* <p> This exception is thrown by LoginModules when they determine
* that an account has expired. For example, a <code>LoginModule</code>,
* that an account has expired. For example, a {@code LoginModule},
* after successfully authenticating a user, may determine that the
* user's account has expired. In this case the <code>LoginModule</code>
* user's account has expired. In this case the {@code LoginModule}
* throws this exception to notify the application. The application can
* then take the appropriate steps to notify the user.
*

56
jdk/src/share/classes/javax/security/auth/login/AppConfigurationEntry.java
View file

@ -1,5 +1,5 @@
/*
* Copyright (c) 1998, 2010, Oracle and/or its affiliates. All rights reserved.
* Copyright (c) 1998, 2013, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@ -29,14 +29,14 @@ import java.util.Map;
import java.util.Collections;
/**
* This class represents a single <code>LoginModule</code> entry
* This class represents a single {@code LoginModule} entry
* configured for the application specified in the
* <code>getAppConfigurationEntry(String appName)</code>
* method in the <code>Configuration</code> class. Each respective
* <code>AppConfigurationEntry</code> contains a <code>LoginModule</code> name,
* a control flag (specifying whether this <code>LoginModule</code> is
* {@code getAppConfigurationEntry(String appName)}
* method in the {@code Configuration} class. Each respective
* {@code AppConfigurationEntry} contains a {@code LoginModule} name,
* a control flag (specifying whether this {@code LoginModule} is
* REQUIRED, REQUISITE, SUFFICIENT, or OPTIONAL), and LoginModule-specific
* options. Please refer to the <code>Configuration</code> class for
* options. Please refer to the {@code Configuration} class for
* more information on the different control flags and their semantics.
*
* @see javax.security.auth.login.Configuration
@ -50,25 +50,25 @@ public class AppConfigurationEntry {
/**
* Default constructor for this class.
*
* <p> This entry represents a single <code>LoginModule</code>
* <p> This entry represents a single {@code LoginModule}
* entry configured for the application specified in the
* <code>getAppConfigurationEntry(String appName)</code>
* method from the <code>Configuration</code> class.
* {@code getAppConfigurationEntry(String appName)}
* method from the {@code Configuration} class.
*
* @param loginModuleName String representing the class name of the
* <code>LoginModule</code> configured for the
* {@code LoginModule} configured for the
* specified application. <p>
*
* @param controlFlag either REQUIRED, REQUISITE, SUFFICIENT,
* or OPTIONAL. <p>
*
* @param options the options configured for this <code>LoginModule</code>.
* @param options the options configured for this {@code LoginModule}.
*
* @exception IllegalArgumentException if <code>loginModuleName</code>
* is null, if <code>LoginModuleName</code>
* has a length of 0, if <code>controlFlag</code>
* @exception IllegalArgumentException if {@code loginModuleName}
* is null, if {@code LoginModuleName}
* has a length of 0, if {@code controlFlag}
* is not either REQUIRED, REQUISITE, SUFFICIENT
* or OPTIONAL, or if <code>options</code> is null.
* or OPTIONAL, or if {@code options} is null.
*/
public AppConfigurationEntry(String loginModuleName,
LoginModuleControlFlag controlFlag,
@ -88,9 +88,9 @@ public class AppConfigurationEntry {
}
/**
* Get the class name of the configured <code>LoginModule</code>.
* Get the class name of the configured {@code LoginModule}.
*
* @return the class name of the configured <code>LoginModule</code> as
* @return the class name of the configured {@code LoginModule} as
* a String.
*/
public String getLoginModuleName() {
@ -100,28 +100,28 @@ public class AppConfigurationEntry {
/**
* Return the controlFlag
* (either REQUIRED, REQUISITE, SUFFICIENT, or OPTIONAL)
* for this <code>LoginModule</code>.
* for this {@code LoginModule}.
*
* @return the controlFlag
* (either REQUIRED, REQUISITE, SUFFICIENT, or OPTIONAL)
* for this <code>LoginModule</code>.
* for this {@code LoginModule}.
*/
public LoginModuleControlFlag getControlFlag() {
return controlFlag;
}
/**
* Get the options configured for this <code>LoginModule</code>.
* Get the options configured for this {@code LoginModule}.
*
* @return the options configured for this <code>LoginModule</code>
* as an unmodifiable <code>Map</code>.
* @return the options configured for this {@code LoginModule}
* as an unmodifiable {@code Map}.
*/
public Map<String,?> getOptions() {
return options;
}
/**
* This class represents whether or not a <code>LoginModule</code>
* This class represents whether or not a {@code LoginModule}
* is REQUIRED, REQUISITE, SUFFICIENT or OPTIONAL.
*/
public static class LoginModuleControlFlag {
@ -129,25 +129,25 @@ public class AppConfigurationEntry {
private String controlFlag;
/**
* Required <code>LoginModule</code>.
* Required {@code LoginModule}.
*/
public static final LoginModuleControlFlag REQUIRED =
new LoginModuleControlFlag("required");
/**
* Requisite <code>LoginModule</code>.
* Requisite {@code LoginModule}.
*/
public static final LoginModuleControlFlag REQUISITE =
new LoginModuleControlFlag("requisite");
/**
* Sufficient <code>LoginModule</code>.
* Sufficient {@code LoginModule}.
*/
public static final LoginModuleControlFlag SUFFICIENT =
new LoginModuleControlFlag("sufficient");
/**
* Optional <code>LoginModule</code>.
* Optional {@code LoginModule}.
*/
public static final LoginModuleControlFlag OPTIONAL =
new LoginModuleControlFlag("optional");

74
jdk/src/share/classes/javax/security/auth/login/Configuration.java
View file

@ -1,5 +1,5 @@
/*
* Copyright (c) 1998, 2012, Oracle and/or its affiliates. All rights reserved.
* Copyright (c) 1998, 2013, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@ -49,9 +49,9 @@ import sun.security.jca.GetInstance;
*
* <p> A login configuration contains the following information.
* Note that this example only represents the default syntax for the
* <code>Configuration</code>. Subclass implementations of this class
* {@code Configuration}. Subclass implementations of this class
* may implement alternative syntaxes and may retrieve the
* <code>Configuration</code> from any source such as files, databases,
* {@code Configuration} from any source such as files, databases,
* or servers.
*
* <pre>
@ -70,9 +70,9 @@ import sun.security.jca.GetInstance;
* };
* </pre>
*
* <p> Each entry in the <code>Configuration</code> is indexed via an
* <p> Each entry in the {@code Configuration} is indexed via an
* application name, <i>Name</i>, and contains a list of
* LoginModules configured for that application. Each <code>LoginModule</code>
* LoginModules configured for that application. Each {@code LoginModule}
* is specified via its fully qualified class name.
* Authentication proceeds down the module list in the exact order specified.
* If an application does not have specific entry,
@ -83,55 +83,55 @@ import sun.security.jca.GetInstance;
* valid values for <i>Flag</i> and their respective semantics:
*
* <pre>
* 1) Required - The <code>LoginModule</code> is required to succeed.
* 1) Required - The {@code LoginModule} is required to succeed.
* If it succeeds or fails, authentication still continues
* to proceed down the <code>LoginModule</code> list.
* to proceed down the {@code LoginModule} list.
*
* 2) Requisite - The <code>LoginModule</code> is required to succeed.
* 2) Requisite - The {@code LoginModule} is required to succeed.
* If it succeeds, authentication continues down the
* <code>LoginModule</code> list. If it fails,
* {@code LoginModule} list. If it fails,
* control immediately returns to the application
* (authentication does not proceed down the
* <code>LoginModule</code> list).
* {@code LoginModule} list).
*
* 3) Sufficient - The <code>LoginModule</code> is not required to
* 3) Sufficient - The {@code LoginModule} is not required to
* succeed. If it does succeed, control immediately
* returns to the application (authentication does not
* proceed down the <code>LoginModule</code> list).
* proceed down the {@code LoginModule} list).
* If it fails, authentication continues down the
* <code>LoginModule</code> list.
* {@code LoginModule} list.
*
* 4) Optional - The <code>LoginModule</code> is not required to
* 4) Optional - The {@code LoginModule} is not required to
* succeed. If it succeeds or fails,
* authentication still continues to proceed down the
* <code>LoginModule</code> list.
* {@code LoginModule} list.
* </pre>
*
* <p> The overall authentication succeeds only if all <i>Required</i> and
* <i>Requisite</i> LoginModules succeed. If a <i>Sufficient</i>
* <code>LoginModule</code> is configured and succeeds,
* {@code LoginModule} is configured and succeeds,
* then only the <i>Required</i> and <i>Requisite</i> LoginModules prior to
* that <i>Sufficient</i> <code>LoginModule</code> need to have succeeded for
* that <i>Sufficient</i> {@code LoginModule} need to have succeeded for
* the overall authentication to succeed. If no <i>Required</i> or
* <i>Requisite</i> LoginModules are configured for an application,
* then at least one <i>Sufficient</i> or <i>Optional</i>
* <code>LoginModule</code> must succeed.
* {@code LoginModule} must succeed.
*
* <p> <i>ModuleOptions</i> is a space separated list of
* <code>LoginModule</code>-specific values which are passed directly to
* {@code LoginModule}-specific values which are passed directly to
* the underlying LoginModules. Options are defined by the
* <code>LoginModule</code> itself, and control the behavior within it.
* For example, a <code>LoginModule</code> may define options to support
* {@code LoginModule} itself, and control the behavior within it.
* For example, a {@code LoginModule} may define options to support
* debugging/testing capabilities. The correct way to specify options in the
* <code>Configuration</code> is by using the following key-value pairing:
* {@code Configuration} is by using the following key-value pairing:
* <i>debug="true"</i>. The key and value should be separated by an
* 'equals' symbol, and the value should be surrounded by double quotes.
* If a String in the form, ${system.property}, occurs in the value,
* it will be expanded to the value of the system property.
* Note that there is no limit to the number of
* options a <code>LoginModule</code> may define.
* options a {@code LoginModule} may define.
*
* <p> The following represents an example <code>Configuration</code> entry
* <p> The following represents an example {@code Configuration} entry
* based on the syntax above:
*
* <pre>
@ -143,7 +143,7 @@ import sun.security.jca.GetInstance;
* };
* </pre>
*
* <p> This <code>Configuration</code> specifies that an application named,
* <p> This {@code Configuration} specifies that an application named,
* "Login", requires users to first authenticate to the
* <i>com.sun.security.auth.module.UnixLoginModule</i>, which is
* required to succeed. Even if the <i>UnixLoginModule</i>
@ -165,11 +165,11 @@ import sun.security.jca.GetInstance;
*
* <p> There is only one Configuration object installed in the runtime at any
* given time. A Configuration object can be installed by calling the
* <code>setConfiguration</code> method. The installed Configuration object
* can be obtained by calling the <code>getConfiguration</code> method.
* {@code setConfiguration} method. The installed Configuration object
* can be obtained by calling the {@code getConfiguration} method.
*
* <p> If no Configuration object has been installed in the runtime, a call to
* <code>getConfiguration</code> installs an instance of the default
* {@code getConfiguration} installs an instance of the default
* Configuration implementation (a default subclass implementation of this
* abstract class).
* The default Configuration implementation can be changed by setting the value
@ -178,7 +178,7 @@ import sun.security.jca.GetInstance;
*
* <p> Application code can directly subclass Configuration to provide a custom
* implementation. In addition, an instance of a Configuration object can be
* constructed by invoking one of the <code>getInstance</code> factory methods
* constructed by invoking one of the {@code getInstance} factory methods
* with a standard type. The default policy type is "JavaLoginConfig".
* See the Configuration section in the <a href=
* "{@docRoot}/../technotes/guides/security/StandardNames.html#Configuration">
@ -222,7 +222,7 @@ public abstract class Configuration {
* <p>
*
* @return the login Configuration. If a Configuration object was set
* via the <code>Configuration.setConfiguration</code> method,
* via the {@code Configuration.setConfiguration} method,
* then that object is returned. Otherwise, a default
* Configuration object is returned.
*
@ -286,14 +286,14 @@ public abstract class Configuration {
}
/**
* Set the login <code>Configuration</code>.
* Set the login {@code Configuration}.
*
* <p>
*
* @param configuration the new <code>Configuration</code>
* @param configuration the new {@code Configuration}
*
* @exception SecurityException if the current thread does not have
* Permission to set the <code>Configuration</code>.
* Permission to set the {@code Configuration}.
*
* @see #getConfiguration
*/
@ -505,7 +505,7 @@ public abstract class Configuration {
* Return the Provider of this Configuration.
*
* <p> This Configuration instance will only have a Provider if it
* was obtained via a call to <code>Configuration.getInstance</code>.
* was obtained via a call to {@code Configuration.getInstance}.
* Otherwise this method returns null.
*
* @return the Provider of this Configuration, or null.
@ -520,7 +520,7 @@ public abstract class Configuration {
* Return the type of this Configuration.
*
* <p> This Configuration instance will only have a type if it
* was obtained via a call to <code>Configuration.getInstance</code>.
* was obtained via a call to {@code Configuration.getInstance}.
* Otherwise this method returns null.
*
* @return the type of this Configuration, or null.
@ -535,7 +535,7 @@ public abstract class Configuration {
* Return Configuration parameters.
*
* <p> This Configuration instance will only have parameters if it
* was obtained via a call to <code>Configuration.getInstance</code>.
* was obtained via a call to {@code Configuration.getInstance}.
* Otherwise this method returns null.
*
* @return Configuration parameters, or null.
@ -567,7 +567,7 @@ public abstract class Configuration {
* <p> This method causes this Configuration object to refresh/reload its
* contents in an implementation-dependent manner.
* For example, if this Configuration object stores its entries in a file,
* calling <code>refresh</code> may cause the file to be re-read.
* calling {@code refresh} may cause the file to be re-read.
*
* <p> The default implementation of this method does nothing.
* This method should be overridden if a refresh operation is supported

10
jdk/src/share/classes/javax/security/auth/login/ConfigurationSpi.java
View file

@ -1,5 +1,5 @@
/*
* Copyright (c) 2005, Oracle and/or its affiliates. All rights reserved.
* Copyright (c) 2005, 2013, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@ -28,15 +28,15 @@ package javax.security.auth.login;
/**
* This class defines the <i>Service Provider Interface</i> (<b>SPI</b>)
* for the <code>Configuration</code> class.
* for the {@code Configuration} class.
* All the abstract methods in this class must be implemented by each
* service provider who wishes to supply a Configuration implementation.
*
* <p> Subclass implementations of this abstract class must provide
* a public constructor that takes a <code>Configuration.Parameters</code>
* a public constructor that takes a {@code Configuration.Parameters}
* object as an input parameter. This constructor also must throw
* an IllegalArgumentException if it does not understand the
* <code>Configuration.Parameters</code> input.
* {@code Configuration.Parameters} input.
*
*
* @since 1.6
@ -62,7 +62,7 @@ public abstract class ConfigurationSpi {
* <p> This method causes this Configuration object to refresh/reload its
* contents in an implementation-dependent manner.
* For example, if this Configuration object stores its entries in a file,
* calling <code>refresh</code> may cause the file to be re-read.
* calling {@code refresh} may cause the file to be re-read.
*
* <p> The default implementation of this method does nothing.
* This method should be overridden if a refresh operation is supported

12
jdk/src/share/classes/javax/security/auth/login/CredentialExpiredException.java
View file

@ -1,5 +1,5 @@
/*
* Copyright (c) 1998, 2003, Oracle and/or its affiliates. All rights reserved.
* Copyright (c) 1998, 2013, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@ -26,14 +26,14 @@
package javax.security.auth.login;
/**
* Signals that a <code>Credential</code> has expired.
* Signals that a {@code Credential} has expired.
*
* <p> This exception is thrown by LoginModules when they determine
* that a <code>Credential</code> has expired.
* For example, a <code>LoginModule</code> authenticating a user
* in its <code>login</code> method may determine that the user's
* that a {@code Credential} has expired.
* For example, a {@code LoginModule} authenticating a user
* in its {@code login} method may determine that the user's
* password, although entered correctly, has expired. In this case
* the <code>LoginModule</code> throws this exception to notify
* the {@code LoginModule} throws this exception to notify
* the application. The application can then take the appropriate
* steps to assist the user in updating the password.
*

4
jdk/src/share/classes/javax/security/auth/login/FailedLoginException.java
View file

@ -1,5 +1,5 @@
/*
* Copyright (c) 1998, 2003, Oracle and/or its affiliates. All rights reserved.
* Copyright (c) 1998, 2013, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@ -29,7 +29,7 @@ package javax.security.auth.login;
* Signals that user authentication failed.
*
* <p> This exception is thrown by LoginModules if authentication failed.
* For example, a <code>LoginModule</code> throws this exception if
* For example, a {@code LoginModule} throws this exception if
* the user entered an incorrect password.
*
*/

220
jdk/src/share/classes/javax/security/auth/login/LoginContext.java
View file

@ -1,5 +1,5 @@
/*
* Copyright (c) 1998, 2012, Oracle and/or its affiliates. All rights reserved.
* Copyright (c) 1998, 2013, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@ -41,11 +41,11 @@ import sun.security.util.PendingException;
import sun.security.util.ResourcesMgr;
/**
* <p> The <code>LoginContext</code> class describes the basic methods used
* <p> The {@code LoginContext} class describes the basic methods used
* to authenticate Subjects and provides a way to develop an
* application independent of the underlying authentication technology.
* A <code>Configuration</code> specifies the authentication technology, or
* <code>LoginModule</code>, to be used with a particular application.
* A {@code Configuration} specifies the authentication technology, or
* {@code LoginModule}, to be used with a particular application.
* Different LoginModules can be plugged in under an application
* without requiring any modifications to the application itself.
*
@ -57,36 +57,36 @@ import sun.security.util.ResourcesMgr;
* LoginModule under an application.
*
* <p> A typical caller instantiates a LoginContext with
* a <i>name</i> and a <code>CallbackHandler</code>.
* a <i>name</i> and a {@code CallbackHandler}.
* LoginContext uses the <i>name</i> as the index into a
* Configuration to determine which LoginModules should be used,
* and which ones must succeed in order for the overall authentication to
* succeed. The <code>CallbackHandler</code> is passed to the underlying
* succeed. The {@code CallbackHandler} is passed to the underlying
* LoginModules so they may communicate and interact with users
* (prompting for a username and password via a graphical user interface,
* for example).
*
* <p> Once the caller has instantiated a LoginContext,
* it invokes the <code>login</code> method to authenticate
* a <code>Subject</code>. The <code>login</code> method invokes
* it invokes the {@code login} method to authenticate
* a {@code Subject}. The {@code login} method invokes
* the configured modules to perform their respective types of authentication
* (username/password, smart card pin verification, etc.).
* Note that the LoginModules will not attempt authentication retries nor
* introduce delays if the authentication fails.
* Such tasks belong to the LoginContext caller.
*
* <p> If the <code>login</code> method returns without
* <p> If the {@code login} method returns without
* throwing an exception, then the overall authentication succeeded.
* The caller can then retrieve
* the newly authenticated Subject by invoking the
* <code>getSubject</code> method. Principals and Credentials associated
* {@code getSubject} method. Principals and Credentials associated
* with the Subject may be retrieved by invoking the Subject's
* respective <code>getPrincipals</code>, <code>getPublicCredentials</code>,
* and <code>getPrivateCredentials</code> methods.
* respective {@code getPrincipals}, {@code getPublicCredentials},
* and {@code getPrivateCredentials} methods.
*
* <p> To logout the Subject, the caller calls
* the <code>logout</code> method. As with the <code>login</code>
* method, this <code>logout</code> method invokes the <code>logout</code>
* the {@code logout} method. As with the {@code login}
* method, this {@code logout} method invokes the {@code logout}
* method for the configured modules.
*
* <p> A LoginContext should not be used to authenticate
@ -96,14 +96,14 @@ import sun.security.util.ResourcesMgr;
* <p> The following documentation applies to all LoginContext constructors:
* <ol>
*
* <li> <code>Subject</code>
* <li> {@code Subject}
* <ul>
* <li> If the constructor has a Subject
* input parameter, the LoginContext uses the caller-specified
* Subject object.
* <p>
* <li> If the caller specifies a <code>null</code> Subject
* and a <code>null</code> value is permitted,
* <li> If the caller specifies a {@code null} Subject
* and a {@code null} value is permitted,
* the LoginContext instantiates a new Subject.
* <p>
* <li> If the constructor does <b>not</b> have a Subject
@ -111,14 +111,14 @@ import sun.security.util.ResourcesMgr;
* <p>
* </ul>
*
* <li> <code>Configuration</code>
* <li> {@code Configuration}
* <ul>
* <li> If the constructor has a Configuration
* input parameter and the caller specifies a non-null Configuration,
* the LoginContext uses the caller-specified Configuration.
* <p>
* If the constructor does <b>not</b> have a Configuration
* input parameter, or if the caller specifies a <code>null</code>
* input parameter, or if the caller specifies a {@code null}
* Configuration object, the constructor uses the following call to
* get the installed Configuration:
* <pre>
@ -126,42 +126,42 @@ import sun.security.util.ResourcesMgr;
* </pre>
* For both cases,
* the <i>name</i> argument given to the constructor is passed to the
* <code>Configuration.getAppConfigurationEntry</code> method.
* {@code Configuration.getAppConfigurationEntry} method.
* If the Configuration has no entries for the specified <i>name</i>,
* then the <code>LoginContext</code> calls
* <code>getAppConfigurationEntry</code> with the name, "<i>other</i>"
* then the {@code LoginContext} calls
* {@code getAppConfigurationEntry} with the name, "<i>other</i>"
* (the default entry name). If there is no entry for "<i>other</i>",
* then a <code>LoginException</code> is thrown.
* then a {@code LoginException} is thrown.
* <p>
* <li> When LoginContext uses the installed Configuration, the caller
* requires the createLoginContext.<em>name</em> and possibly
* createLoginContext.other AuthPermissions. Furthermore, the
* LoginContext will invoke configured modules from within an
* <code>AccessController.doPrivileged</code> call so that modules that
* {@code AccessController.doPrivileged} call so that modules that
* perform security-sensitive tasks (such as connecting to remote hosts,
* and updating the Subject) will require the respective permissions, but
* the callers of the LoginContext will not require those permissions.
* <p>
* <li> When LoginContext uses a caller-specified Configuration, the caller
* does not require any createLoginContext AuthPermission. The LoginContext
* saves the <code>AccessControlContext</code> for the caller,
* saves the {@code AccessControlContext} for the caller,
* and invokes the configured modules from within an
* <tt>AccessController.doPrivileged</tt> call constrained by that context.
* {@code AccessController.doPrivileged} call constrained by that context.
* This means the caller context (stored when the LoginContext was created)
* must have sufficient permissions to perform any security-sensitive tasks
* that the modules may perform.
* <p>
* </ul>
*
* <li> <code>CallbackHandler</code>
* <li> {@code CallbackHandler}
* <ul>
* <li> If the constructor has a CallbackHandler
* input parameter, the LoginContext uses the caller-specified
* CallbackHandler object.
* <p>
* <li> If the constructor does <b>not</b> have a CallbackHandler
* input parameter, or if the caller specifies a <code>null</code>
* CallbackHandler object (and a <code>null</code> value is permitted),
* input parameter, or if the caller specifies a {@code null}
* CallbackHandler object (and a {@code null} value is permitted),
* the LoginContext queries the
* {@code auth.login.defaultCallbackHandler} security property for the
* fully qualified class name of a default handler
@ -177,10 +177,10 @@ import sun.security.util.ResourcesMgr;
* then this LoginContext must wrap any
* caller-specified or default CallbackHandler implementation
* in a new CallbackHandler implementation
* whose <code>handle</code> method implementation invokes the
* specified CallbackHandler's <code>handle</code> method in a
* <code>java.security.AccessController.doPrivileged</code> call
* constrained by the caller's current <code>AccessControlContext</code>.
* whose {@code handle} method implementation invokes the
* specified CallbackHandler's {@code handle} method in a
* {@code java.security.AccessController.doPrivileged} call
* constrained by the caller's current {@code AccessControlContext}.
* </ul>
* </ol>
*
@ -317,14 +317,14 @@ public class LoginContext {
}
/**
* Instantiate a new <code>LoginContext</code> object with a name.
* Instantiate a new {@code LoginContext} object with a name.
*
* @param name the name used as the index into the
* <code>Configuration</code>.
* {@code Configuration}.
*
* @exception LoginException if the caller-specified <code>name</code>
* does not appear in the <code>Configuration</code>
* and there is no <code>Configuration</code> entry
* @exception LoginException if the caller-specified {@code name}
* does not appear in the {@code Configuration}
* and there is no {@code Configuration} entry
* for "<i>other</i>", or if the
* <i>auth.login.defaultCallbackHandler</i>
* security property was set, but the implementation
@ -343,21 +343,21 @@ public class LoginContext {
}
/**
* Instantiate a new <code>LoginContext</code> object with a name
* and a <code>Subject</code> object.
* Instantiate a new {@code LoginContext} object with a name
* and a {@code Subject} object.
*
* <p>
*
* @param name the name used as the index into the
* <code>Configuration</code>. <p>
* {@code Configuration}. <p>
*
* @param subject the <code>Subject</code> to authenticate.
* @param subject the {@code Subject} to authenticate.
*
* @exception LoginException if the caller-specified <code>name</code>
* does not appear in the <code>Configuration</code>
* and there is no <code>Configuration</code> entry
* for "<i>other</i>", if the caller-specified <code>subject</code>
* is <code>null</code>, or if the
* @exception LoginException if the caller-specified {@code name}
* does not appear in the {@code Configuration}
* and there is no {@code Configuration} entry
* for "<i>other</i>", if the caller-specified {@code subject}
* is {@code null}, or if the
* <i>auth.login.defaultCallbackHandler</i>
* security property was set, but the implementation
* class could not be loaded.
@ -381,22 +381,22 @@ public class LoginContext {
}
/**
* Instantiate a new <code>LoginContext</code> object with a name
* and a <code>CallbackHandler</code> object.
* Instantiate a new {@code LoginContext} object with a name
* and a {@code CallbackHandler} object.
*
* <p>
*
* @param name the name used as the index into the
* <code>Configuration</code>. <p>
* {@code Configuration}. <p>
*
* @param callbackHandler the <code>CallbackHandler</code> object used by
* @param callbackHandler the {@code CallbackHandler} object used by
* LoginModules to communicate with the user.
*
* @exception LoginException if the caller-specified <code>name</code>
* does not appear in the <code>Configuration</code>
* and there is no <code>Configuration</code> entry
* @exception LoginException if the caller-specified {@code name}
* does not appear in the {@code Configuration}
* and there is no {@code Configuration} entry
* for "<i>other</i>", or if the caller-specified
* <code>callbackHandler</code> is <code>null</code>.
* {@code callbackHandler} is {@code null}.
* <p>
* @exception SecurityException if a SecurityManager is set and
* the caller does not have
@ -417,27 +417,27 @@ public class LoginContext {
}
/**
* Instantiate a new <code>LoginContext</code> object with a name,
* a <code>Subject</code> to be authenticated, and a
* <code>CallbackHandler</code> object.
* Instantiate a new {@code LoginContext} object with a name,
* a {@code Subject} to be authenticated, and a
* {@code CallbackHandler} object.
*
* <p>
*
* @param name the name used as the index into the
* <code>Configuration</code>. <p>
* {@code Configuration}. <p>
*
* @param subject the <code>Subject</code> to authenticate. <p>
* @param subject the {@code Subject} to authenticate. <p>
*
* @param callbackHandler the <code>CallbackHandler</code> object used by
* @param callbackHandler the {@code CallbackHandler} object used by
* LoginModules to communicate with the user.
*
* @exception LoginException if the caller-specified <code>name</code>
* does not appear in the <code>Configuration</code>
* and there is no <code>Configuration</code> entry
* @exception LoginException if the caller-specified {@code name}
* does not appear in the {@code Configuration}
* and there is no {@code Configuration} entry
* for "<i>other</i>", or if the caller-specified
* <code>subject</code> is <code>null</code>,
* {@code subject} is {@code null},
* or if the caller-specified
* <code>callbackHandler</code> is <code>null</code>.
* {@code callbackHandler} is {@code null}.
* <p>
* @exception SecurityException if a SecurityManager is set and
* the caller does not have
@ -458,34 +458,34 @@ public class LoginContext {
}
/**
* Instantiate a new <code>LoginContext</code> object with a name,
* a <code>Subject</code> to be authenticated,
* a <code>CallbackHandler</code> object, and a login
* <code>Configuration</code>.
* Instantiate a new {@code LoginContext} object with a name,
* a {@code Subject} to be authenticated,
* a {@code CallbackHandler} object, and a login
* {@code Configuration}.
*
* <p>
*
* @param name the name used as the index into the caller-specified
* <code>Configuration</code>. <p>
* {@code Configuration}. <p>
*
* @param subject the <code>Subject</code> to authenticate,
* or <code>null</code>. <p>
* @param subject the {@code Subject} to authenticate,
* or {@code null}. <p>
*
* @param callbackHandler the <code>CallbackHandler</code> object used by
* LoginModules to communicate with the user, or <code>null</code>.
* @param callbackHandler the {@code CallbackHandler} object used by
* LoginModules to communicate with the user, or {@code null}.
* <p>
*
* @param config the <code>Configuration</code> that lists the
* @param config the {@code Configuration} that lists the
* login modules to be called to perform the authentication,
* or <code>null</code>.
* or {@code null}.
*
* @exception LoginException if the caller-specified <code>name</code>
* does not appear in the <code>Configuration</code>
* and there is no <code>Configuration</code> entry
* @exception LoginException if the caller-specified {@code name}
* does not appear in the {@code Configuration}
* and there is no {@code Configuration} entry
* for "<i>other</i>".
* <p>
* @exception SecurityException if a SecurityManager is set,
* <i>config</i> is <code>null</code>,
* <i>config</i> is {@code null},
* and either the caller does not have
* AuthPermission("createLoginContext.<i>name</i>"),
* or if a configuration entry for <i>name</i> does not exist and
@ -522,46 +522,46 @@ public class LoginContext {
/**
* Perform the authentication.
*
* <p> This method invokes the <code>login</code> method for each
* <p> This method invokes the {@code login} method for each
* LoginModule configured for the <i>name</i> specified to the
* <code>LoginContext</code> constructor, as determined by the login
* <code>Configuration</code>. Each <code>LoginModule</code>
* {@code LoginContext} constructor, as determined by the login
* {@code Configuration}. Each {@code LoginModule}
* then performs its respective type of authentication
* (username/password, smart card pin verification, etc.).
*
* <p> This method completes a 2-phase authentication process by
* calling each configured LoginModule's <code>commit</code> method
* calling each configured LoginModule's {@code commit} method
* if the overall authentication succeeded (the relevant REQUIRED,
* REQUISITE, SUFFICIENT, and OPTIONAL LoginModules succeeded),
* or by calling each configured LoginModule's <code>abort</code> method
* or by calling each configured LoginModule's {@code abort} method
* if the overall authentication failed. If authentication succeeded,
* each successful LoginModule's <code>commit</code> method associates
* the relevant Principals and Credentials with the <code>Subject</code>.
* If authentication failed, each LoginModule's <code>abort</code> method
* each successful LoginModule's {@code commit} method associates
* the relevant Principals and Credentials with the {@code Subject}.
* If authentication failed, each LoginModule's {@code abort} method
* removes/destroys any previously stored state.
*
* <p> If the <code>commit</code> phase of the authentication process
* <p> If the {@code commit} phase of the authentication process
* fails, then the overall authentication fails and this method
* invokes the <code>abort</code> method for each configured
* <code>LoginModule</code>.
* invokes the {@code abort} method for each configured
* {@code LoginModule}.
*
* <p> If the <code>abort</code> phase
* <p> If the {@code abort} phase
* fails for any reason, then this method propagates the
* original exception thrown either during the <code>login</code> phase
* or the <code>commit</code> phase. In either case, the overall
* original exception thrown either during the {@code login} phase
* or the {@code commit} phase. In either case, the overall
* authentication fails.
*
* <p> In the case where multiple LoginModules fail,
* this method propagates the exception raised by the first
* <code>LoginModule</code> which failed.
* {@code LoginModule} which failed.
*
* <p> Note that if this method enters the <code>abort</code> phase
* (either the <code>login</code> or <code>commit</code> phase failed),
* <p> Note that if this method enters the {@code abort} phase
* (either the {@code login} or {@code commit} phase failed),
* this method invokes all LoginModules configured for the
* application regardless of their respective <code>Configuration</code>
* flag parameters. Essentially this means that <code>Requisite</code>
* and <code>Sufficient</code> semantics are ignored during the
* <code>abort</code> phase. This guarantees that proper cleanup
* application regardless of their respective {@code Configuration}
* flag parameters. Essentially this means that {@code Requisite}
* and {@code Sufficient} semantics are ignored during the
* {@code abort} phase. This guarantees that proper cleanup
* and state restoration can take place.
*
* <p>
@ -602,19 +602,19 @@ public class LoginContext {
}
/**
* Logout the <code>Subject</code>.
* Logout the {@code Subject}.
*
* <p> This method invokes the <code>logout</code> method for each
* <code>LoginModule</code> configured for this <code>LoginContext</code>.
* Each <code>LoginModule</code> performs its respective logout procedure
* <p> This method invokes the {@code logout} method for each
* {@code LoginModule} configured for this {@code LoginContext}.
* Each {@code LoginModule} performs its respective logout procedure
* which may include removing/destroying
* <code>Principal</code> and <code>Credential</code> information
* from the <code>Subject</code> and state cleanup.
* {@code Principal} and {@code Credential} information
* from the {@code Subject} and state cleanup.
*
* <p> Note that this method invokes all LoginModules configured for the
* application regardless of their respective
* <code>Configuration</code> flag parameters. Essentially this means
* that <code>Requisite</code> and <code>Sufficient</code> semantics are
* {@code Configuration} flag parameters. Essentially this means
* that {@code Requisite} and {@code Sufficient} semantics are
* ignored for this method. This guarantees that proper cleanup
* and state restoration can take place.
*

39
jdk/src/share/classes/javax/security/auth/login/package-info.java Normal file
View file

@ -0,0 +1,39 @@
/*
* Copyright (c) 2000, 2013, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
* under the terms of the GNU General Public License version 2 only, as
* published by the Free Software Foundation. Oracle designates this
* particular file as subject to the "Classpath" exception as provided
* by Oracle in the LICENSE file that accompanied this code.
*
* This code is distributed in the hope that it will be useful, but WITHOUT
* ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
* FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
* version 2 for more details (a copy is included in the LICENSE file that
* accompanied this code).
*
* You should have received a copy of the GNU General Public License version
* 2 along with this work; if not, write to the Free Software Foundation,
* Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
*
* Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
* or visit www.oracle.com if you need additional information or have any
* questions.
*/
/**
* This package provides a pluggable authentication framework.
* <h2>Package Specification</h2>
*
* <ul>
* <li><a href="{@docRoot}/../technotes/guides/security/StandardNames.html">
* <b>Java&trade;
* Cryptography Architecture Standard Algorithm Name
* Documentation</b></a></li>
* </ul>
*
* @since 1.4
*/
package javax.security.auth.login;

54
jdk/src/share/classes/javax/security/auth/login/package.html
View file

@ -1,54 +0,0 @@
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 3.2 Final//EN">
<html>
<head>
<!--
Copyright (c) 2000, 2011, Oracle and/or its affiliates. All rights reserved.
DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
This code is free software; you can redistribute it and/or modify it
under the terms of the GNU General Public License version 2 only, as
published by the Free Software Foundation. Oracle designates this
particular file as subject to the "Classpath" exception as provided
by Oracle in the LICENSE file that accompanied this code.
This code is distributed in the hope that it will be useful, but WITHOUT
ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
version 2 for more details (a copy is included in the LICENSE file that
accompanied this code).
You should have received a copy of the GNU General Public License version
2 along with this work; if not, write to the Free Software Foundation,
Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
or visit www.oracle.com if you need additional information or have any
questions.
-->
</head>
<body bgcolor="white">
This package provides a pluggable authentication framework.
<h2>Package Specification</h2>
<ul>
<li><a href="{@docRoot}/../technotes/guides/security/StandardNames.html">
<b>Java<FONT SIZE=-2><SUP>TM</SUP></FONT>
Cryptography Architecture Standard Algorithm Name
Documentation</b></a></li>
</ul>
<!--
<h2>Related Documentation</h2>
For overviews, tutorials, examples, guides, and tool documentation, please see:
<ul>
<li><a href="">##### REFER TO NON-SPEC DOCUMENTATION HERE #####</a>
</ul>
-->
@since 1.4
</body>
</html>

38
jdk/src/share/classes/javax/security/auth/package-info.java Normal file
View file

@ -0,0 +1,38 @@
/*
* Copyright (c) 2000, 2013, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
* under the terms of the GNU General Public License version 2 only, as
* published by the Free Software Foundation. Oracle designates this
* particular file as subject to the "Classpath" exception as provided
* by Oracle in the LICENSE file that accompanied this code.
*
* This code is distributed in the hope that it will be useful, but WITHOUT
* ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
* FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
* version 2 for more details (a copy is included in the LICENSE file that
* accompanied this code).
*
* You should have received a copy of the GNU General Public License version
* 2 along with this work; if not, write to the Free Software Foundation,
* Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
*
* Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
* or visit www.oracle.com if you need additional information or have any
* questions.
*/
/**
* This package provides a framework for authentication and
* authorization. The framework allows
* authentication to be performed in pluggable fashion. Different
* authentication modules can be plugged under an application without
* requiring modifications to the application itself. The
* authorization component allows specification of access controls
* based on code location, code signers and code executors
* (Subjects).
*
* @since JDK1.4
*/
package javax.security.auth;

61
jdk/src/share/classes/javax/security/auth/package.html
View file

@ -1,61 +0,0 @@
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 3.2 Final//EN">
<html>
<head>
<!--
Copyright (c) 2000, Oracle and/or its affiliates. All rights reserved.
DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
This code is free software; you can redistribute it and/or modify it
under the terms of the GNU General Public License version 2 only, as
published by the Free Software Foundation. Oracle designates this
particular file as subject to the "Classpath" exception as provided
by Oracle in the LICENSE file that accompanied this code.
This code is distributed in the hope that it will be useful, but WITHOUT
ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
version 2 for more details (a copy is included in the LICENSE file that
accompanied this code).
You should have received a copy of the GNU General Public License version
2 along with this work; if not, write to the Free Software Foundation,
Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
or visit www.oracle.com if you need additional information or have any
questions.
-->
</head>
<body bgcolor="white">
This package provides a framework for authentication and
authorization. The framework allows
authentication to be performed in pluggable fashion. Different
authentication modules can be plugged under an application without
requiring modifications to the application itself. The
authorization component allows specification of access controls
based on code location, code signers and code executors
(Subjects).
<!--
<h2>Package Specification</h2>
##### FILL IN ANY SPECS NEEDED BY JAVA COMPATIBILITY KIT #####
<ul>
<li><a href="">##### REFER TO ANY FRAMEMAKER SPECIFICATION HERE #####</a>
</ul>
<h2>Related Documentation</h2>
For overviews, tutorials, examples, guides, and tool documentation, please see:
<ul>
<li><a href="">##### REFER TO NON-SPEC DOCUMENTATION HERE #####</a>
</ul>
-->
@since JDK1.4
</body>
</html>

142
jdk/src/share/classes/javax/security/auth/spi/LoginModule.java
View file

@ -1,5 +1,5 @@
/*
* Copyright (c) 1998, 2004, Oracle and/or its affiliates. All rights reserved.
* Copyright (c) 1998, 2013, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@ -32,95 +32,95 @@ import javax.security.auth.login.*;
import java.util.Map;
/**
* <p> <code>LoginModule</code> describes the interface
* <p> {@code LoginModule} describes the interface
* implemented by authentication technology providers. LoginModules
* are plugged in under applications to provide a particular type of
* authentication.
*
* <p> While applications write to the <code>LoginContext</code> API,
* <p> While applications write to the {@code LoginContext} API,
* authentication technology providers implement the
* <code>LoginModule</code> interface.
* A <code>Configuration</code> specifies the LoginModule(s)
* {@code LoginModule} interface.
* A {@code Configuration} specifies the LoginModule(s)
* to be used with a particular login application. Therefore different
* LoginModules can be plugged in under the application without
* requiring any modifications to the application itself.
*
* <p> The <code>LoginContext</code> is responsible for reading the
* <code>Configuration</code> and instantiating the appropriate
* LoginModules. Each <code>LoginModule</code> is initialized with
* a <code>Subject</code>, a <code>CallbackHandler</code>, shared
* <code>LoginModule</code> state, and LoginModule-specific options.
* <p> The {@code LoginContext} is responsible for reading the
* {@code Configuration} and instantiating the appropriate
* LoginModules. Each {@code LoginModule} is initialized with
* a {@code Subject}, a {@code CallbackHandler}, shared
* {@code LoginModule} state, and LoginModule-specific options.
*
* The <code>Subject</code> represents the
* <code>Subject</code> currently being authenticated and is updated
* The {@code Subject} represents the
* {@code Subject} currently being authenticated and is updated
* with relevant Credentials if authentication succeeds.
* LoginModules use the <code>CallbackHandler</code> to
* communicate with users. The <code>CallbackHandler</code> may be
* LoginModules use the {@code CallbackHandler} to
* communicate with users. The {@code CallbackHandler} may be
* used to prompt for usernames and passwords, for example.
* Note that the <code>CallbackHandler</code> may be null. LoginModules
* which absolutely require a <code>CallbackHandler</code> to authenticate
* the <code>Subject</code> may throw a <code>LoginException</code>.
* Note that the {@code CallbackHandler} may be null. LoginModules
* which absolutely require a {@code CallbackHandler} to authenticate
* the {@code Subject} may throw a {@code LoginException}.
* LoginModules optionally use the shared state to share information
* or data among themselves.
*
* <p> The LoginModule-specific options represent the options
* configured for this <code>LoginModule</code> by an administrator or user
* in the login <code>Configuration</code>.
* The options are defined by the <code>LoginModule</code> itself
* configured for this {@code LoginModule} by an administrator or user
* in the login {@code Configuration}.
* The options are defined by the {@code LoginModule} itself
* and control the behavior within it. For example, a
* <code>LoginModule</code> may define options to support debugging/testing
* {@code LoginModule} may define options to support debugging/testing
* capabilities. Options are defined using a key-value syntax,
* such as <i>debug=true</i>. The <code>LoginModule</code>
* stores the options as a <code>Map</code> so that the values may
* such as <i>debug=true</i>. The {@code LoginModule}
* stores the options as a {@code Map} so that the values may
* be retrieved using the key. Note that there is no limit to the number
* of options a <code>LoginModule</code> chooses to define.
* of options a {@code LoginModule} chooses to define.
*
* <p> The calling application sees the authentication process as a single
* operation. However, the authentication process within the
* <code>LoginModule</code> proceeds in two distinct phases.
* {@code LoginModule} proceeds in two distinct phases.
* In the first phase, the LoginModule's
* <code>login</code> method gets invoked by the LoginContext's
* <code>login</code> method. The <code>login</code>
* method for the <code>LoginModule</code> then performs
* {@code login} method gets invoked by the LoginContext's
* {@code login} method. The {@code login}
* method for the {@code LoginModule} then performs
* the actual authentication (prompt for and verify a password for example)
* and saves its authentication status as private state
* information. Once finished, the LoginModule's <code>login</code>
* method either returns <code>true</code> (if it succeeded) or
* <code>false</code> (if it should be ignored), or throws a
* <code>LoginException</code> to specify a failure.
* In the failure case, the <code>LoginModule</code> must not retry the
* information. Once finished, the LoginModule's {@code login}
* method either returns {@code true} (if it succeeded) or
* {@code false} (if it should be ignored), or throws a
* {@code LoginException} to specify a failure.
* In the failure case, the {@code LoginModule} must not retry the
* authentication or introduce delays. The responsibility of such tasks
* belongs to the application. If the application attempts to retry
* the authentication, the LoginModule's <code>login</code> method will be
* the authentication, the LoginModule's {@code login} method will be
* called again.
*
* <p> In the second phase, if the LoginContext's overall authentication
* succeeded (the relevant REQUIRED, REQUISITE, SUFFICIENT and OPTIONAL
* LoginModules succeeded), then the <code>commit</code>
* method for the <code>LoginModule</code> gets invoked.
* The <code>commit</code> method for a <code>LoginModule</code> checks its
* LoginModules succeeded), then the {@code commit}
* method for the {@code LoginModule} gets invoked.
* The {@code commit} method for a {@code LoginModule} checks its
* privately saved state to see if its own authentication succeeded.
* If the overall <code>LoginContext</code> authentication succeeded
* If the overall {@code LoginContext} authentication succeeded
* and the LoginModule's own authentication succeeded, then the
* <code>commit</code> method associates the relevant
* {@code commit} method associates the relevant
* Principals (authenticated identities) and Credentials (authentication data
* such as cryptographic keys) with the <code>Subject</code>
* located within the <code>LoginModule</code>.
* such as cryptographic keys) with the {@code Subject}
* located within the {@code LoginModule}.
*
* <p> If the LoginContext's overall authentication failed (the relevant
* REQUIRED, REQUISITE, SUFFICIENT and OPTIONAL LoginModules did not succeed),
* then the <code>abort</code> method for each <code>LoginModule</code>
* gets invoked. In this case, the <code>LoginModule</code> removes/destroys
* then the {@code abort} method for each {@code LoginModule}
* gets invoked. In this case, the {@code LoginModule} removes/destroys
* any authentication state originally saved.
*
* <p> Logging out a <code>Subject</code> involves only one phase.
* The <code>LoginContext</code> invokes the LoginModule's <code>logout</code>
* method. The <code>logout</code> method for the <code>LoginModule</code>
* <p> Logging out a {@code Subject} involves only one phase.
* The {@code LoginContext} invokes the LoginModule's {@code logout}
* method. The {@code logout} method for the {@code LoginModule}
* then performs the logout procedures, such as removing Principals or
* Credentials from the <code>Subject</code> or logging session information.
* Credentials from the {@code Subject} or logging session information.
*
* <p> A <code>LoginModule</code> implementation must have a constructor with
* no arguments. This allows classes which load the <code>LoginModule</code>
* <p> A {@code LoginModule} implementation must have a constructor with
* no arguments. This allows classes which load the {@code LoginModule}
* to instantiate it.
*
* @see javax.security.auth.login.LoginContext
@ -131,38 +131,38 @@ public interface LoginModule {
/**
* Initialize this LoginModule.
*
* <p> This method is called by the <code>LoginContext</code>
* after this <code>LoginModule</code> has been instantiated.
* <p> This method is called by the {@code LoginContext}
* after this {@code LoginModule} has been instantiated.
* The purpose of this method is to initialize this
* <code>LoginModule</code> with the relevant information.
* If this <code>LoginModule</code> does not understand
* any of the data stored in <code>sharedState</code> or
* <code>options</code> parameters, they can be ignored.
* {@code LoginModule} with the relevant information.
* If this {@code LoginModule} does not understand
* any of the data stored in {@code sharedState} or
* {@code options} parameters, they can be ignored.
*
* <p>
*
* @param subject the <code>Subject</code> to be authenticated. <p>
* @param subject the {@code Subject} to be authenticated. <p>
*
* @param callbackHandler a <code>CallbackHandler</code> for communicating
* @param callbackHandler a {@code CallbackHandler} for communicating
* with the end user (prompting for usernames and
* passwords, for example). <p>
*
* @param sharedState state shared with other configured LoginModules. <p>
*
* @param options options specified in the login
* <code>Configuration</code> for this particular
* <code>LoginModule</code>.
* {@code Configuration} for this particular
* {@code LoginModule}.
*/
void initialize(Subject subject, CallbackHandler callbackHandler,
Map<String,?> sharedState,
Map<String,?> options);
/**
* Method to authenticate a <code>Subject</code> (phase 1).
* Method to authenticate a {@code Subject} (phase 1).
*
* <p> The implementation of this method authenticates
* a <code>Subject</code>. For example, it may prompt for
* <code>Subject</code> information such
* a {@code Subject}. For example, it may prompt for
* {@code Subject} information such
* as a username and password and then attempt to verify the password.
* This method saves the result of the authentication attempt
* as private state within the LoginModule.
@ -172,7 +172,7 @@ public interface LoginModule {
* @exception LoginException if the authentication fails
*
* @return true if the authentication succeeded, or false if this
* <code>LoginModule</code> should be ignored.
* {@code LoginModule} should be ignored.
*/
boolean login() throws LoginException;
@ -186,9 +186,9 @@ public interface LoginModule {
*
* <p> If this LoginModule's own authentication attempt
* succeeded (checked by retrieving the private state saved by the
* <code>login</code> method), then this method associates relevant
* Principals and Credentials with the <code>Subject</code> located in the
* <code>LoginModule</code>. If this LoginModule's own
* {@code login} method), then this method associates relevant
* Principals and Credentials with the {@code Subject} located in the
* {@code LoginModule}. If this LoginModule's own
* authentication attempted failed, then this method removes/destroys
* any state that was originally saved.
*
@ -197,7 +197,7 @@ public interface LoginModule {
* @exception LoginException if the commit fails
*
* @return true if this method succeeded, or false if this
* <code>LoginModule</code> should be ignored.
* {@code LoginModule} should be ignored.
*/
boolean commit() throws LoginException;
@ -211,7 +211,7 @@ public interface LoginModule {
*
* <p> If this LoginModule's own authentication attempt
* succeeded (checked by retrieving the private state saved by the
* <code>login</code> method), then this method cleans up any state
* {@code login} method), then this method cleans up any state
* that was originally saved.
*
* <p>
@ -219,12 +219,12 @@ public interface LoginModule {
* @exception LoginException if the abort fails
*
* @return true if this method succeeded, or false if this
* <code>LoginModule</code> should be ignored.
* {@code LoginModule} should be ignored.
*/
boolean abort() throws LoginException;
/**
* Method which logs out a <code>Subject</code>.
* Method which logs out a {@code Subject}.
*
* <p>An implementation of this method might remove/destroy a Subject's
* Principals and Credentials.
@ -234,7 +234,7 @@ public interface LoginModule {
* @exception LoginException if the logout fails
*
* @return true if this method succeeded, or false if this
* <code>LoginModule</code> should be ignored.
* {@code LoginModule} should be ignored.
*/
boolean logout() throws LoginException;
}

32
jdk/src/share/classes/javax/security/auth/spi/package-info.java Normal file
View file

@ -0,0 +1,32 @@
/*
* Copyright (c) 2000, 2013, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
* under the terms of the GNU General Public License version 2 only, as
* published by the Free Software Foundation. Oracle designates this
* particular file as subject to the "Classpath" exception as provided
* by Oracle in the LICENSE file that accompanied this code.
*
* This code is distributed in the hope that it will be useful, but WITHOUT
* ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
* FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
* version 2 for more details (a copy is included in the LICENSE file that
* accompanied this code).
*
* You should have received a copy of the GNU General Public License version
* 2 along with this work; if not, write to the Free Software Foundation,
* Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
*
* Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
* or visit www.oracle.com if you need additional information or have any
* questions.
*/
/**
* This package provides the interface to be used for
* implementing pluggable authentication modules.
*
* @since JDK1.4
*/
package javax.security.auth.spi;

53
jdk/src/share/classes/javax/security/auth/spi/package.html
View file

@ -1,53 +0,0 @@
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 3.2 Final//EN">
<html>
<head>
<!--
Copyright (c) 2000, Oracle and/or its affiliates. All rights reserved.
DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
This code is free software; you can redistribute it and/or modify it
under the terms of the GNU General Public License version 2 only, as
published by the Free Software Foundation. Oracle designates this
particular file as subject to the "Classpath" exception as provided
by Oracle in the LICENSE file that accompanied this code.
This code is distributed in the hope that it will be useful, but WITHOUT
ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
version 2 for more details (a copy is included in the LICENSE file that
accompanied this code).
You should have received a copy of the GNU General Public License version
2 along with this work; if not, write to the Free Software Foundation,
Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
or visit www.oracle.com if you need additional information or have any
questions.
-->
</head>
<body bgcolor="white">
This package provides the interface to be used for
implementing pluggable authentication modules.
<!--
<h2>Package Specification</h2>
##### FILL IN ANY SPECS NEEDED BY JAVA COMPATIBILITY KIT #####
<ul>
<li><a href="">##### REFER TO ANY FRAMEMAKER SPECIFICATION HERE #####</a>
</ul>
<h2>Related Documentation</h2>
For overviews, tutorials, examples, guides, and tool documentation, please see:
<ul>
<li><a href="">##### REFER TO NON-SPEC DOCUMENTATION HERE #####</a>
</ul>
-->
@since JDK1.4
</body>
</html>

110
jdk/src/share/classes/javax/security/auth/x500/X500Principal.java
View file

@ -1,5 +1,5 @@
/*
* Copyright (c) 2000, 2012, Oracle and/or its affiliates. All rights reserved.
* Copyright (c) 2000, 2013, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@ -33,8 +33,8 @@ import sun.security.x509.X500Name;
import sun.security.util.*;
/**
* <p> This class represents an X.500 <code>Principal</code>.
* <code>X500Principal</code>s are represented by distinguished names such as
* <p> This class represents an X.500 {@code Principal}.
* {@code X500Principal}s are represented by distinguished names such as
* "CN=Duke, OU=JavaSoft, O=Sun Microsystems, C=US".
*
* <p> This class can be instantiated by using a string representation
@ -50,12 +50,12 @@ import sun.security.util.*;
* <a href="http://www.ietf.org/rfc/rfc3280.txt">RFC 3280: Internet X.509
* Public Key Infrastructure Certificate and CRL Profile</a>.
*
* <p> The string representation for this <code>X500Principal</code>
* can be obtained by calling the <code>getName</code> methods.
* <p> The string representation for this {@code X500Principal}
* can be obtained by calling the {@code getName} methods.
*
* <p> Note that the <code>getSubjectX500Principal</code> and
* <code>getIssuerX500Principal</code> methods of
* <code>X509Certificate</code> return X500Principals representing the
* <p> Note that the {@code getSubjectX500Principal} and
* {@code getIssuerX500Principal} methods of
* {@code X509Certificate} return X500Principals representing the
* issuer and subject fields of the certificate.
*
* @see java.security.cert.X509Certificate
@ -97,7 +97,7 @@ public final class X500Principal implements Principal, java.io.Serializable {
}
/**
* Creates an <code>X500Principal</code> from a string representation of
* Creates an {@code X500Principal} from a string representation of
* an X.500 distinguished name (ex:
* "CN=Duke, OU=JavaSoft, O=Sun Microsystems, C=US").
* The distinguished name must be specified using the grammar defined in
@ -119,9 +119,9 @@ public final class X500Principal implements Principal, java.io.Serializable {
* <p>{@code numericoid = number 1*( DOT number ) }
*
* @param name an X.500 distinguished name in RFC 1779 or RFC 2253 format
* @exception NullPointerException if the <code>name</code>
* is <code>null</code>
* @exception IllegalArgumentException if the <code>name</code>
* @exception NullPointerException if the {@code name}
* is {@code null}
* @exception IllegalArgumentException if the {@code name}
* is improperly specified
*/
public X500Principal(String name) {
@ -129,7 +129,7 @@ public final class X500Principal implements Principal, java.io.Serializable {
}
/**
* Creates an <code>X500Principal</code> from a string representation of
* Creates an {@code X500Principal} from a string representation of
* an X.500 distinguished name (ex:
* "CN=Duke, OU=JavaSoft, O=Sun Microsystems, C=US").
* The distinguished name must be specified using the grammar defined in
@ -137,13 +137,13 @@ public final class X500Principal implements Principal, java.io.Serializable {
*
* <p> This constructor recognizes the attribute type keywords specified
* in {@link #X500Principal(String)} and also recognizes additional
* keywords that have entries in the <code>keywordMap</code> parameter.
* keywords that have entries in the {@code keywordMap} parameter.
* Keyword entries in the keywordMap take precedence over the default
* keywords recognized by <code>X500Principal(String)</code>. Keywords
* keywords recognized by {@code X500Principal(String)}. Keywords
* MUST be specified in all upper-case, otherwise they will be ignored.
* Improperly specified keywords are ignored; however if a keyword in the
* name maps to an improperly specified Object Identifier (OID), an
* <code>IllegalArgumentException</code> is thrown. It is permissible to
* {@code IllegalArgumentException} is thrown. It is permissible to
* have 2 different keywords that map to the same OID.
*
* <p>This implementation enforces a more restrictive OID syntax than
@ -157,11 +157,11 @@ public final class X500Principal implements Principal, java.io.Serializable {
* @param keywordMap an attribute type keyword map, where each key is a
* keyword String that maps to a corresponding object identifier in String
* form (a sequence of nonnegative integers separated by periods). The map
* may be empty but never <code>null</code>.
* @exception NullPointerException if <code>name</code> or
* <code>keywordMap</code> is <code>null</code>
* @exception IllegalArgumentException if the <code>name</code> is
* improperly specified or a keyword in the <code>name</code> maps to an
* may be empty but never {@code null}.
* @exception NullPointerException if {@code name} or
* {@code keywordMap} is {@code null}
* @exception IllegalArgumentException if the {@code name} is
* improperly specified or a keyword in the {@code name} maps to an
* OID that is not in the correct form
* @since 1.6
*/
@ -188,10 +188,10 @@ public final class X500Principal implements Principal, java.io.Serializable {
}
/**
* Creates an <code>X500Principal</code> from a distinguished name in
* Creates an {@code X500Principal} from a distinguished name in
* ASN.1 DER encoded form. The ASN.1 notation for this structure is as
* follows.
* <pre><code>
* <pre>{@code
* Name ::= CHOICE {
* RDNSequence }
*
@ -214,7 +214,7 @@ public final class X500Principal implements Principal, java.io.Serializable {
* universalString UniversalString (SIZE (1..MAX)),
* utf8String UTF8String (SIZE (1.. MAX)),
* bmpString BMPString (SIZE (1..MAX)) }
* </code></pre>
* }</pre>
*
* @param name a byte array containing the distinguished name in ASN.1
* DER encoded form
@ -233,7 +233,7 @@ public final class X500Principal implements Principal, java.io.Serializable {
}
/**
* Creates an <code>X500Principal</code> from an <code>InputStream</code>
* Creates an {@code X500Principal} from an {@code InputStream}
* containing the distinguished name in ASN.1 DER encoded form.
* The ASN.1 notation for this structure is supplied in the
* documentation for
@ -242,11 +242,11 @@ public final class X500Principal implements Principal, java.io.Serializable {
* <p> The read position of the input stream is positioned
* to the next available byte after the encoded distinguished name.
*
* @param is an <code>InputStream</code> containing the distinguished
* @param is an {@code InputStream} containing the distinguished
* name in ASN.1 DER encoded form
*
* @exception NullPointerException if the <code>InputStream</code>
* is <code>null</code>
* @exception NullPointerException if the {@code InputStream}
* is {@code null}
* @exception IllegalArgumentException if an encoding error occurs
* (incorrect form for DN)
*/
@ -284,9 +284,9 @@ public final class X500Principal implements Principal, java.io.Serializable {
* the format defined in RFC 2253.
*
* <p>This method is equivalent to calling
* <code>getName(X500Principal.RFC2253)</code>.
* {@code getName(X500Principal.RFC2253)}.
*
* @return the distinguished name of this <code>X500Principal</code>
* @return the distinguished name of this {@code X500Principal}
*/
public String getName() {
return getName(X500Principal.RFC2253);
@ -338,9 +338,9 @@ public final class X500Principal implements Principal, java.io.Serializable {
* those which section 2.4 of RFC 2253 states must be escaped
* (they are escaped using a preceding backslash character)
* <li> The entire name is converted to upper case
* using <code>String.toUpperCase(Locale.US)</code>
* using {@code String.toUpperCase(Locale.US)}
* <li> The entire name is converted to lower case
* using <code>String.toLowerCase(Locale.US)</code>
* using {@code String.toLowerCase(Locale.US)}
* <li> The name is finally normalized using normalization form KD,
* as described in the Unicode Standard and UAX #15
* </ol>
@ -349,7 +349,7 @@ public final class X500Principal implements Principal, java.io.Serializable {
*
* @param format the format to use
*
* @return a string representation of this <code>X500Principal</code>
* @return a string representation of this {@code X500Principal}
* using the specified format
* @throws IllegalArgumentException if the specified format is invalid
* or null
@ -371,16 +371,16 @@ public final class X500Principal implements Principal, java.io.Serializable {
* Returns a string representation of the X.500 distinguished name
* using the specified format. Valid values for the format are
* "RFC1779" and "RFC2253" (case insensitive). "CANONICAL" is not
* permitted and an <code>IllegalArgumentException</code> will be thrown.
* permitted and an {@code IllegalArgumentException} will be thrown.
*
* <p>This method returns Strings in the format as specified in
* {@link #getName(String)} and also emits additional attribute type
* keywords for OIDs that have entries in the <code>oidMap</code>
* keywords for OIDs that have entries in the {@code oidMap}
* parameter. OID entries in the oidMap take precedence over the default
* OIDs recognized by <code>getName(String)</code>.
* OIDs recognized by {@code getName(String)}.
* Improperly specified OIDs are ignored; however if an OID
* in the name maps to an improperly specified keyword, an
* <code>IllegalArgumentException</code> is thrown.
* {@code IllegalArgumentException} is thrown.
*
* <p> Additional standard formats may be introduced in the future.
*
@ -393,12 +393,12 @@ public final class X500Principal implements Principal, java.io.Serializable {
* @param oidMap an OID map, where each key is an object identifier in
* String form (a sequence of nonnegative integers separated by periods)
* that maps to a corresponding attribute type keyword String.
* The map may be empty but never <code>null</code>.
* @return a string representation of this <code>X500Principal</code>
* The map may be empty but never {@code null}.
* @return a string representation of this {@code X500Principal}
* using the specified format
* @throws IllegalArgumentException if the specified format is invalid,
* null, or an OID in the name maps to an improperly specified keyword
* @throws NullPointerException if <code>oidMap</code> is <code>null</code>
* @throws NullPointerException if {@code oidMap} is {@code null}
* @since 1.6
*/
public String getName(String format, Map<String, String> oidMap) {
@ -438,31 +438,31 @@ public final class X500Principal implements Principal, java.io.Serializable {
/**
* Return a user-friendly string representation of this
* <code>X500Principal</code>.
* {@code X500Principal}.
*
* @return a string representation of this <code>X500Principal</code>
* @return a string representation of this {@code X500Principal}
*/
public String toString() {
return thisX500Name.toString();
}
/**
* Compares the specified <code>Object</code> with this
* <code>X500Principal</code> for equality.
* Compares the specified {@code Object} with this
* {@code X500Principal} for equality.
*
* <p> Specifically, this method returns <code>true</code> if
* the <code>Object</code> <i>o</i> is an <code>X500Principal</code>
* <p> Specifically, this method returns {@code true} if
* the {@code Object} <i>o</i> is an {@code X500Principal}
* and if the respective canonical string representations
* (obtained via the <code>getName(X500Principal.CANONICAL)</code> method)
* (obtained via the {@code getName(X500Principal.CANONICAL)} method)
* of this object and <i>o</i> are equal.
*
* <p> This implementation is compliant with the requirements of RFC 3280.
*
* @param o Object to be compared for equality with this
* <code>X500Principal</code>
* {@code X500Principal}
*
* @return <code>true</code> if the specified <code>Object</code> is equal
* to this <code>X500Principal</code>, <code>false</code> otherwise
* @return {@code true} if the specified {@code Object} is equal
* to this {@code X500Principal}, {@code false} otherwise
*/
public boolean equals(Object o) {
if (this == o) {
@ -476,12 +476,12 @@ public final class X500Principal implements Principal, java.io.Serializable {
}
/**
* Return a hash code for this <code>X500Principal</code>.
* Return a hash code for this {@code X500Principal}.
*
* <p> The hash code is calculated via:
* <code>getName(X500Principal.CANONICAL).hashCode()</code>
* {@code getName(X500Principal.CANONICAL).hashCode()}
*
* @return a hash code for this <code>X500Principal</code>
* @return a hash code for this {@code X500Principal}
*/
public int hashCode() {
return thisX500Name.hashCode();
@ -490,9 +490,9 @@ public final class X500Principal implements Principal, java.io.Serializable {
/**
* Save the X500Principal object to a stream.
*
* @serialData this <code>X500Principal</code> is serialized
* @serialData this {@code X500Principal} is serialized
* by writing out its DER-encoded form
* (the value of <code>getEncoded</code> is serialized).
* (the value of {@code getEncoded} is serialized).
*/
private void writeObject(java.io.ObjectOutputStream s)
throws IOException {

12
jdk/src/share/classes/javax/security/auth/x500/X500PrivateCredential.java
View file

@ -1,5 +1,5 @@
/*
* Copyright (c) 2000, 2001, Oracle and/or its affiliates. All rights reserved.
* Copyright (c) 2000, 2013, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@ -30,7 +30,7 @@ import java.security.cert.X509Certificate;
import javax.security.auth.Destroyable;
/**
* <p> This class represents an <code>X500PrivateCredential</code>.
* <p> This class represents an {@code X500PrivateCredential}.
* It associates an X.509 certificate, corresponding private key and the
* KeyStore alias used to reference that exact key pair in the KeyStore.
* This enables looking up the private credentials for an X.500 principal
@ -48,8 +48,8 @@ public final class X500PrivateCredential implements Destroyable {
* <p>
* @param cert X509Certificate
* @param key PrivateKey for the certificate
* @exception IllegalArgumentException if either <code>cert</code> or
* <code>key</code> is null
* @exception IllegalArgumentException if either {@code cert} or
* {@code key} is null
*
*/
@ -68,8 +68,8 @@ public final class X500PrivateCredential implements Destroyable {
* @param cert X509Certificate
* @param key PrivateKey for the certificate
* @param alias KeyStore alias
* @exception IllegalArgumentException if either <code>cert</code>,
* <code>key</code> or <code>alias</code> is null
* @exception IllegalArgumentException if either {@code cert},
* {@code key} or {@code alias} is null
*
*/
public X500PrivateCredential(X509Certificate cert, PrivateKey key,

49
jdk/src/share/classes/javax/security/auth/x500/package-info.java Normal file
View file

@ -0,0 +1,49 @@
/*
* Copyright (c) 2000, 2013, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
* under the terms of the GNU General Public License version 2 only, as
* published by the Free Software Foundation. Oracle designates this
* particular file as subject to the "Classpath" exception as provided
* by Oracle in the LICENSE file that accompanied this code.
*
* This code is distributed in the hope that it will be useful, but WITHOUT
* ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
* FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
* version 2 for more details (a copy is included in the LICENSE file that
* accompanied this code).
*
* You should have received a copy of the GNU General Public License version
* 2 along with this work; if not, write to the Free Software Foundation,
* Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
*
* Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
* or visit www.oracle.com if you need additional information or have any
* questions.
*/
/**
* This package contains the classes that should be used to store
* X500 Principal and X500 Private Credentials in a
* <i>Subject</i>.
*
* <h2>Package Specification</h2>
*
* <ul>
* <li><a href="http://www.ietf.org/rfc/rfc1779.txt">
* RFC 1779: A String Representation of Distinguished Names</a></li>
* <li><a href="http://www.ietf.org/rfc/rfc2253.txt">
* RFC 2253: Lightweight Directory Access Protocol (v3):
* UTF-8 String Representation of Distinguished Names</a></li>
* <li><a href="http://www.ietf.org/rfc/rfc3280.txt">
* RFC 3280: Internet X.509 Public Key Infrastructure
* Certificate and Certificate Revocation List (CRL) Profile</a></li>
* <li><a href="http://www.ietf.org/rfc/rfc4512.txt">
* RFC 4512: Lightweight Directory Access Protocol (LDAP):
* Directory Information Models</a></li>
* </ul>
*
* @since JDK1.4
*/
package javax.security.auth.x500;

64
jdk/src/share/classes/javax/security/auth/x500/package.html
View file

@ -1,64 +0,0 @@
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 3.2 Final//EN">
<html>
<head>
<!--
Copyright (c) 2000, 2012, Oracle and/or its affiliates. All rights reserved.
DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
This code is free software; you can redistribute it and/or modify it
under the terms of the GNU General Public License version 2 only, as
published by the Free Software Foundation. Oracle designates this
particular file as subject to the "Classpath" exception as provided
by Oracle in the LICENSE file that accompanied this code.
This code is distributed in the hope that it will be useful, but WITHOUT
ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
version 2 for more details (a copy is included in the LICENSE file that
accompanied this code).
You should have received a copy of the GNU General Public License version
2 along with this work; if not, write to the Free Software Foundation,
Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
or visit www.oracle.com if you need additional information or have any
questions.
-->
</head>
<body bgcolor="white">
This package contains the classes that should be used to store
X500 Principal and X500 Private Credentials in a
<i>Subject</i>.
<h2>Package Specification</h2>
<ul>
<li><a href="http://www.ietf.org/rfc/rfc1779.txt">
RFC 1779: A String Representation of Distinguished Names</a></li>
<li><a href="http://www.ietf.org/rfc/rfc2253.txt">
RFC 2253: Lightweight Directory Access Protocol (v3):
UTF-8 String Representation of Distinguished Names</a></li>
<li><a href="http://www.ietf.org/rfc/rfc3280.txt">
RFC 3280: Internet X.509 Public Key Infrastructure
Certificate and Certificate Revocation List (CRL) Profile</a></li>
<li><a href="http://www.ietf.org/rfc/rfc4512.txt">
RFC 4512: Lightweight Directory Access Protocol (LDAP):
Directory Information Models</a></li>
</ul>
<!--
<h2>Related Documentation</h2>
For overviews, tutorials, examples, guides, and tool documentation, please see:
<ul>
<li><a href="">##### REFER TO NON-SPEC DOCUMENTATION HERE #####</a>
</ul>
-->
@since JDK1.4
</body>
</html>

10
jdk/src/share/classes/javax/security/cert/Certificate.java
View file

@ -1,5 +1,5 @@
/*
* Copyright (c) 1997, 2006, Oracle and/or its affiliates. All rights reserved.
* Copyright (c) 1997, 2013, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@ -49,11 +49,11 @@ import java.security.SignatureException;
* sets of information, and they store and retrieve the information in
* different ways.
*
* <p><em>Note: The classes in the package <code>javax.security.cert</code>
* <p><em>Note: The classes in the package {@code javax.security.cert}
* exist for compatibility with earlier versions of the
* Java Secure Sockets Extension (JSSE). New applications should instead
* use the standard Java SE certificate classes located in
* <code>java.security.cert</code>.</em></p>
* {@code java.security.cert}.</em></p>
*
* @since 1.4
* @see X509Certificate
@ -64,8 +64,8 @@ public abstract class Certificate {
/**
* Compares this certificate for equality with the specified
* object. If the <code>other</code> object is an
* <code>instanceof</code> <code>Certificate</code>, then
* object. If the {@code other} object is an
* {@code instanceof} {@code Certificate}, then
* its encoded form is retrieved and compared with the
* encoded form of this certificate.
*

6
jdk/src/share/classes/javax/security/cert/CertificateEncodingException.java
View file

@ -1,5 +1,5 @@
/*
* Copyright (c) 1997, 2011, Oracle and/or its affiliates. All rights reserved.
* Copyright (c) 1997, 2013, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@ -30,11 +30,11 @@ package javax.security.cert;
* Certificate Encoding Exception. This is thrown whenever an error
* occurs whilst attempting to encode a certificate.
*
* <p><em>Note: The classes in the package <code>javax.security.cert</code>
* <p><em>Note: The classes in the package {@code javax.security.cert}
* exist for compatibility with earlier versions of the
* Java Secure Sockets Extension (JSSE). New applications should instead
* use the standard Java SE certificate classes located in
* <code>java.security.cert</code>.</em></p>
* {@code java.security.cert}.</em></p>
*
* @since 1.4
* @author Hemma Prafullchandra

6
jdk/src/share/classes/javax/security/cert/CertificateException.java
View file

@ -1,5 +1,5 @@
/*
* Copyright (c) 1996, 2011, Oracle and/or its affiliates. All rights reserved.
* Copyright (c) 1996, 2013, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@ -29,11 +29,11 @@ package javax.security.cert;
/**
* This exception indicates one of a variety of certificate problems.
*
* <p><em>Note: The classes in the package <code>javax.security.cert</code>
* <p><em>Note: The classes in the package {@code javax.security.cert}
* exist for compatibility with earlier versions of the
* Java Secure Sockets Extension (JSSE). New applications should instead
* use the standard Java SE certificate classes located in
* <code>java.security.cert</code>.</em></p>
* {@code java.security.cert}.</em></p>
*
* @author Hemma Prafullchandra
* @since 1.4

10
jdk/src/share/classes/javax/security/cert/CertificateExpiredException.java
View file

@ -1,5 +1,5 @@
/*
* Copyright (c) 1997, 2011, Oracle and/or its affiliates. All rights reserved.
* Copyright (c) 1997, 2013, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@ -28,15 +28,15 @@ package javax.security.cert;
/**
* Certificate Expired Exception. This is thrown whenever the current
* <code>Date</code> or the specified <code>Date</code> is after the
* <code>notAfter</code> date/time specified in the validity period
* {@code Date} or the specified {@code Date} is after the
* {@code notAfter} date/time specified in the validity period
* of the certificate.
*
* <p><em>Note: The classes in the package <code>javax.security.cert</code>
* <p><em>Note: The classes in the package {@code javax.security.cert}
* exist for compatibility with earlier versions of the
* Java Secure Sockets Extension (JSSE). New applications should instead
* use the standard Java SE certificate classes located in
* <code>java.security.cert</code>.</em></p>
* {@code java.security.cert}.</em></p>
*
* @since 1.4
* @author Hemma Prafullchandra

10
jdk/src/share/classes/javax/security/cert/CertificateNotYetValidException.java
View file

@ -1,5 +1,5 @@
/*
* Copyright (c) 1997, 2011, Oracle and/or its affiliates. All rights reserved.
* Copyright (c) 1997, 2013, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@ -28,15 +28,15 @@ package javax.security.cert;
/**
* Certificate is not yet valid exception. This is thrown whenever
* the current <code>Date</code> or the specified <code>Date</code>
* is before the <code>notBefore</code> date/time in the Certificate
* the current {@code Date} or the specified {@code Date}
* is before the {@code notBefore} date/time in the Certificate
* validity period.
*
* <p><em>Note: The classes in the package <code>javax.security.cert</code>
* <p><em>Note: The classes in the package {@code javax.security.cert}
* exist for compatibility with earlier versions of the
* Java Secure Sockets Extension (JSSE). New applications should instead
* use the standard Java SE certificate classes located in
* <code>java.security.cert</code>.</em></p>
* {@code java.security.cert}.</em></p>
*
* @since 1.4
* @author Hemma Prafullchandra

6
jdk/src/share/classes/javax/security/cert/CertificateParsingException.java
View file

@ -1,5 +1,5 @@
/*
* Copyright (c) 1997, 2011, Oracle and/or its affiliates. All rights reserved.
* Copyright (c) 1997, 2013, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@ -31,11 +31,11 @@ package javax.security.cert;
* invalid DER encoded certificate is parsed or unsupported DER features
* are found in the Certificate.
*
* <p><em>Note: The classes in the package <code>javax.security.cert</code>
* <p><em>Note: The classes in the package {@code javax.security.cert}
* exist for compatibility with earlier versions of the
* Java Secure Sockets Extension (JSSE). New applications should instead
* use the standard Java SE certificate classes located in
* <code>java.security.cert</code>.</em></p>
* {@code java.security.cert}.</em></p>
*
* @since 1.4
* @author Hemma Prafullchandra

42
jdk/src/share/classes/javax/security/cert/X509Certificate.java
View file

@ -70,7 +70,7 @@ import java.util.Date;
* CA certificates are either signed by themselves, or by some other
* CA such as a "root" CA.
* <p>
* The ASN.1 definition of <code>tbsCertificate</code> is:
* The ASN.1 definition of {@code tbsCertificate} is:
* <pre>
* TBSCertificate ::= SEQUENCE {
* version [0] EXPLICIT Version DEFAULT v1,
@ -113,11 +113,11 @@ import java.util.Date;
* initialization time and will fallback on a default implementation if
* the Security property is not accessible.
*
* <p><em>Note: The classes in the package <code>javax.security.cert</code>
* <p><em>Note: The classes in the package {@code javax.security.cert}
* exist for compatibility with earlier versions of the
* Java Secure Sockets Extension (JSSE). New applications should instead
* use the standard Java SE certificate classes located in
* <code>java.security.cert</code>.</em></p>
* {@code java.security.cert}.</em></p>
*
* @author Hemma Prafullchandra
* @since 1.4
@ -150,7 +150,7 @@ public abstract class X509Certificate extends Certificate {
/**
* Instantiates an X509Certificate object, and initializes it with
* the data read from the input stream <code>inStream</code>.
* the data read from the input stream {@code inStream}.
* The implementation (X509Certificate is an abstract class) is
* provided by the class specified as the value of the
* {@code cert.provider.x509v1} security property.
@ -191,7 +191,7 @@ public abstract class X509Certificate extends Certificate {
* @param certData a byte array containing the DER-encoded
* certificate.
* @return an X509Certificate object initialized with the data
* from <code>certData</code>.
* from {@code certData}.
* @exception CertificateException if a class initialization
* or certificate parsing error occurs.
*/
@ -281,16 +281,16 @@ public abstract class X509Certificate extends Certificate {
* @param date the Date to check against to see if this certificate
* is valid at that date/time.
* @exception CertificateExpiredException if the certificate has expired
* with respect to the <code>date</code> supplied.
* with respect to the {@code date} supplied.
* @exception CertificateNotYetValidException if the certificate is not
* yet valid with respect to the <code>date</code> supplied.
* yet valid with respect to the {@code date} supplied.
* @see #checkValidity()
*/
public abstract void checkValidity(Date date)
throws CertificateExpiredException, CertificateNotYetValidException;
/**
* Gets the <code>version</code> (version number) value from the
* Gets the {@code version} (version number) value from the
* certificate. The ASN.1 definition for this is:
* <pre>
* version [0] EXPLICIT Version DEFAULT v1
@ -303,7 +303,7 @@ public abstract class X509Certificate extends Certificate {
public abstract int getVersion();
/**
* Gets the <code>serialNumber</code> value from the certificate.
* Gets the {@code serialNumber} value from the certificate.
* The serial number is an integer assigned by the certification
* authority to each certificate. It must be unique for each
* certificate issued by a given CA (i.e., the issuer name and
@ -320,7 +320,7 @@ public abstract class X509Certificate extends Certificate {
public abstract BigInteger getSerialNumber();
/**
* Gets the <code>issuer</code> (issuer distinguished name) value from
* Gets the {@code issuer} (issuer distinguished name) value from
* the certificate. The issuer name identifies the entity that signed (and
* issued) the certificate.
*
@ -341,27 +341,27 @@ public abstract class X509Certificate extends Certificate {
* AttributeType ::= OBJECT IDENTIFIER
* AttributeValue ::= ANY
* </pre>
* The <code>Name</code> describes a hierarchical name composed of
* The {@code Name} describes a hierarchical name composed of
* attributes, such as country name, and corresponding values, such as US.
* The type of the <code>AttributeValue</code> component is determined by
* the <code>AttributeType</code>; in general it will be a
* <code>directoryString</code>. A <code>directoryString</code> is usually
* one of <code>PrintableString</code>,
* <code>TeletexString</code> or <code>UniversalString</code>.
* The type of the {@code AttributeValue} component is determined by
* the {@code AttributeType}; in general it will be a
* {@code directoryString}. A {@code directoryString} is usually
* one of {@code PrintableString},
* {@code TeletexString} or {@code UniversalString}.
*
* @return a Principal whose name is the issuer distinguished name.
*/
public abstract Principal getIssuerDN();
/**
* Gets the <code>subject</code> (subject distinguished name) value
* Gets the {@code subject} (subject distinguished name) value
* from the certificate.
* The ASN.1 definition for this is:
* <pre>
* subject Name
* </pre>
*
* <p>See {@link #getIssuerDN() getIssuerDN} for <code>Name</code>
* <p>See {@link #getIssuerDN() getIssuerDN} for {@code Name}
* and other relevant definitions.
*
* @return a Principal whose name is the subject name.
@ -370,7 +370,7 @@ public abstract class X509Certificate extends Certificate {
public abstract Principal getSubjectDN();
/**
* Gets the <code>notBefore</code> date from the validity period of
* Gets the {@code notBefore} date from the validity period of
* the certificate.
* The relevant ASN.1 definitions are:
* <pre>
@ -391,7 +391,7 @@ public abstract class X509Certificate extends Certificate {
public abstract Date getNotBefore();
/**
* Gets the <code>notAfter</code> date from the validity period of
* Gets the {@code notAfter} date from the validity period of
* the certificate. See {@link #getNotBefore() getNotBefore}
* for relevant ASN.1 definitions.
*
@ -415,7 +415,7 @@ public abstract class X509Certificate extends Certificate {
* -- algorithm object identifier value
* </pre>
*
* <p>The algorithm name is determined from the <code>algorithm</code>
* <p>The algorithm name is determined from the {@code algorithm}
* OID string.
*
* @return the signature algorithm name.

40
jdk/src/share/classes/javax/security/cert/package-info.java Normal file
View file

@ -0,0 +1,40 @@
/*
* Copyright (c) 1999, 2013, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
* under the terms of the GNU General Public License version 2 only, as
* published by the Free Software Foundation. Oracle designates this
* particular file as subject to the "Classpath" exception as provided
* by Oracle in the LICENSE file that accompanied this code.
*
* This code is distributed in the hope that it will be useful, but WITHOUT
* ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
* FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
* version 2 for more details (a copy is included in the LICENSE file that
* accompanied this code).
*
* You should have received a copy of the GNU General Public License version
* 2 along with this work; if not, write to the Free Software Foundation,
* Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
*
* Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
* or visit www.oracle.com if you need additional information or have any
* questions.
*/
/**
* Provides classes for public key certificates.
*
* These classes include a simplified version of the
* java.security.cert package. These classes were developed
* as part of the Java Secure Socket
* Extension (JSSE). When JSSE was added to the J2SE version 1.4, this
* package was added for backward-compatibility reasons only.
*
* New applications should not use this package, but rather
* java.security.cert.
*
* @since 1.4
*/
package javax.security.cert;

65
jdk/src/share/classes/javax/security/cert/package.html
View file

@ -1,65 +0,0 @@
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 3.2 Final//EN">
<html>
<head>
<!--
Copyright (c) 1999, 2006, Oracle and/or its affiliates. All rights reserved.
DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
This code is free software; you can redistribute it and/or modify it
under the terms of the GNU General Public License version 2 only, as
published by the Free Software Foundation. Oracle designates this
particular file as subject to the "Classpath" exception as provided
by Oracle in the LICENSE file that accompanied this code.
This code is distributed in the hope that it will be useful, but WITHOUT
ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
version 2 for more details (a copy is included in the LICENSE file that
accompanied this code).
You should have received a copy of the GNU General Public License version
2 along with this work; if not, write to the Free Software Foundation,
Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
or visit www.oracle.com if you need additional information or have any
questions.
-->
</head>
<body bgcolor="white">
Provides classes for public key certificates.
<P>
These classes include a simplified version of the
java.security.cert package. These classes were developed
as part of the Java Secure Socket
Extension (JSSE). When JSSE was added to the J2SE version 1.4, this
package was added for backward-compatibility reasons only.
<P>
New applications should not use this package, but rather
java.security.cert.
<!--
<h2>Package Specification</h2>
##### FILL IN ANY SPECS NEEDED BY JAVA COMPATIBILITY KIT #####
<ul>
<li><a href="">##### REFER TO ANY FRAMEMAKER SPECIFICATION HERE #####</a>
</ul>
<h2>Related Documentation</h2>
For overviews, tutorials, examples, guides, and tool documentation, please see:
<ul>
<li><a href="">##### REFER TO NON-SPEC DOCUMENTATION HERE #####</a>
</ul>
-->
@since 1.4
</body>
</html>

8
jdk/src/share/classes/javax/security/sasl/AuthenticationException.java
View file

@ -1,5 +1,5 @@
/*
* Copyright (c) 2003, Oracle and/or its affiliates. All rights reserved.
* Copyright (c) 2003, 2013, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@ -45,7 +45,7 @@ package javax.security.sasl;
*/
public class AuthenticationException extends SaslException {
/**
* Constructs a new instance of <tt>AuthenticationException</tt>.
* Constructs a new instance of {@code AuthenticationException}.
* The root exception and the detailed message are null.
*/
public AuthenticationException () {
@ -53,7 +53,7 @@ public class AuthenticationException extends SaslException {
}
/**
* Constructs a new instance of <tt>AuthenticationException</tt>
* Constructs a new instance of {@code AuthenticationException}
* with a detailed message.
* The root exception is null.
* @param detail A possibly null string containing details of the exception.
@ -65,7 +65,7 @@ public class AuthenticationException extends SaslException {
}
/**
* Constructs a new instance of <tt>AuthenticationException</tt> with a detailed message
* Constructs a new instance of {@code AuthenticationException} with a detailed message
* and a root exception.
*
* @param detail A possibly null string containing details of the exception.

12
jdk/src/share/classes/javax/security/sasl/AuthorizeCallback.java
View file

@ -1,5 +1,5 @@
/*
* Copyright (c) 2000, 2004, Oracle and/or its affiliates. All rights reserved.
* Copyright (c) 2000, 2013, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@ -28,7 +28,7 @@ package javax.security.sasl;
import javax.security.auth.callback.Callback;
/**
* This callback is used by <tt>SaslServer</tt> to determine whether
* This callback is used by {@code SaslServer} to determine whether
* one entity (identified by an authenticated authentication id)
* can act on
* behalf of another entity (identified by an authorization id).
@ -66,7 +66,7 @@ public class AuthorizeCallback implements Callback, java.io.Serializable {
private boolean authorized;
/**
* Constructs an instance of <tt>AuthorizeCallback</tt>.
* Constructs an instance of {@code AuthorizeCallback}.
*
* @param authnID The (authenticated) authentication id.
* @param authzID The authorization id.
@ -96,7 +96,7 @@ public class AuthorizeCallback implements Callback, java.io.Serializable {
* Determines whether the authentication id is allowed to
* act on behalf of the authorization id.
*
* @return <tt>true</tt> if authorization is allowed; <tt>false</tt> otherwise
* @return {@code true} if authorization is allowed; {@code false} otherwise
* @see #setAuthorized(boolean)
* @see #getAuthorizedID()
*/
@ -106,7 +106,7 @@ public class AuthorizeCallback implements Callback, java.io.Serializable {
/**
* Sets whether the authorization is allowed.
* @param ok <tt>true</tt> if authorization is allowed; <tt>false</tt> otherwise
* @param ok {@code true} if authorization is allowed; {@code false} otherwise
* @see #isAuthorized
* @see #setAuthorizedID(java.lang.String)
*/
@ -116,7 +116,7 @@ public class AuthorizeCallback implements Callback, java.io.Serializable {
/**
* Returns the id of the authorized user.
* @return The id of the authorized user. <tt>null</tt> means the
* @return The id of the authorized user. {@code null} means the
* authorization failed.
* @see #setAuthorized(boolean)
* @see #setAuthorizedID(java.lang.String)

14
jdk/src/share/classes/javax/security/sasl/RealmCallback.java
View file

@ -1,5 +1,5 @@
/*
* Copyright (c) 2000, 2003, Oracle and/or its affiliates. All rights reserved.
* Copyright (c) 2000, 2013, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@ -28,7 +28,7 @@ package javax.security.sasl;
import javax.security.auth.callback.TextInputCallback;
/**
* This callback is used by <tt>SaslClient</tt> and <tt>SaslServer</tt>
* This callback is used by {@code SaslClient} and {@code SaslServer}
* to retrieve realm information.
*
* @since 1.5
@ -39,10 +39,10 @@ import javax.security.auth.callback.TextInputCallback;
public class RealmCallback extends TextInputCallback {
/**
* Constructs a <tt>RealmCallback</tt> with a prompt.
* Constructs a {@code RealmCallback} with a prompt.
*
* @param prompt The non-null prompt to use to request the realm information.
* @throws IllegalArgumentException If <tt>prompt</tt> is null or
* @throws IllegalArgumentException If {@code prompt} is null or
* the empty string.
*/
public RealmCallback(String prompt) {
@ -50,14 +50,14 @@ public class RealmCallback extends TextInputCallback {
}
/**
* Constructs a <tt>RealmCallback</tt> with a prompt and default
* Constructs a {@code RealmCallback} with a prompt and default
* realm information.
*
* @param prompt The non-null prompt to use to request the realm information.
* @param defaultRealmInfo The non-null default realm information to use.
* @throws IllegalArgumentException If <tt>prompt</tt> is null or
* @throws IllegalArgumentException If {@code prompt} is null or
* the empty string,
* or if <tt>defaultRealm</tt> is empty or null.
* or if {@code defaultRealm} is empty or null.
*/
public RealmCallback(String prompt, String defaultRealmInfo) {
super(prompt, defaultRealmInfo);

16
jdk/src/share/classes/javax/security/sasl/RealmChoiceCallback.java
View file

@ -1,5 +1,5 @@
/*
* Copyright (c) 2000, 2003, Oracle and/or its affiliates. All rights reserved.
* Copyright (c) 2000, 2013, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@ -28,7 +28,7 @@ package javax.security.sasl;
import javax.security.auth.callback.ChoiceCallback;
/**
* This callback is used by <tt>SaslClient</tt> and <tt>SaslServer</tt>
* This callback is used by {@code SaslClient} and {@code SaslServer}
* to obtain a realm given a list of realm choices.
*
* @since 1.5
@ -39,19 +39,19 @@ import javax.security.auth.callback.ChoiceCallback;
public class RealmChoiceCallback extends ChoiceCallback {
/**
* Constructs a <tt>RealmChoiceCallback</tt> with a prompt, a list of
* Constructs a {@code RealmChoiceCallback} with a prompt, a list of
* choices and a default choice.
*
* @param prompt the non-null prompt to use to request the realm.
* @param choices the non-null list of realms to choose from.
* @param defaultChoice the choice to be used as the default choice
* when the list of choices is displayed. It is an index into
* the <tt>choices</tt> arary.
* the {@code choices} arary.
* @param multiple true if multiple choices allowed; false otherwise
* @throws IllegalArgumentException If <tt>prompt</tt> is null or the empty string,
* if <tt>choices</tt> has a length of 0, if any element from
* <tt>choices</tt> is null or empty, or if <tt>defaultChoice</tt>
* does not fall within the array boundary of <tt>choices</tt>
* @throws IllegalArgumentException If {@code prompt} is null or the empty string,
* if {@code choices} has a length of 0, if any element from
* {@code choices} is null or empty, or if {@code defaultChoice}
* does not fall within the array boundary of {@code choices}
*/
public RealmChoiceCallback(String prompt, String[]choices,
int defaultChoice, boolean multiple) {

188
jdk/src/share/classes/javax/security/sasl/Sasl.java
View file

@ -1,5 +1,5 @@
/*
* Copyright (c) 1999, 2012, Oracle and/or its affiliates. All rights reserved.
* Copyright (c) 1999, 2013, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@ -72,15 +72,15 @@ public class Sasl {
* of quality-of-protection values that the
* client or server is willing to support. A qop value is one of
* <ul>
* <li><tt>"auth"</tt> - authentication only</li>
* <li><tt>"auth-int"</tt> - authentication plus integrity protection</li>
* <li><tt>"auth-conf"</tt> - authentication plus integrity and confidentiality
* <li>{@code "auth"} - authentication only</li>
* <li>{@code "auth-int"} - authentication plus integrity protection</li>
* <li>{@code "auth-conf"} - authentication plus integrity and confidentiality
* protection</li>
* </ul>
*
* The order of the list specifies the preference order of the client or
* server. If this property is absent, the default qop is <tt>"auth"</tt>.
* The value of this constant is <tt>"javax.security.sasl.qop"</tt>.
* server. If this property is absent, the default qop is {@code "auth"}.
* The value of this constant is {@code "javax.security.sasl.qop"}.
*/
public static final String QOP = "javax.security.sasl.qop";
@ -90,9 +90,9 @@ public class Sasl {
* of cipher strength values that
* the client or server is willing to support. A strength value is one of
* <ul>
* <li><tt>"low"</tt></li>
* <li><tt>"medium"</tt></li>
* <li><tt>"high"</tt></li>
* <li>{@code "low"}</li>
* <li>{@code "medium"}</li>
* <li>{@code "high"}</li>
* </ul>
* The order of the list specifies the preference order of the client or
* server. An implementation should allow configuration of the meaning
@ -101,19 +101,19 @@ public class Sasl {
* cipher suites that match the strength values.
* <BR>
* If this property is absent, the default strength is
* <tt>"high,medium,low"</tt>.
* The value of this constant is <tt>"javax.security.sasl.strength"</tt>.
* {@code "high,medium,low"}.
* The value of this constant is {@code "javax.security.sasl.strength"}.
*/
public static final String STRENGTH = "javax.security.sasl.strength";
/**
* The name of a property that specifies whether the
* server must authenticate to the client. The property contains
* <tt>"true"</tt> if the server must
* authenticate the to client; <tt>"false"</tt> otherwise.
* The default is <tt>"false"</tt>.
* {@code "true"} if the server must
* authenticate the to client; {@code "false"} otherwise.
* The default is {@code "false"}.
* <br>The value of this constant is
* <tt>"javax.security.sasl.server.authentication"</tt>.
* {@code "javax.security.sasl.server.authentication"}.
*/
public static final String SERVER_AUTH =
"javax.security.sasl.server.authentication";
@ -125,28 +125,28 @@ public class Sasl {
* The property contains the bound host name after the authentication
* exchange has completed. It is only available on the server side.
* <br>The value of this constant is
* <tt>"javax.security.sasl.bound.server.name"</tt>.
* {@code "javax.security.sasl.bound.server.name"}.
*/
public static final String BOUND_SERVER_NAME =
"javax.security.sasl.bound.server.name";
/**
* The name of a property that specifies the maximum size of the receive
* buffer in bytes of <tt>SaslClient</tt>/<tt>SaslServer</tt>.
* buffer in bytes of {@code SaslClient}/{@code SaslServer}.
* The property contains the string representation of an integer.
* <br>If this property is absent, the default size
* is defined by the mechanism.
* <br>The value of this constant is <tt>"javax.security.sasl.maxbuffer"</tt>.
* <br>The value of this constant is {@code "javax.security.sasl.maxbuffer"}.
*/
public static final String MAX_BUFFER = "javax.security.sasl.maxbuffer";
/**
* The name of a property that specifies the maximum size of the raw send
* buffer in bytes of <tt>SaslClient</tt>/<tt>SaslServer</tt>.
* buffer in bytes of {@code SaslClient}/{@code SaslServer}.
* The property contains the string representation of an integer.
* The value of this property is negotiated between the client and server
* during the authentication exchange.
* <br>The value of this constant is <tt>"javax.security.sasl.rawsendsize"</tt>.
* <br>The value of this constant is {@code "javax.security.sasl.rawsendsize"}.
*/
public static final String RAW_SEND_SIZE = "javax.security.sasl.rawsendsize";
@ -181,11 +181,11 @@ public class Sasl {
* The name of a property that specifies
* whether mechanisms susceptible to simple plain passive attacks (e.g.,
* "PLAIN") are not permitted. The property
* contains <tt>"true"</tt> if such mechanisms are not permitted;
* <tt>"false"</tt> if such mechanisms are permitted.
* The default is <tt>"false"</tt>.
* contains {@code "true"} if such mechanisms are not permitted;
* {@code "false"} if such mechanisms are permitted.
* The default is {@code "false"}.
* <br>The value of this constant is
* <tt>"javax.security.sasl.policy.noplaintext"</tt>.
* {@code "javax.security.sasl.policy.noplaintext"}.
*/
public static final String POLICY_NOPLAINTEXT =
"javax.security.sasl.policy.noplaintext";
@ -194,12 +194,12 @@ public class Sasl {
* The name of a property that specifies whether
* mechanisms susceptible to active (non-dictionary) attacks
* are not permitted.
* The property contains <tt>"true"</tt>
* The property contains {@code "true"}
* if mechanisms susceptible to active attacks
* are not permitted; <tt>"false"</tt> if such mechanisms are permitted.
* The default is <tt>"false"</tt>.
* are not permitted; {@code "false"} if such mechanisms are permitted.
* The default is {@code "false"}.
* <br>The value of this constant is
* <tt>"javax.security.sasl.policy.noactive"</tt>.
* {@code "javax.security.sasl.policy.noactive"}.
*/
public static final String POLICY_NOACTIVE =
"javax.security.sasl.policy.noactive";
@ -207,26 +207,26 @@ public class Sasl {
/**
* The name of a property that specifies whether
* mechanisms susceptible to passive dictionary attacks are not permitted.
* The property contains <tt>"true"</tt>
* The property contains {@code "true"}
* if mechanisms susceptible to dictionary attacks are not permitted;
* <tt>"false"</tt> if such mechanisms are permitted.
* The default is <tt>"false"</tt>.
* {@code "false"} if such mechanisms are permitted.
* The default is {@code "false"}.
*<br>
* The value of this constant is
* <tt>"javax.security.sasl.policy.nodictionary"</tt>.
* {@code "javax.security.sasl.policy.nodictionary"}.
*/
public static final String POLICY_NODICTIONARY =
"javax.security.sasl.policy.nodictionary";
/**
* The name of a property that specifies whether mechanisms that accept
* anonymous login are not permitted. The property contains <tt>"true"</tt>
* anonymous login are not permitted. The property contains {@code "true"}
* if mechanisms that accept anonymous login are not permitted;
* <tt>"false"</tt>
* if such mechanisms are permitted. The default is <tt>"false"</tt>.
* {@code "false"}
* if such mechanisms are permitted. The default is {@code "false"}.
*<br>
* The value of this constant is
* <tt>"javax.security.sasl.policy.noanonymous"</tt>.
* {@code "javax.security.sasl.policy.noanonymous"}.
*/
public static final String POLICY_NOANONYMOUS =
"javax.security.sasl.policy.noanonymous";
@ -237,12 +237,12 @@ public class Sasl {
* means that breaking into one session will not automatically
* provide information for breaking into future sessions.
* The property
* contains <tt>"true"</tt> if mechanisms that implement forward secrecy
* between sessions are required; <tt>"false"</tt> if such mechanisms
* are not required. The default is <tt>"false"</tt>.
* contains {@code "true"} if mechanisms that implement forward secrecy
* between sessions are required; {@code "false"} if such mechanisms
* are not required. The default is {@code "false"}.
*<br>
* The value of this constant is
* <tt>"javax.security.sasl.policy.forward"</tt>.
* {@code "javax.security.sasl.policy.forward"}.
*/
public static final String POLICY_FORWARD_SECRECY =
"javax.security.sasl.policy.forward";
@ -250,12 +250,12 @@ public class Sasl {
/**
* The name of a property that specifies whether
* mechanisms that pass client credentials are required. The property
* contains <tt>"true"</tt> if mechanisms that pass
* client credentials are required; <tt>"false"</tt>
* if such mechanisms are not required. The default is <tt>"false"</tt>.
* contains {@code "true"} if mechanisms that pass
* client credentials are required; {@code "false"}
* if such mechanisms are not required. The default is {@code "false"}.
*<br>
* The value of this constant is
* <tt>"javax.security.sasl.policy.credentials"</tt>.
* {@code "javax.security.sasl.policy.credentials"}.
*/
public static final String POLICY_PASS_CREDENTIALS =
"javax.security.sasl.policy.credentials";
@ -269,38 +269,38 @@ public class Sasl {
* supports delegated authentication.
*<br>
* The value of this constant is
* <tt>"javax.security.sasl.credentials"</tt>.
* {@code "javax.security.sasl.credentials"}.
*/
public static final String CREDENTIALS = "javax.security.sasl.credentials";
/**
* Creates a <tt>SaslClient</tt> using the parameters supplied.
* Creates a {@code SaslClient} using the parameters supplied.
*
* This method uses the
<a href="{@docRoot}/../technotes/guides/security/crypto/CryptoSpec.html#Provider">JCA Security Provider Framework</a>, described in the
* "Java Cryptography Architecture API Specification &amp; Reference", for
* locating and selecting a <tt>SaslClient</tt> implementation.
* locating and selecting a {@code SaslClient} implementation.
*
* First, it
* obtains an ordered list of <tt>SaslClientFactory</tt> instances from
* obtains an ordered list of {@code SaslClientFactory} instances from
* the registered security providers for the "SaslClientFactory" service
* and the specified SASL mechanism(s). It then invokes
* <tt>createSaslClient()</tt> on each factory instance on the list
* until one produces a non-null <tt>SaslClient</tt> instance. It returns
* the non-null <tt>SaslClient</tt> instance, or null if the search fails
* to produce a non-null <tt>SaslClient</tt> instance.
* {@code createSaslClient()} on each factory instance on the list
* until one produces a non-null {@code SaslClient} instance. It returns
* the non-null {@code SaslClient} instance, or null if the search fails
* to produce a non-null {@code SaslClient} instance.
*<p>
* A security provider for SaslClientFactory registers with the
* JCA Security Provider Framework keys of the form <br>
* <tt>SaslClientFactory.<em>mechanism_name</em></tt>
* {@code SaslClientFactory.}<em>{@code mechanism_name}</em>
* <br>
* and values that are class names of implementations of
* <tt>javax.security.sasl.SaslClientFactory</tt>.
* {@code javax.security.sasl.SaslClientFactory}.
*
* For example, a provider that contains a factory class,
* <tt>com.wiz.sasl.digest.ClientFactory</tt>, that supports the
* {@code com.wiz.sasl.digest.ClientFactory}, that supports the
* "DIGEST-MD5" mechanism would register the following entry with the JCA:
* <tt>SaslClientFactory.DIGEST-MD5 com.wiz.sasl.digest.ClientFactory</tt>
* {@code SaslClientFactory.DIGEST-MD5 com.wiz.sasl.digest.ClientFactory}
*<p>
* See the
* "Java Cryptography Architecture API Specification &amp; Reference"
@ -325,9 +325,9 @@ public class Sasl {
* @param props The possibly null set of properties used to
* select the SASL mechanism and to configure the authentication
* exchange of the selected mechanism.
* For example, if <tt>props</tt> contains the
* <code>Sasl.POLICY_NOPLAINTEXT</code> property with the value
* <tt>"true"</tt>, then the selected
* For example, if {@code props} contains the
* {@code Sasl.POLICY_NOPLAINTEXT} property with the value
* {@code "true"}, then the selected
* SASL mechanism must not be susceptible to simple plain passive attacks.
* In addition to the standard properties declared in this class,
* other, possibly mechanism-specific, properties can be included.
@ -338,16 +338,16 @@ public class Sasl {
* mechanisms to get further information from the application/library
* to complete the authentication. For example, a SASL mechanism might
* require the authentication ID, password and realm from the caller.
* The authentication ID is requested by using a <tt>NameCallback</tt>.
* The password is requested by using a <tt>PasswordCallback</tt>.
* The realm is requested by using a <tt>RealmChoiceCallback</tt> if there is a list
* of realms to choose from, and by using a <tt>RealmCallback</tt> if
* The authentication ID is requested by using a {@code NameCallback}.
* The password is requested by using a {@code PasswordCallback}.
* The realm is requested by using a {@code RealmChoiceCallback} if there is a list
* of realms to choose from, and by using a {@code RealmCallback} if
* the realm must be entered.
*
*@return A possibly null <tt>SaslClient</tt> created using the parameters
* supplied. If null, cannot find a <tt>SaslClientFactory</tt>
*@return A possibly null {@code SaslClient} created using the parameters
* supplied. If null, cannot find a {@code SaslClientFactory}
* that will produce one.
*@exception SaslException If cannot create a <tt>SaslClient</tt> because
*@exception SaslException If cannot create a {@code SaslClient} because
* of an error.
*/
public static SaslClient createSaslClient(
@ -423,34 +423,34 @@ public class Sasl {
/**
* Creates a <tt>SaslServer</tt> for the specified mechanism.
* Creates a {@code SaslServer} for the specified mechanism.
*
* This method uses the
<a href="{@docRoot}/../technotes/guides/security/crypto/CryptoSpec.html#Provider">JCA Security Provider Framework</a>,
* described in the
* "Java Cryptography Architecture API Specification &amp; Reference", for
* locating and selecting a <tt>SaslServer</tt> implementation.
* locating and selecting a {@code SaslServer} implementation.
*
* First, it
* obtains an ordered list of <tt>SaslServerFactory</tt> instances from
* obtains an ordered list of {@code SaslServerFactory} instances from
* the registered security providers for the "SaslServerFactory" service
* and the specified mechanism. It then invokes
* <tt>createSaslServer()</tt> on each factory instance on the list
* until one produces a non-null <tt>SaslServer</tt> instance. It returns
* the non-null <tt>SaslServer</tt> instance, or null if the search fails
* to produce a non-null <tt>SaslServer</tt> instance.
* {@code createSaslServer()} on each factory instance on the list
* until one produces a non-null {@code SaslServer} instance. It returns
* the non-null {@code SaslServer} instance, or null if the search fails
* to produce a non-null {@code SaslServer} instance.
*<p>
* A security provider for SaslServerFactory registers with the
* JCA Security Provider Framework keys of the form <br>
* <tt>SaslServerFactory.<em>mechanism_name</em></tt>
* {@code SaslServerFactory.}<em>{@code mechanism_name}</em>
* <br>
* and values that are class names of implementations of
* <tt>javax.security.sasl.SaslServerFactory</tt>.
* {@code javax.security.sasl.SaslServerFactory}.
*
* For example, a provider that contains a factory class,
* <tt>com.wiz.sasl.digest.ServerFactory</tt>, that supports the
* {@code com.wiz.sasl.digest.ServerFactory}, that supports the
* "DIGEST-MD5" mechanism would register the following entry with the JCA:
* <tt>SaslServerFactory.DIGEST-MD5 com.wiz.sasl.digest.ServerFactory</tt>
* {@code SaslServerFactory.DIGEST-MD5 com.wiz.sasl.digest.ServerFactory}
*<p>
* See the
* "Java Cryptography Architecture API Specification &amp; Reference"
@ -463,14 +463,14 @@ public class Sasl {
* the authentication is being performed (e.g., "ldap").
* @param serverName The fully qualified host name of the server, or null
* if the server is not bound to any specific host name. If the mechanism
* does not allow an unbound server, a <code>SaslException</code> will
* does not allow an unbound server, a {@code SaslException} will
* be thrown.
* @param props The possibly null set of properties used to
* select the SASL mechanism and to configure the authentication
* exchange of the selected mechanism.
* For example, if <tt>props</tt> contains the
* <code>Sasl.POLICY_NOPLAINTEXT</code> property with the value
* <tt>"true"</tt>, then the selected
* For example, if {@code props} contains the
* {@code Sasl.POLICY_NOPLAINTEXT} property with the value
* {@code "true"}, then the selected
* SASL mechanism must not be susceptible to simple plain passive attacks.
* In addition to the standard properties declared in this class,
* other, possibly mechanism-specific, properties can be included.
@ -481,16 +481,16 @@ public class Sasl {
* mechanisms to get further information from the application/library
* to complete the authentication. For example, a SASL mechanism might
* require the authentication ID, password and realm from the caller.
* The authentication ID is requested by using a <tt>NameCallback</tt>.
* The password is requested by using a <tt>PasswordCallback</tt>.
* The realm is requested by using a <tt>RealmChoiceCallback</tt> if there is a list
* of realms to choose from, and by using a <tt>RealmCallback</tt> if
* The authentication ID is requested by using a {@code NameCallback}.
* The password is requested by using a {@code PasswordCallback}.
* The realm is requested by using a {@code RealmChoiceCallback} if there is a list
* of realms to choose from, and by using a {@code RealmCallback} if
* the realm must be entered.
*
*@return A possibly null <tt>SaslServer</tt> created using the parameters
* supplied. If null, cannot find a <tt>SaslServerFactory</tt>
*@return A possibly null {@code SaslServer} created using the parameters
* supplied. If null, cannot find a {@code SaslServerFactory}
* that will produce one.
*@exception SaslException If cannot create a <tt>SaslServer</tt> because
*@exception SaslException If cannot create a {@code SaslServer} because
* of an error.
**/
public static SaslServer
@ -533,11 +533,11 @@ public class Sasl {
}
/**
* Gets an enumeration of known factories for producing <tt>SaslClient</tt>.
* Gets an enumeration of known factories for producing {@code SaslClient}.
* This method uses the same algorithm for locating factories as
* <tt>createSaslClient()</tt>.
* {@code createSaslClient()}.
* @return A non-null enumeration of known factories for producing
* <tt>SaslClient</tt>.
* {@code SaslClient}.
* @see #createSaslClient
*/
public static Enumeration<SaslClientFactory> getSaslClientFactories() {
@ -554,11 +554,11 @@ public class Sasl {
}
/**
* Gets an enumeration of known factories for producing <tt>SaslServer</tt>.
* Gets an enumeration of known factories for producing {@code SaslServer}.
* This method uses the same algorithm for locating factories as
* <tt>createSaslServer()</tt>.
* {@code createSaslServer()}.
* @return A non-null enumeration of known factories for producing
* <tt>SaslServer</tt>.
* {@code SaslServer}.
* @see #createSaslServer
*/
public static Enumeration<SaslServerFactory> getSaslServerFactories() {

50
jdk/src/share/classes/javax/security/sasl/SaslClient.java
View file

@ -1,5 +1,5 @@
/*
* Copyright (c) 1999, 2003, Oracle and/or its affiliates. All rights reserved.
* Copyright (c) 1999, 2013, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@ -30,14 +30,14 @@ package javax.security.sasl;
*<p>
* A protocol library such as one for LDAP gets an instance of this
* class in order to perform authentication defined by a specific SASL
* mechanism. Invoking methods on the <tt>SaslClient</tt> instance
* mechanism. Invoking methods on the {@code SaslClient} instance
* process challenges and create responses according to the SASL
* mechanism implemented by the <tt>SaslClient</tt>.
* mechanism implemented by the {@code SaslClient}.
* As the authentication proceeds, the instance
* encapsulates the state of a SASL client's authentication exchange.
*<p>
* Here's an example of how an LDAP library might use a <tt>SaslClient</tt>.
* It first gets an instance of a <tt>SaslClient</tt>:
* Here's an example of how an LDAP library might use a {@code SaslClient}.
* It first gets an instance of a {@code SaslClient}:
*<blockquote><pre>{@code
* SaslClient sc = Sasl.createSaslClient(mechanisms,
* authorizationId, protocol, serverName, props, callbackHandler);
@ -77,16 +77,16 @@ package javax.security.sasl;
*}</pre></blockquote>
*
* If the mechanism has an initial response, the library invokes
* <tt>evaluateChallenge()</tt> with an empty
* {@code evaluateChallenge()} with an empty
* challenge and to get initial response.
* Protocols such as IMAP4, which do not include an initial response with
* their first authentication command to the server, initiates the
* authentication without first calling <tt>hasInitialResponse()</tt>
* or <tt>evaluateChallenge()</tt>.
* authentication without first calling {@code hasInitialResponse()}
* or {@code evaluateChallenge()}.
* When the server responds to the command, it sends an initial challenge.
* For a SASL mechanism in which the client sends data first, the server should
* have issued a challenge with no data. This will then result in a call
* (on the client) to <tt>evaluateChallenge()</tt> with an empty challenge.
* (on the client) to {@code evaluateChallenge()} with an empty challenge.
*
* @since 1.5
*
@ -107,7 +107,7 @@ public abstract interface SaslClient {
/**
* Determines whether this mechanism has an optional initial response.
* If true, caller should call <tt>evaluateChallenge()</tt> with an
* If true, caller should call {@code evaluateChallenge()} with an
* empty array to get the initial response.
*
* @return true if this mechanism has an initial response.
@ -148,22 +148,22 @@ public abstract interface SaslClient {
/**
* Unwraps a byte array received from the server.
* This method can be called only after the authentication exchange has
* completed (i.e., when <tt>isComplete()</tt> returns true) and only if
* completed (i.e., when {@code isComplete()} returns true) and only if
* the authentication exchange has negotiated integrity and/or privacy
* as the quality of protection; otherwise, an
* <tt>IllegalStateException</tt> is thrown.
* {@code IllegalStateException} is thrown.
*<p>
* <tt>incoming</tt> is the contents of the SASL buffer as defined in RFC 2222
* {@code incoming} is the contents of the SASL buffer as defined in RFC 2222
* without the leading four octet field that represents the length.
* <tt>offset</tt> and <tt>len</tt> specify the portion of <tt>incoming</tt>
* {@code offset} and {@code len} specify the portion of {@code incoming}
* to use.
*
* @param incoming A non-null byte array containing the encoded bytes
* from the server.
* @param offset The starting position at <tt>incoming</tt> of the bytes to use.
* @param len The number of bytes from <tt>incoming</tt> to use.
* @param offset The starting position at {@code incoming} of the bytes to use.
* @param len The number of bytes from {@code incoming} to use.
* @return A non-null byte array containing the decoded bytes.
* @exception SaslException if <tt>incoming</tt> cannot be successfully
* @exception SaslException if {@code incoming} cannot be successfully
* unwrapped.
* @exception IllegalStateException if the authentication exchange has
* not completed, or if the negotiated quality of protection
@ -175,22 +175,22 @@ public abstract interface SaslClient {
/**
* Wraps a byte array to be sent to the server.
* This method can be called only after the authentication exchange has
* completed (i.e., when <tt>isComplete()</tt> returns true) and only if
* completed (i.e., when {@code isComplete()} returns true) and only if
* the authentication exchange has negotiated integrity and/or privacy
* as the quality of protection; otherwise, an
* <tt>IllegalStateException</tt> is thrown.
* {@code IllegalStateException} is thrown.
*<p>
* The result of this method will make up the contents of the SASL buffer
* as defined in RFC 2222 without the leading four octet field that
* represents the length.
* <tt>offset</tt> and <tt>len</tt> specify the portion of <tt>outgoing</tt>
* {@code offset} and {@code len} specify the portion of {@code outgoing}
* to use.
*
* @param outgoing A non-null byte array containing the bytes to encode.
* @param offset The starting position at <tt>outgoing</tt> of the bytes to use.
* @param len The number of bytes from <tt>outgoing</tt> to use.
* @param offset The starting position at {@code outgoing} of the bytes to use.
* @param len The number of bytes from {@code outgoing} to use.
* @return A non-null byte array containing the encoded bytes.
* @exception SaslException if <tt>outgoing</tt> cannot be successfully
* @exception SaslException if {@code outgoing} cannot be successfully
* wrapped.
* @exception IllegalStateException if the authentication exchange has
* not completed, or if the negotiated quality of protection
@ -202,8 +202,8 @@ public abstract interface SaslClient {
/**
* Retrieves the negotiated property.
* This method can be called only after the authentication exchange has
* completed (i.e., when <tt>isComplete()</tt> returns true); otherwise, an
* <tt>IllegalStateException</tt> is thrown.
* completed (i.e., when {@code isComplete()} returns true); otherwise, an
* {@code IllegalStateException} is thrown.
*
* @param propName The non-null property name.
* @return The value of the negotiated property. If null, the property was

34
jdk/src/share/classes/javax/security/sasl/SaslClientFactory.java
View file

@ -1,5 +1,5 @@
/*
* Copyright (c) 1999, 2006, Oracle and/or its affiliates. All rights reserved.
* Copyright (c) 1999, 2013, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@ -29,16 +29,16 @@ import java.util.Map;
import javax.security.auth.callback.CallbackHandler;
/**
* An interface for creating instances of <tt>SaslClient</tt>.
* An interface for creating instances of {@code SaslClient}.
* A class that implements this interface
* must be thread-safe and handle multiple simultaneous
* requests. It must also have a public constructor that accepts no
* argument.
*<p>
* This interface is not normally accessed directly by a client, which will use the
* <tt>Sasl</tt> static methods
* {@code Sasl} static methods
* instead. However, a particular environment may provide and install a
* new or different <tt>SaslClientFactory</tt>.
* new or different {@code SaslClientFactory}.
*
* @since 1.5
*
@ -66,7 +66,7 @@ public abstract interface SaslClientFactory {
* of the server to authenticate to.
* @param props The possibly null set of properties used to select the SASL
* mechanism and to configure the authentication exchange of the selected
* mechanism. See the <tt>Sasl</tt> class for a list of standard properties.
* mechanism. See the {@code Sasl} class for a list of standard properties.
* Other, possibly mechanism-specific, properties can be included.
* Properties not relevant to the selected mechanism are ignored,
* including any map entries with non-String keys.
@ -75,16 +75,16 @@ public abstract interface SaslClientFactory {
* mechanisms to get further information from the application/library
* to complete the authentication. For example, a SASL mechanism might
* require the authentication ID, password and realm from the caller.
* The authentication ID is requested by using a <tt>NameCallback</tt>.
* The password is requested by using a <tt>PasswordCallback</tt>.
* The realm is requested by using a <tt>RealmChoiceCallback</tt> if there is a list
* of realms to choose from, and by using a <tt>RealmCallback</tt> if
* The authentication ID is requested by using a {@code NameCallback}.
* The password is requested by using a {@code PasswordCallback}.
* The realm is requested by using a {@code RealmChoiceCallback} if there is a list
* of realms to choose from, and by using a {@code RealmCallback} if
* the realm must be entered.
*
*@return A possibly null <tt>SaslClient</tt> created using the parameters
* supplied. If null, this factory cannot produce a <tt>SaslClient</tt>
*@return A possibly null {@code SaslClient} created using the parameters
* supplied. If null, this factory cannot produce a {@code SaslClient}
* using the parameters supplied.
*@exception SaslException If cannot create a <tt>SaslClient</tt> because
*@exception SaslException If cannot create a {@code SaslClient} because
* of an error.
*/
public abstract SaslClient createSaslClient(
@ -99,12 +99,12 @@ public abstract interface SaslClientFactory {
* Returns an array of names of mechanisms that match the specified
* mechanism selection policies.
* @param props The possibly null set of properties used to specify the
* security policy of the SASL mechanisms. For example, if <tt>props</tt>
* contains the <tt>Sasl.POLICY_NOPLAINTEXT</tt> property with the value
* <tt>"true"</tt>, then the factory must not return any SASL mechanisms
* security policy of the SASL mechanisms. For example, if {@code props}
* contains the {@code Sasl.POLICY_NOPLAINTEXT} property with the value
* {@code "true"}, then the factory must not return any SASL mechanisms
* that are susceptible to simple plain passive attacks.
* See the <tt>Sasl</tt> class for a complete list of policy properties.
* Non-policy related properties, if present in <tt>props</tt>, are ignored,
* See the {@code Sasl} class for a complete list of policy properties.
* Non-policy related properties, if present in {@code props}, are ignored,
* including any map entries with non-String keys.
* @return A non-null array containing a IANA-registered SASL mechanism names.
*/

8
jdk/src/share/classes/javax/security/sasl/SaslException.java
View file

@ -1,5 +1,5 @@
/*
* Copyright (c) 1999, 2003, Oracle and/or its affiliates. All rights reserved.
* Copyright (c) 1999, 2013, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@ -45,7 +45,7 @@ public class SaslException extends IOException {
private Throwable _exception;
/**
* Constructs a new instance of <tt>SaslException</tt>.
* Constructs a new instance of {@code SaslException}.
* The root exception and the detailed message are null.
*/
public SaslException () {
@ -53,7 +53,7 @@ public class SaslException extends IOException {
}
/**
* Constructs a new instance of <tt>SaslException</tt> with a detailed message.
* Constructs a new instance of {@code SaslException} with a detailed message.
* The root exception is null.
* @param detail A possibly null string containing details of the exception.
*
@ -64,7 +64,7 @@ public class SaslException extends IOException {
}
/**
* Constructs a new instance of <tt>SaslException</tt> with a detailed message
* Constructs a new instance of {@code SaslException} with a detailed message
* and a root exception.
* For example, a SaslException might result from a problem with
* the callback handler, which might throw a NoSuchCallbackException if

46
jdk/src/share/classes/javax/security/sasl/SaslServer.java
View file

@ -1,5 +1,5 @@
/*
* Copyright (c) 2000, 2004, Oracle and/or its affiliates. All rights reserved.
* Copyright (c) 2000, 2013, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@ -30,14 +30,14 @@ package javax.security.sasl;
*<p>
* A server such an LDAP server gets an instance of this
* class in order to perform authentication defined by a specific SASL
* mechanism. Invoking methods on the <tt>SaslServer</tt> instance
* mechanism. Invoking methods on the {@code SaslServer} instance
* generates challenges according to the SASL
* mechanism implemented by the <tt>SaslServer</tt>.
* mechanism implemented by the {@code SaslServer}.
* As the authentication proceeds, the instance
* encapsulates the state of a SASL server's authentication exchange.
*<p>
* Here's an example of how an LDAP server might use a <tt>SaslServer</tt>.
* It first gets an instance of a <tt>SaslServer</tt> for the SASL mechanism
* Here's an example of how an LDAP server might use a {@code SaslServer}.
* It first gets an instance of a {@code SaslServer} for the SASL mechanism
* requested by the client:
*<blockquote><pre>
* SaslServer ss = Sasl.createSaslServer(mechanism,
@ -104,8 +104,8 @@ public abstract interface SaslServer {
* to the client. It is non-null if the authentication must be continued
* by sending a challenge to the client, or if the authentication has
* succeeded but challenge data needs to be processed by the client.
* <tt>isComplete()</tt> should be called
* after each call to <tt>evaluateResponse()</tt>,to determine if any further
* {@code isComplete()} should be called
* after each call to {@code evaluateResponse()},to determine if any further
* response is needed from the client.
*
* @param response The non-null (but possibly empty) response sent
@ -123,7 +123,7 @@ public abstract interface SaslServer {
/**
* Determines whether the authentication exchange has completed.
* This method is typically called after each invocation of
* <tt>evaluateResponse()</tt> to determine whether the
* {@code evaluateResponse()} to determine whether the
* authentication has completed successfully or should be continued.
* @return true if the authentication exchange has completed; false otherwise.
*/
@ -141,22 +141,22 @@ public abstract interface SaslServer {
/**
* Unwraps a byte array received from the client.
* This method can be called only after the authentication exchange has
* completed (i.e., when <tt>isComplete()</tt> returns true) and only if
* completed (i.e., when {@code isComplete()} returns true) and only if
* the authentication exchange has negotiated integrity and/or privacy
* as the quality of protection; otherwise,
* an <tt>IllegalStateException</tt> is thrown.
* an {@code IllegalStateException} is thrown.
*<p>
* <tt>incoming</tt> is the contents of the SASL buffer as defined in RFC 2222
* {@code incoming} is the contents of the SASL buffer as defined in RFC 2222
* without the leading four octet field that represents the length.
* <tt>offset</tt> and <tt>len</tt> specify the portion of <tt>incoming</tt>
* {@code offset} and {@code len} specify the portion of {@code incoming}
* to use.
*
* @param incoming A non-null byte array containing the encoded bytes
* from the client.
* @param offset The starting position at <tt>incoming</tt> of the bytes to use.
* @param len The number of bytes from <tt>incoming</tt> to use.
* @param offset The starting position at {@code incoming} of the bytes to use.
* @param len The number of bytes from {@code incoming} to use.
* @return A non-null byte array containing the decoded bytes.
* @exception SaslException if <tt>incoming</tt> cannot be successfully
* @exception SaslException if {@code incoming} cannot be successfully
* unwrapped.
* @exception IllegalStateException if the authentication exchange has
* not completed, or if the negotiated quality of protection
@ -168,21 +168,21 @@ public abstract interface SaslServer {
/**
* Wraps a byte array to be sent to the client.
* This method can be called only after the authentication exchange has
* completed (i.e., when <tt>isComplete()</tt> returns true) and only if
* completed (i.e., when {@code isComplete()} returns true) and only if
* the authentication exchange has negotiated integrity and/or privacy
* as the quality of protection; otherwise, a <tt>SaslException</tt> is thrown.
* as the quality of protection; otherwise, a {@code SaslException} is thrown.
*<p>
* The result of this method
* will make up the contents of the SASL buffer as defined in RFC 2222
* without the leading four octet field that represents the length.
* <tt>offset</tt> and <tt>len</tt> specify the portion of <tt>outgoing</tt>
* {@code offset} and {@code len} specify the portion of {@code outgoing}
* to use.
*
* @param outgoing A non-null byte array containing the bytes to encode.
* @param offset The starting position at <tt>outgoing</tt> of the bytes to use.
* @param len The number of bytes from <tt>outgoing</tt> to use.
* @param offset The starting position at {@code outgoing} of the bytes to use.
* @param len The number of bytes from {@code outgoing} to use.
* @return A non-null byte array containing the encoded bytes.
* @exception SaslException if <tt>outgoing</tt> cannot be successfully
* @exception SaslException if {@code outgoing} cannot be successfully
* wrapped.
* @exception IllegalStateException if the authentication exchange has
* not completed, or if the negotiated quality of protection has
@ -194,8 +194,8 @@ public abstract interface SaslServer {
/**
* Retrieves the negotiated property.
* This method can be called only after the authentication exchange has
* completed (i.e., when <tt>isComplete()</tt> returns true); otherwise, an
* <tt>IllegalStateException</tt> is thrown.
* completed (i.e., when {@code isComplete()} returns true); otherwise, an
* {@code IllegalStateException} is thrown.
*
* @param propName the property
* @return The value of the negotiated property. If null, the property was

42
jdk/src/share/classes/javax/security/sasl/SaslServerFactory.java
View file

@ -1,5 +1,5 @@
/*
* Copyright (c) 2000, 2012, Oracle and/or its affiliates. All rights reserved.
* Copyright (c) 2000, 2013, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@ -29,16 +29,16 @@ import java.util.Map;
import javax.security.auth.callback.CallbackHandler;
/**
* An interface for creating instances of <tt>SaslServer</tt>.
* An interface for creating instances of {@code SaslServer}.
* A class that implements this interface
* must be thread-safe and handle multiple simultaneous
* requests. It must also have a public constructor that accepts no
* argument.
*<p>
* This interface is not normally accessed directly by a server, which will use the
* <tt>Sasl</tt> static methods
* {@code Sasl} static methods
* instead. However, a particular environment may provide and install a
* new or different <tt>SaslServerFactory</tt>.
* new or different {@code SaslServerFactory}.
*
* @since 1.5
*
@ -50,10 +50,10 @@ import javax.security.auth.callback.CallbackHandler;
*/
public abstract interface SaslServerFactory {
/**
* Creates a <tt>SaslServer</tt> using the parameters supplied.
* Creates a {@code SaslServer} using the parameters supplied.
* It returns null
* if no <tt>SaslServer</tt> can be created using the parameters supplied.
* Throws <tt>SaslException</tt> if it cannot create a <tt>SaslServer</tt>
* if no {@code SaslServer} can be created using the parameters supplied.
* Throws {@code SaslException} if it cannot create a {@code SaslServer}
* because of an error.
*
* @param mechanism The non-null
@ -63,10 +63,10 @@ public abstract interface SaslServerFactory {
* @param serverName The fully qualified host name of the server to
* authenticate to, or null if the server is not bound to any specific host
* name. If the mechanism does not allow an unbound server, a
* <code>SaslException</code> will be thrown.
* {@code SaslException} will be thrown.
* @param props The possibly null set of properties used to select the SASL
* mechanism and to configure the authentication exchange of the selected
* mechanism. See the <tt>Sasl</tt> class for a list of standard properties.
* mechanism. See the {@code Sasl} class for a list of standard properties.
* Other, possibly mechanism-specific, properties can be included.
* Properties not relevant to the selected mechanism are ignored,
* including any map entries with non-String keys.
@ -75,16 +75,16 @@ public abstract interface SaslServerFactory {
* mechanisms to get further information from the application/library
* to complete the authentication. For example, a SASL mechanism might
* require the authentication ID, password and realm from the caller.
* The authentication ID is requested by using a <tt>NameCallback</tt>.
* The password is requested by using a <tt>PasswordCallback</tt>.
* The realm is requested by using a <tt>RealmChoiceCallback</tt> if there is a list
* of realms to choose from, and by using a <tt>RealmCallback</tt> if
* The authentication ID is requested by using a {@code NameCallback}.
* The password is requested by using a {@code PasswordCallback}.
* The realm is requested by using a {@code RealmChoiceCallback} if there is a list
* of realms to choose from, and by using a {@code RealmCallback} if
* the realm must be entered.
*
*@return A possibly null <tt>SaslServer</tt> created using the parameters
* supplied. If null, this factory cannot produce a <tt>SaslServer</tt>
*@return A possibly null {@code SaslServer} created using the parameters
* supplied. If null, this factory cannot produce a {@code SaslServer}
* using the parameters supplied.
*@exception SaslException If cannot create a <tt>SaslServer</tt> because
*@exception SaslException If cannot create a {@code SaslServer} because
* of an error.
*/
public abstract SaslServer createSaslServer(
@ -98,12 +98,12 @@ public abstract interface SaslServerFactory {
* Returns an array of names of mechanisms that match the specified
* mechanism selection policies.
* @param props The possibly null set of properties used to specify the
* security policy of the SASL mechanisms. For example, if <tt>props</tt>
* contains the <tt>Sasl.POLICY_NOPLAINTEXT</tt> property with the value
* <tt>"true"</tt>, then the factory must not return any SASL mechanisms
* security policy of the SASL mechanisms. For example, if {@code props}
* contains the {@code Sasl.POLICY_NOPLAINTEXT} property with the value
* {@code "true"}, then the factory must not return any SASL mechanisms
* that are susceptible to simple plain passive attacks.
* See the <tt>Sasl</tt> class for a complete list of policy properties.
* Non-policy related properties, if present in <tt>props</tt>, are ignored,
* See the {@code Sasl} class for a complete list of policy properties.
* Non-policy related properties, if present in {@code props}, are ignored,
* including any map entries with non-String keys.
* @return A non-null array containing a IANA-registered SASL mechanism names.
*/

103
jdk/src/share/classes/javax/security/sasl/package-info.java Normal file
View file

@ -0,0 +1,103 @@
/*
* Copyright (c) 1999, 2013, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
* under the terms of the GNU General Public License version 2 only, as
* published by the Free Software Foundation. Oracle designates this
* particular file as subject to the "Classpath" exception as provided
* by Oracle in the LICENSE file that accompanied this code.
*
* This code is distributed in the hope that it will be useful, but WITHOUT
* ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
* FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
* version 2 for more details (a copy is included in the LICENSE file that
* accompanied this code).
*
* You should have received a copy of the GNU General Public License version
* 2 along with this work; if not, write to the Free Software Foundation,
* Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
*
* Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
* or visit www.oracle.com if you need additional information or have any
* questions.
*/
/**
* Contains class and interfaces for supporting SASL.
*
* This package defines classes and interfaces for SASL mechanisms.
* It is used by developers to add authentication support for
* connection-based protocols that use SASL.
*
* <h3>SASL Overview</h3>
*
* Simple Authentication and Security Layer (SASL) specifies a
* challenge-response protocol in which data is exchanged between the
* client and the server for the purposes of
* authentication and (optional) establishment of a security layer on
* which to carry on subsequent communications. It is used with
* connection-based protocols such as LDAPv3 or IMAPv4. SASL is
* described in
* <A HREF="http://www.ietf.org/rfc/rfc2222.txt">RFC 2222</A>.
*
*
* There are various <em>mechanisms</em> defined for SASL.
* Each mechanism defines the data that must be exchanged between the
* client and server in order for the authentication to succeed.
* This data exchange required for a particular mechanism is referred to
* to as its <em>protocol profile</em>.
* The following are some examples of mechanisms that have been defined by
* the Internet standards community.
* <ul>
* <li>DIGEST-MD5 (<A HREF="http://www.ietf.org/rfc/rfc2831.txt">RFC 2831</a>).
* This mechanism defines how HTTP Digest Authentication can be used as a SASL
* mechanism.
* <li>Anonymous (<A HREF="http://www.ietf.org/rfc/rfc2245.txt">RFC 2245</a>).
* This mechanism is anonymous authentication in which no credentials are
* necessary.
* <li>External (<A HREF="http://www.ietf.org/rfc/rfc2222.txt">RFC 2222</A>).
* This mechanism obtains authentication information
* from an external source (such as TLS or IPsec).
* <li>S/Key (<A HREF="http://www.ietf.org/rfc/rfc2222.txt">RFC 2222</A>).
* This mechanism uses the MD4 digest algorithm to exchange data based on
* a shared secret.
* <li>GSSAPI (<A HREF="http://www.ietf.org/rfc/rfc2222.txt">RFC 2222</A>).
* This mechanism uses the
* <A HREF="http://www.ietf.org/rfc/rfc2078.txt">GSSAPI</A>
* for obtaining authentication information.
* </ul>
*
* Some of these mechanisms provide both authentication and establishment
* of a security layer, others only authentication. Anonymous and
* S/Key do not provide for any security layers. GSSAPI and DIGEST-MD5
* allow negotiation of the security layer. For External, the
* security layer is determined by the external protocol.
*
* <h3>Usage</h3>
*
* Users of this API are typically developers who produce
* client library implementations for connection-based protocols,
* such as LDAPv3 and IMAPv4,
* and developers who write servers (such as LDAP servers and IMAP servers).
* Developers who write client libraries use the
* {@code SaslClient} and {@code SaslClientFactory} interfaces.
* Developers who write servers use the
* {@code SaslServer} and {@code SaslServerFactory} interfaces.
*
* Among these two groups of users, each can be further divided into two groups:
* those who <em>produce</em> the SASL mechanisms and those
* who <em>use</em> the SASL mechanisms.
* The producers of SASL mechanisms need to provide implementations
* for these interfaces, while users of the SASL mechanisms use
* the APIs in this package to access those implementations.
*
* <h2>Related Documentation</h2>
*
* Please refer to the
* <a href="../../../../technotes/guides/security/sasl/sasl-refguide.html">Java
* SASL Programming Guide</a> for information on how to use this API.
*
* @since 1.5
*/
package javax.security.sasl;

114
jdk/src/share/classes/javax/security/sasl/package.html
View file

@ -1,114 +0,0 @@
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 3.2 Final//EN">
<html>
<head>
<!--
Copyright (c) 1999, 2006, Oracle and/or its affiliates. All rights reserved.
DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
This code is free software; you can redistribute it and/or modify it
under the terms of the GNU General Public License version 2 only, as
published by the Free Software Foundation. Oracle designates this
particular file as subject to the "Classpath" exception as provided
by Oracle in the LICENSE file that accompanied this code.
This code is distributed in the hope that it will be useful, but WITHOUT
ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
version 2 for more details (a copy is included in the LICENSE file that
accompanied this code).
You should have received a copy of the GNU General Public License version
2 along with this work; if not, write to the Free Software Foundation,
Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
or visit www.oracle.com if you need additional information or have any
questions.
-->
</head>
<body bgcolor="white">
Contains class and interfaces for supporting SASL.
This package defines classes and interfaces for SASL mechanisms.
It is used by developers to add authentication support for
connection-based protocols that use SASL.
<h4>SASL Overview</h4>
<p>
Simple Authentication and Security Layer (SASL) specifies a
challenge-response protocol in which data is exchanged between the
client and the server for the purposes of
authentication and (optional) establishment of a security layer on
which to carry on subsequent communications. It is used with
connection-based protocols such as LDAPv3 or IMAPv4. SASL is
described in
<A HREF="http://www.ietf.org/rfc/rfc2222.txt">RFC 2222</A>.
<p>
There are various <em>mechanisms</em> defined for SASL.
Each mechanism defines the data that must be exchanged between the
client and server in order for the authentication to succeed.
This data exchange required for a particular mechanism is referred to
to as its <em>protocol profile</em>.
The following are some examples of mechanims that have been defined by
the Internet standards community.
<ul>
<li>DIGEST-MD5 (<A HREF="http://www.ietf.org/rfc/rfc2831.txt">RFC 2831</a>).
This mechanism defines how HTTP Digest Authentication can be used as a SASL
mechanism.
<li>Anonymous (<A HREF="http://www.ietf.org/rfc/rfc2245.txt">RFC 2245</a>).
This mechamism is anonymous authentication in which no credentials are
necessary.
<li>External (<A HREF="http://www.ietf.org/rfc/rfc2222.txt">RFC 2222</A>).
This mechanism obtains authentication information
from an external source (such as TLS or IPsec).
<li>S/Key (<A HREF="http://www.ietf.org/rfc/rfc2222.txt">RFC 2222</A>).
This mechanism uses the MD4 digest algorithm to exchange data based on
a shared secret.
<li>GSSAPI (<A HREF="http://www.ietf.org/rfc/rfc2222.txt">RFC 2222</A>).
This mechanism uses the
<A HREF="http://www.ietf.org/rfc/rfc2078.txt">GSSAPI</A>
for obtaining authentication information.
</ul>
<p>
Some of these mechanisms provide both authentication and establishment
of a security layer, others only authentication. Anonymous and
S/Key do not provide for any security layers. GSSAPI and DIGEST-MD5
allow negotiation of the security layer. For External, the
security layer is determined by the external protocol.
<h4>Usage</h4>
<p>
Users of this API are typically developers who produce
client library implementations for connection-based protocols,
such as LDAPv3 and IMAPv4,
and developers who write servers (such as LDAP servers and IMAP servers).
Developers who write client libraries use the
<tt>SaslClient</tt> and <tt>SaslClientFactory</tt> interfaces.
Developers who write servers use the
<tt>SaslServer</tt> and <tt>SaslServerFactory</tt> interfaces.
<p>
Among these two groups of users, each can be further divided into two groups:
those who <em>produce</em> the SASL mechanisms and those
who <em>use</em> the SASL mechanisms.
The producers of SASL mechanisms need to provide implementations
for these interfaces, while users of the SASL mechanisms use
the APIs in this package to access those implementations.
<h2>Related Documentation</h2>
Please refer to the
<a href="../../../../technotes/guides/security/sasl/sasl-refguide.html">Java
SASL Programming Guide</a> for information on how to use this API.
@since 1.5
</body>
</html>