archive/jdk
1
0
Fork 0
mirror of https://github.com/openjdk/jdk.git synced 2025-09-24 04:54:40 +02:00
Code Issues Projects Releases Packages Wiki Activity Actions

8020557: javadoc cleanup in javax.security

Browse source 
Reviewed-by: darcy
This commit is contained in:
Jason Uh 2013-07-16 12:19:41 -07:00
parent 1b0b4ca8c7
commit f76ebb663c
69 changed files with 1603 additions and 1756 deletions
Download patch file Download diff file Expand all files Collapse all files

54
jdk/src/share/classes/javax/security/auth/AuthPermission.java
View file

@ -1,5 +1,5 @@
/* /*
* Copyright (c) 1998, 2005, Oracle and/or its affiliates. All rights reserved. * Copyright (c) 1998, 2013, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
* *
* This code is free software; you can redistribute it and/or modify it * This code is free software; you can redistribute it and/or modify it
@ -41,10 +41,10 @@ package javax.security.auth;
* *
* <pre> * <pre>
* doAs - allow the caller to invoke the * doAs - allow the caller to invoke the
* <code>Subject.doAs</code> methods. * {@code Subject.doAs} methods.
* *
* doAsPrivileged - allow the caller to invoke the * doAsPrivileged - allow the caller to invoke the
* <code>Subject.doAsPrivileged</code> methods. * {@code Subject.doAsPrivileged} methods.
* *
* getSubject - allow for the retrieval of the * getSubject - allow for the retrieval of the
* Subject(s) associated with the * Subject(s) associated with the
@ -52,39 +52,39 @@ package javax.security.auth;
* *
* getSubjectFromDomainCombiner - allow for the retrieval of the * getSubjectFromDomainCombiner - allow for the retrieval of the
* Subject associated with the * Subject associated with the
* a <code>SubjectDomainCombiner</code>. * a {@code SubjectDomainCombiner}.
* *
* setReadOnly - allow the caller to set a Subject * setReadOnly - allow the caller to set a Subject
* to be read-only. * to be read-only.
* *
* modifyPrincipals - allow the caller to modify the <code>Set</code> * modifyPrincipals - allow the caller to modify the {@code Set}
* of Principals associated with a * of Principals associated with a
* <code>Subject</code> * {@code Subject}
* *
* modifyPublicCredentials - allow the caller to modify the * modifyPublicCredentials - allow the caller to modify the
* <code>Set</code> of public credentials * {@code Set} of public credentials
* associated with a <code>Subject</code> * associated with a {@code Subject}
* *
* modifyPrivateCredentials - allow the caller to modify the * modifyPrivateCredentials - allow the caller to modify the
* <code>Set</code> of private credentials * {@code Set} of private credentials
* associated with a <code>Subject</code> * associated with a {@code Subject}
* *
* refreshCredential - allow code to invoke the <code>refresh</code> * refreshCredential - allow code to invoke the {@code refresh}
* method on a credential which implements * method on a credential which implements
* the <code>Refreshable</code> interface. * the {@code Refreshable} interface.
* *
* destroyCredential - allow code to invoke the <code>destroy</code> * destroyCredential - allow code to invoke the {@code destroy}
* method on a credential <code>object</code> * method on a credential {@code object}
* which implements the <code>Destroyable</code> * which implements the {@code Destroyable}
* interface. * interface.
* *
* createLoginContext.{name} - allow code to instantiate a * createLoginContext.{name} - allow code to instantiate a
* <code>LoginContext</code> with the * {@code LoginContext} with the
* specified <i>name</i>. <i>name</i> * specified <i>name</i>. <i>name</i>
* is used as the index into the installed login * is used as the index into the installed login
* <code>Configuration</code> * {@code Configuration}
* (that returned by * (that returned by
* <code>Configuration.getConfiguration()</code>). * {@code Configuration.getConfiguration()}).
* <i>name</i> can be wildcarded (set to '*') * <i>name</i> can be wildcarded (set to '*')
* to allow for any name. * to allow for any name.
* *
@ -93,7 +93,7 @@ package javax.security.auth;
* *
* createLoginConfiguration.{type} - allow code to obtain a Configuration * createLoginConfiguration.{type} - allow code to obtain a Configuration
* object via * object via
* <code>Configuration.getInstance</code>. * {@code Configuration.getInstance}.
* *
* setLoginConfiguration - allow for the setting of the system-wide * setLoginConfiguration - allow for the setting of the system-wide
* login Configuration. * login Configuration.
@ -103,15 +103,15 @@ package javax.security.auth;
* </pre> * </pre>
* *
* <p> The following target name has been deprecated in favor of * <p> The following target name has been deprecated in favor of
* <code>createLoginContext.{name}</code>. * {@code createLoginContext.{name}}.
* *
* <pre> * <pre>
* createLoginContext - allow code to instantiate a * createLoginContext - allow code to instantiate a
* <code>LoginContext</code>. * {@code LoginContext}.
* </pre> * </pre>
* *
* <p> <code>javax.security.auth.Policy</code> has been * <p> {@code javax.security.auth.Policy} has been
* deprecated in favor of <code>java.security.Policy</code>. * deprecated in favor of {@code java.security.Policy}.
* Therefore, the following target names have also been deprecated: * Therefore, the following target names have also been deprecated:
* *
* <pre> * <pre>
@ -139,8 +139,8 @@ java.security.BasicPermission {
* *
* @param name the name of the AuthPermission * @param name the name of the AuthPermission
* *
* @throws NullPointerException if <code>name</code> is <code>null</code>. * @throws NullPointerException if {@code name} is {@code null}.
* @throws IllegalArgumentException if <code>name</code> is empty. * @throws IllegalArgumentException if {@code name} is empty.
*/ */
public AuthPermission(String name) { public AuthPermission(String name) {
// for backwards compatibility -- // for backwards compatibility --
@ -160,8 +160,8 @@ java.security.BasicPermission {
* *
* @param actions should be null. * @param actions should be null.
* *
* @throws NullPointerException if <code>name</code> is <code>null</code>. * @throws NullPointerException if {@code name} is {@code null}.
* @throws IllegalArgumentException if <code>name</code> is empty. * @throws IllegalArgumentException if {@code name} is empty.
*/ */
public AuthPermission(String name, String actions) { public AuthPermission(String name, String actions) {
// for backwards compatibility -- // for backwards compatibility --

6
jdk/src/share/classes/javax/security/auth/DestroyFailedException.java
View file

@ -1,5 +1,5 @@
/* /*
* Copyright (c) 1999, 2003, Oracle and/or its affiliates. All rights reserved. * Copyright (c) 1999, 2013, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
* *
* This code is free software; you can redistribute it and/or modify it * This code is free software; you can redistribute it and/or modify it
@ -26,10 +26,10 @@
package javax.security.auth; package javax.security.auth;
/** /**
* Signals that a <code>destroy</code> operation failed. * Signals that a {@code destroy} operation failed.
* *
* <p> This exception is thrown by credentials implementing * <p> This exception is thrown by credentials implementing
* the <code>Destroyable</code> interface when the <code>destroy</code> * the {@code Destroyable} interface when the {@code destroy}
* method fails. * method fails.
* *
*/ */

14
jdk/src/share/classes/javax/security/auth/Destroyable.java
View file

@ -34,12 +34,12 @@ package javax.security.auth;
public interface Destroyable { public interface Destroyable {
/** /**
* Destroy this <code>Object</code>. * Destroy this {@code Object}.
* *
* <p> Sensitive information associated with this <code>Object</code> * <p> Sensitive information associated with this {@code Object}
* is destroyed or cleared. Subsequent calls to certain methods * is destroyed or cleared. Subsequent calls to certain methods
* on this <code>Object</code> will result in an * on this {@code Object} will result in an
* <code>IllegalStateException</code> being thrown. * {@code IllegalStateException} being thrown.
* *
* <p> * <p>
* The default implementation throws {@code DestroyFailedException}. * The default implementation throws {@code DestroyFailedException}.
@ -47,19 +47,19 @@ public interface Destroyable {
* @exception DestroyFailedException if the destroy operation fails. <p> * @exception DestroyFailedException if the destroy operation fails. <p>
* *
* @exception SecurityException if the caller does not have permission * @exception SecurityException if the caller does not have permission
* to destroy this <code>Object</code>. * to destroy this {@code Object}.
*/ */
public default void destroy() throws DestroyFailedException { public default void destroy() throws DestroyFailedException {
throw new DestroyFailedException(); throw new DestroyFailedException();
} }
/** /**
* Determine if this <code>Object</code> has been destroyed. * Determine if this {@code Object} has been destroyed.
* *
* <p> * <p>
* The default implementation returns false. * The default implementation returns false.
* *
* @return true if this <code>Object</code> has been destroyed, * @return true if this {@code Object} has been destroyed,
* false otherwise. * false otherwise.
*/ */
public default boolean isDestroyed() { public default boolean isDestroyed() {

72
jdk/src/share/classes/javax/security/auth/Policy.java
View file

@ -1,5 +1,5 @@
/* /*
* Copyright (c) 1998, 2012, Oracle and/or its affiliates. All rights reserved. * Copyright (c) 1998, 2013, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
* *
* This code is free software; you can redistribute it and/or modify it * This code is free software; you can redistribute it and/or modify it
@ -32,11 +32,11 @@ import sun.security.util.Debug;
* <p> This is an abstract class for representing the system policy for * <p> This is an abstract class for representing the system policy for
* Subject-based authorization. A subclass implementation * Subject-based authorization. A subclass implementation
* of this class provides a means to specify a Subject-based * of this class provides a means to specify a Subject-based
* access control <code>Policy</code>. * access control {@code Policy}.
* *
* <p> A <code>Policy</code> object can be queried for the set of * <p> A {@code Policy} object can be queried for the set of
* Permissions granted to code running as a * Permissions granted to code running as a
* <code>Principal</code> in the following manner: * {@code Principal} in the following manner:
* *
* <pre> * <pre>
* policy = Policy.getPolicy(); * policy = Policy.getPolicy();
@ -44,20 +44,20 @@ import sun.security.util.Debug;
* codeSource); * codeSource);
* </pre> * </pre>
* *
* The <code>Policy</code> object consults the local policy and returns * The {@code Policy} object consults the local policy and returns
* and appropriate <code>Permissions</code> object with the * and appropriate {@code Permissions} object with the
* Permissions granted to the Principals associated with the * Permissions granted to the Principals associated with the
* provided <i>subject</i>, and granted to the code specified * provided <i>subject</i>, and granted to the code specified
* by the provided <i>codeSource</i>. * by the provided <i>codeSource</i>.
* *
* <p> A <code>Policy</code> contains the following information. * <p> A {@code Policy} contains the following information.
* Note that this example only represents the syntax for the default * Note that this example only represents the syntax for the default
* <code>Policy</code> implementation. Subclass implementations of this class * {@code Policy} implementation. Subclass implementations of this class
* may implement alternative syntaxes and may retrieve the * may implement alternative syntaxes and may retrieve the
* <code>Policy</code> from any source such as files, databases, * {@code Policy} from any source such as files, databases,
* or servers. * or servers.
* *
* <p> Each entry in the <code>Policy</code> is represented as * <p> Each entry in the {@code Policy} is represented as
* a <b><i>grant</i></b> entry. Each <b><i>grant</i></b> entry * a <b><i>grant</i></b> entry. Each <b><i>grant</i></b> entry
* specifies a codebase, code signers, and Principals triplet, * specifies a codebase, code signers, and Principals triplet,
* as well as the Permissions granted to that triplet. * as well as the Permissions granted to that triplet.
@ -84,23 +84,23 @@ import sun.security.util.Debug;
* </pre> * </pre>
* *
* This <b><i>grant</i></b> entry specifies that code from "foo.com", * This <b><i>grant</i></b> entry specifies that code from "foo.com",
* signed by "foo', and running as a <code>SolarisPrincipal</code> with the * signed by "foo', and running as a {@code SolarisPrincipal} with the
* name, duke, has one <code>Permission</code>. This <code>Permission</code> * name, duke, has one {@code Permission}. This {@code Permission}
* permits the executing code to read and write files in the directory, * permits the executing code to read and write files in the directory,
* "/home/duke". * "/home/duke".
* *
* <p> To "run" as a particular <code>Principal</code>, * <p> To "run" as a particular {@code Principal},
* code invokes the <code>Subject.doAs(subject, ...)</code> method. * code invokes the {@code Subject.doAs(subject, ...)} method.
* After invoking that method, the code runs as all the Principals * After invoking that method, the code runs as all the Principals
* associated with the specified <code>Subject</code>. * associated with the specified {@code Subject}.
* Note that this <code>Policy</code> (and the Permissions * Note that this {@code Policy} (and the Permissions
* granted in this <code>Policy</code>) only become effective * granted in this {@code Policy}) only become effective
* after the call to <code>Subject.doAs</code> has occurred. * after the call to {@code Subject.doAs} has occurred.
* *
* <p> Multiple Principals may be listed within one <b><i>grant</i></b> entry. * <p> Multiple Principals may be listed within one <b><i>grant</i></b> entry.
* All the Principals in the grant entry must be associated with * All the Principals in the grant entry must be associated with
* the <code>Subject</code> provided to <code>Subject.doAs</code> * the {@code Subject} provided to {@code Subject.doAs}
* for that <code>Subject</code> to be granted the specified Permissions. * for that {@code Subject} to be granted the specified Permissions.
* *
* <pre> * <pre>
* grant Principal com.sun.security.auth.SolarisPrincipal "duke", * grant Principal com.sun.security.auth.SolarisPrincipal "duke",
@ -115,7 +115,7 @@ import sun.security.util.Debug;
* as well as permission to make socket connections to "duke.com". * as well as permission to make socket connections to "duke.com".
* *
* <p> Note that non Principal-based grant entries are not permitted * <p> Note that non Principal-based grant entries are not permitted
* in this <code>Policy</code>. Therefore, grant entries such as: * in this {@code Policy}. Therefore, grant entries such as:
* *
* <pre> * <pre>
* grant CodeBase "foo.com", Signedby "foo" { * grant CodeBase "foo.com", Signedby "foo" {
@ -124,7 +124,7 @@ import sun.security.util.Debug;
* </pre> * </pre>
* *
* are rejected. Such permission must be listed in the * are rejected. Such permission must be listed in the
* <code>java.security.Policy</code>. * {@code java.security.Policy}.
* *
* <p> The default {@code Policy} implementation can be changed by * <p> The default {@code Policy} implementation can be changed by
* setting the value of the {@code auth.policy.provider} security property to * setting the value of the {@code auth.policy.provider} security property to
@ -179,14 +179,14 @@ public abstract class Policy {
/** /**
* Returns the installed Policy object. * Returns the installed Policy object.
* This method first calls * This method first calls
* <code>SecurityManager.checkPermission</code> with the * {@code SecurityManager.checkPermission} with the
* <code>AuthPermission("getPolicy")</code> permission * {@code AuthPermission("getPolicy")} permission
* to ensure the caller has permission to get the Policy object. * to ensure the caller has permission to get the Policy object.
* *
* <p> * <p>
* *
* @return the installed Policy. The return value cannot be * @return the installed Policy. The return value cannot be
* <code>null</code>. * {@code null}.
* *
* @exception java.lang.SecurityException if the current thread does not * @exception java.lang.SecurityException if the current thread does not
* have permission to get the Policy object. * have permission to get the Policy object.
@ -252,8 +252,8 @@ public abstract class Policy {
/** /**
* Sets the system-wide Policy object. This method first calls * Sets the system-wide Policy object. This method first calls
* <code>SecurityManager.checkPermission</code> with the * {@code SecurityManager.checkPermission} with the
* <code>AuthPermission("setPolicy")</code> * {@code AuthPermission("setPolicy")}
* permission to ensure the caller has permission to set the Policy. * permission to ensure the caller has permission to set the Policy.
* *
* <p> * <p>
@ -313,25 +313,25 @@ public abstract class Policy {
/** /**
* Retrieve the Permissions granted to the Principals associated with * Retrieve the Permissions granted to the Principals associated with
* the specified <code>CodeSource</code>. * the specified {@code CodeSource}.
* *
* <p> * <p>
* *
* @param subject the <code>Subject</code> * @param subject the {@code Subject}
* whose associated Principals, * whose associated Principals,
* in conjunction with the provided * in conjunction with the provided
* <code>CodeSource</code>, determines the Permissions * {@code CodeSource}, determines the Permissions
* returned by this method. This parameter * returned by this method. This parameter
* may be <code>null</code>. <p> * may be {@code null}. <p>
* *
* @param cs the code specified by its <code>CodeSource</code> * @param cs the code specified by its {@code CodeSource}
* that determines, in conjunction with the provided * that determines, in conjunction with the provided
* <code>Subject</code>, the Permissions * {@code Subject}, the Permissions
* returned by this method. This parameter may be * returned by this method. This parameter may be
* <code>null</code>. * {@code null}.
* *
* @return the Collection of Permissions granted to all the * @return the Collection of Permissions granted to all the
* <code>Subject</code> and code specified in * {@code Subject} and code specified in
* the provided <i>subject</i> and <i>cs</i> * the provided <i>subject</i> and <i>cs</i>
* parameters. * parameters.
*/ */
@ -345,7 +345,7 @@ public abstract class Policy {
* <p>This method causes this object to refresh/reload its current * <p>This method causes this object to refresh/reload its current
* Policy. This is implementation-dependent. * Policy. This is implementation-dependent.
* For example, if the Policy object is stored in * For example, if the Policy object is stored in
* a file, calling <code>refresh</code> will cause the file to be re-read. * a file, calling {@code refresh} will cause the file to be re-read.
* *
* <p> * <p>
* *

82
jdk/src/share/classes/javax/security/auth/PrivateCredentialPermission.java
View file

@ -1,5 +1,5 @@
/* /*
* Copyright (c) 1999, 2011, Oracle and/or its affiliates. All rights reserved. * Copyright (c) 1999, 2013, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
* *
* This code is free software; you can redistribute it and/or modify it * This code is free software; you can redistribute it and/or modify it
@ -34,10 +34,10 @@ import sun.security.util.ResourcesMgr;
/** /**
* This class is used to protect access to private Credentials * This class is used to protect access to private Credentials
* belonging to a particular <code>Subject</code>. The <code>Subject</code> * belonging to a particular {@code Subject}. The {@code Subject}
* is represented by a Set of Principals. * is represented by a Set of Principals.
* *
* <p> The target name of this <code>Permission</code> specifies * <p> The target name of this {@code Permission} specifies
* a Credential class name, and a Set of Principals. * a Credential class name, and a Set of Principals.
* The only valid value for this Permission's actions is, "read". * The only valid value for this Permission's actions is, "read".
* The target name must abide by the following syntax: * The target name must abide by the following syntax:
@ -65,12 +65,12 @@ import sun.security.util.ResourcesMgr;
* *
* If CredentialClass is "*", then access is granted to * If CredentialClass is "*", then access is granted to
* all private Credentials belonging to the specified * all private Credentials belonging to the specified
* <code>Subject</code>. * {@code Subject}.
* If "PrincipalName" is "*", then access is granted to the * If "PrincipalName" is "*", then access is granted to the
* specified Credential owned by any <code>Subject</code> that has the * specified Credential owned by any {@code Subject} that has the
* specified <code>Principal</code> (the actual PrincipalName doesn't matter). * specified {@code Principal} (the actual PrincipalName doesn't matter).
* For example, the following grants access to the * For example, the following grants access to the
* a.b.Credential owned by any <code>Subject</code> that has * a.b.Credential owned by any {@code Subject} that has
* an a.b.Principal. * an a.b.Principal.
* *
* <pre> * <pre>
@ -83,7 +83,7 @@ import sun.security.util.ResourcesMgr;
* *
* If both the PrincipalClass and "PrincipalName" are "*", * If both the PrincipalClass and "PrincipalName" are "*",
* then access is granted to the specified Credential owned by * then access is granted to the specified Credential owned by
* any <code>Subject</code>. * any {@code Subject}.
* *
* <p> In addition, the PrincipalClass/PrincipalName pairing may be repeated: * <p> In addition, the PrincipalClass/PrincipalName pairing may be repeated:
* *
@ -96,7 +96,7 @@ import sun.security.util.ResourcesMgr;
* </pre> * </pre>
* *
* The above grants access to the private Credential, "a.b.Credential", * The above grants access to the private Credential, "a.b.Credential",
* belonging to a <code>Subject</code> with at least two associated Principals: * belonging to a {@code Subject} with at least two associated Principals:
* "a.b.Principal" with the name, "duke", and "c.d.Principal", with the name, * "a.b.Principal" with the name, "duke", and "c.d.Principal", with the name,
* "dukette". * "dukette".
* *
@ -115,7 +115,7 @@ public final class PrivateCredentialPermission extends Permission {
/** /**
* @serial The Principals associated with this permission. * @serial The Principals associated with this permission.
* The set contains elements of type, * The set contains elements of type,
* <code>PrivateCredentialPermission.CredOwner</code>. * {@code PrivateCredentialPermission.CredOwner}.
*/ */
private Set<Principal> principals; // ignored - kept around for compatibility private Set<Principal> principals; // ignored - kept around for compatibility
private transient CredOwner[] credOwners; private transient CredOwner[] credOwners;
@ -126,8 +126,8 @@ public final class PrivateCredentialPermission extends Permission {
private boolean testing = false; private boolean testing = false;
/** /**
* Create a new <code>PrivateCredentialPermission</code> * Create a new {@code PrivateCredentialPermission}
* with the specified <code>credentialClass</code> and Principals. * with the specified {@code credentialClass} and Principals.
*/ */
PrivateCredentialPermission(String credentialClass, PrivateCredentialPermission(String credentialClass,
Set<Principal> principals) { Set<Principal> principals) {
@ -153,19 +153,19 @@ public final class PrivateCredentialPermission extends Permission {
} }
/** /**
* Creates a new <code>PrivateCredentialPermission</code> * Creates a new {@code PrivateCredentialPermission}
* with the specified <code>name</code>. The <code>name</code> * with the specified {@code name}. The {@code name}
* specifies both a Credential class and a <code>Principal</code> Set. * specifies both a Credential class and a {@code Principal} Set.
* *
* <p> * <p>
* *
* @param name the name specifying the Credential class and * @param name the name specifying the Credential class and
* <code>Principal</code> Set. <p> * {@code Principal} Set. <p>
* *
* @param actions the actions specifying that the Credential can be read. * @param actions the actions specifying that the Credential can be read.
* *
* @throws IllegalArgumentException if <code>name</code> does not conform * @throws IllegalArgumentException if {@code name} does not conform
* to the correct syntax or if <code>actions</code> is not "read". * to the correct syntax or if {@code actions} is not "read".
*/ */
public PrivateCredentialPermission(String name, String actions) { public PrivateCredentialPermission(String name, String actions) {
super(name); super(name);
@ -178,34 +178,34 @@ public final class PrivateCredentialPermission extends Permission {
/** /**
* Returns the Class name of the Credential associated with this * Returns the Class name of the Credential associated with this
* <code>PrivateCredentialPermission</code>. * {@code PrivateCredentialPermission}.
* *
* <p> * <p>
* *
* @return the Class name of the Credential associated with this * @return the Class name of the Credential associated with this
* <code>PrivateCredentialPermission</code>. * {@code PrivateCredentialPermission}.
*/ */
public String getCredentialClass() { public String getCredentialClass() {
return credentialClass; return credentialClass;
} }
/** /**
* Returns the <code>Principal</code> classes and names * Returns the {@code Principal} classes and names
* associated with this <code>PrivateCredentialPermission</code>. * associated with this {@code PrivateCredentialPermission}.
* The information is returned as a two-dimensional array (array[x][y]). * The information is returned as a two-dimensional array (array[x][y]).
* The 'x' value corresponds to the number of <code>Principal</code> * The 'x' value corresponds to the number of {@code Principal}
* class and name pairs. When (y==0), it corresponds to * class and name pairs. When (y==0), it corresponds to
* the <code>Principal</code> class value, and when (y==1), * the {@code Principal} class value, and when (y==1),
* it corresponds to the <code>Principal</code> name value. * it corresponds to the {@code Principal} name value.
* For example, array[0][0] corresponds to the class name of * For example, array[0][0] corresponds to the class name of
* the first <code>Principal</code> in the array. array[0][1] * the first {@code Principal} in the array. array[0][1]
* corresponds to the <code>Principal</code> name of the * corresponds to the {@code Principal} name of the
* first <code>Principal</code> in the array. * first {@code Principal} in the array.
* *
* <p> * <p>
* *
* @return the <code>Principal</code> class and names associated * @return the {@code Principal} class and names associated
* with this <code>PrivateCredentialPermission</code>. * with this {@code PrivateCredentialPermission}.
*/ */
public String[][] getPrincipals() { public String[][] getPrincipals() {
@ -222,8 +222,8 @@ public final class PrivateCredentialPermission extends Permission {
} }
/** /**
* Checks if this <code>PrivateCredentialPermission</code> implies * Checks if this {@code PrivateCredentialPermission} implies
* the specified <code>Permission</code>. * the specified {@code Permission}.
* *
* <p> * <p>
* *
@ -241,10 +241,10 @@ public final class PrivateCredentialPermission extends Permission {
* *
* <p> * <p>
* *
* @param p the <code>Permission</code> to check against. * @param p the {@code Permission} to check against.
* *
* @return true if this <code>PrivateCredentialPermission</code> implies * @return true if this {@code PrivateCredentialPermission} implies
* the specified <code>Permission</code>, false if not. * the specified {@code Permission}, false if not.
*/ */
public boolean implies(Permission p) { public boolean implies(Permission p) {
@ -260,9 +260,9 @@ public final class PrivateCredentialPermission extends Permission {
} }
/** /**
* Checks two <code>PrivateCredentialPermission</code> objects for * Checks two {@code PrivateCredentialPermission} objects for
* equality. Checks that <i>obj</i> is a * equality. Checks that <i>obj</i> is a
* <code>PrivateCredentialPermission</code>, * {@code PrivateCredentialPermission},
* and has the same credential class as this object, * and has the same credential class as this object,
* as well as the same Principals as this object. * as well as the same Principals as this object.
* The order of the Principals in the respective Permission's * The order of the Principals in the respective Permission's
@ -272,7 +272,7 @@ public final class PrivateCredentialPermission extends Permission {
* *
* @param obj the object we are testing for equality with this object. * @param obj the object we are testing for equality with this object.
* *
* @return true if obj is a <code>PrivateCredentialPermission</code>, * @return true if obj is a {@code PrivateCredentialPermission},
* has the same credential class as this object, * has the same credential class as this object,
* and has the same Principals as this object. * and has the same Principals as this object.
*/ */
@ -311,9 +311,9 @@ public final class PrivateCredentialPermission extends Permission {
/** /**
* Return a homogeneous collection of PrivateCredentialPermissions * Return a homogeneous collection of PrivateCredentialPermissions
* in a <code>PermissionCollection</code>. * in a {@code PermissionCollection}.
* No such <code>PermissionCollection</code> is defined, * No such {@code PermissionCollection} is defined,
* so this method always returns <code>null</code>. * so this method always returns {@code null}.
* *
* <p> * <p>
* *

6
jdk/src/share/classes/javax/security/auth/RefreshFailedException.java
View file

@ -1,5 +1,5 @@
/* /*
* Copyright (c) 1999, 2003, Oracle and/or its affiliates. All rights reserved. * Copyright (c) 1999, 2013, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
* *
* This code is free software; you can redistribute it and/or modify it * This code is free software; you can redistribute it and/or modify it
@ -26,10 +26,10 @@
package javax.security.auth; package javax.security.auth;
/** /**
* Signals that a <code>refresh</code> operation failed. * Signals that a {@code refresh} operation failed.
* *
* <p> This exception is thrown by credentials implementing * <p> This exception is thrown by credentials implementing
* the <code>Refreshable</code> interface when the <code>refresh</code> * the {@code Refreshable} interface when the {@code refresh}
* method fails. * method fails.
* *
*/ */

10
jdk/src/share/classes/javax/security/auth/Refreshable.java
View file

@ -1,5 +1,5 @@
/* /*
* Copyright (c) 1999, Oracle and/or its affiliates. All rights reserved. * Copyright (c) 1999, 2013, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
* *
* This code is free software; you can redistribute it and/or modify it * This code is free software; you can redistribute it and/or modify it
@ -37,24 +37,24 @@ package javax.security.auth;
public interface Refreshable { public interface Refreshable {
/** /**
* Determine if this <code>Object</code> is current. * Determine if this {@code Object} is current.
* *
* <p> * <p>
* *
* @return true if this <code>Object</code> is currently current, * @return true if this {@code Object} is currently current,
* false otherwise. * false otherwise.
*/ */
boolean isCurrent(); boolean isCurrent();
/** /**
* Update or extend the validity period for this * Update or extend the validity period for this
* <code>Object</code>. * {@code Object}.
* *
* <p> * <p>
* *
* @exception SecurityException if the caller does not have permission * @exception SecurityException if the caller does not have permission
* to update or extend the validity period for this * to update or extend the validity period for this
* <code>Object</code>. <p> * {@code Object}. <p>
* *
* @exception RefreshFailedException if the refresh attempt failed. * @exception RefreshFailedException if the refresh attempt failed.
*/ */

452
jdk/src/share/classes/javax/security/auth/Subject.java
View file

@ -42,39 +42,39 @@ import java.security.ProtectionDomain;
import sun.security.util.ResourcesMgr; import sun.security.util.ResourcesMgr;
/** /**
* <p> A <code>Subject</code> represents a grouping of related information * <p> A {@code Subject} represents a grouping of related information
* for a single entity, such as a person. * for a single entity, such as a person.
* Such information includes the Subject's identities as well as * Such information includes the Subject's identities as well as
* its security-related attributes * its security-related attributes
* (passwords and cryptographic keys, for example). * (passwords and cryptographic keys, for example).
* *
* <p> Subjects may potentially have multiple identities. * <p> Subjects may potentially have multiple identities.
* Each identity is represented as a <code>Principal</code> * Each identity is represented as a {@code Principal}
* within the <code>Subject</code>. Principals simply bind names to a * within the {@code Subject}. Principals simply bind names to a
* <code>Subject</code>. For example, a <code>Subject</code> that happens * {@code Subject}. For example, a {@code Subject} that happens
* to be a person, Alice, might have two Principals: * to be a person, Alice, might have two Principals:
* one which binds "Alice Bar", the name on her driver license, * one which binds "Alice Bar", the name on her driver license,
* to the <code>Subject</code>, and another which binds, * to the {@code Subject}, and another which binds,
* "999-99-9999", the number on her student identification card, * "999-99-9999", the number on her student identification card,
* to the <code>Subject</code>. Both Principals refer to the same * to the {@code Subject}. Both Principals refer to the same
* <code>Subject</code> even though each has a different name. * {@code Subject} even though each has a different name.
* *
* <p> A <code>Subject</code> may also own security-related attributes, * <p> A {@code Subject} may also own security-related attributes,
* which are referred to as credentials. * which are referred to as credentials.
* Sensitive credentials that require special protection, such as * Sensitive credentials that require special protection, such as
* private cryptographic keys, are stored within a private credential * private cryptographic keys, are stored within a private credential
* <code>Set</code>. Credentials intended to be shared, such as * {@code Set}. Credentials intended to be shared, such as
* public key certificates or Kerberos server tickets are stored * public key certificates or Kerberos server tickets are stored
* within a public credential <code>Set</code>. Different permissions * within a public credential {@code Set}. Different permissions
* are required to access and modify the different credential Sets. * are required to access and modify the different credential Sets.
* *
* <p> To retrieve all the Principals associated with a <code>Subject</code>, * <p> To retrieve all the Principals associated with a {@code Subject},
* invoke the <code>getPrincipals</code> method. To retrieve * invoke the {@code getPrincipals} method. To retrieve
* all the public or private credentials belonging to a <code>Subject</code>, * all the public or private credentials belonging to a {@code Subject},
* invoke the <code>getPublicCredentials</code> method or * invoke the {@code getPublicCredentials} method or
* <code>getPrivateCredentials</code> method, respectively. * {@code getPrivateCredentials} method, respectively.
* To modify the returned <code>Set</code> of Principals and credentials, * To modify the returned {@code Set} of Principals and credentials,
* use the methods defined in the <code>Set</code> class. * use the methods defined in the {@code Set} class.
* For example: * For example:
* <pre> * <pre>
* Subject subject; * Subject subject;
@ -86,13 +86,13 @@ import sun.security.util.ResourcesMgr;
* subject.getPublicCredentials().add(credential); * subject.getPublicCredentials().add(credential);
* </pre> * </pre>
* *
* <p> This <code>Subject</code> class implements <code>Serializable</code>. * <p> This {@code Subject} class implements {@code Serializable}.
* While the Principals associated with the <code>Subject</code> are serialized, * While the Principals associated with the {@code Subject} are serialized,
* the credentials associated with the <code>Subject</code> are not. * the credentials associated with the {@code Subject} are not.
* Note that the <code>java.security.Principal</code> class * Note that the {@code java.security.Principal} class
* does not implement <code>Serializable</code>. Therefore all concrete * does not implement {@code Serializable}. Therefore all concrete
* <code>Principal</code> implementations associated with Subjects * {@code Principal} implementations associated with Subjects
* must implement <code>Serializable</code>. * must implement {@code Serializable}.
* *
* @see java.security.Principal * @see java.security.Principal
* @see java.security.DomainCombiner * @see java.security.DomainCombiner
@ -102,14 +102,14 @@ public final class Subject implements java.io.Serializable {
private static final long serialVersionUID = -8308522755600156056L; private static final long serialVersionUID = -8308522755600156056L;
/** /**
* A <code>Set</code> that provides a view of all of this * A {@code Set} that provides a view of all of this
* Subject's Principals * Subject's Principals
* *
* <p> * <p>
* *
* @serial Each element in this set is a * @serial Each element in this set is a
* <code>java.security.Principal</code>. * {@code java.security.Principal}.
* The set is a <code>Subject.SecureSet</code>. * The set is a {@code Subject.SecureSet}.
*/ */
Set<Principal> principals; Set<Principal> principals;
@ -135,21 +135,21 @@ public final class Subject implements java.io.Serializable {
= new ProtectionDomain[0]; = new ProtectionDomain[0];
/** /**
* Create an instance of a <code>Subject</code> * Create an instance of a {@code Subject}
* with an empty <code>Set</code> of Principals and empty * with an empty {@code Set} of Principals and empty
* Sets of public and private credentials. * Sets of public and private credentials.
* *
* <p> The newly constructed Sets check whether this <code>Subject</code> * <p> The newly constructed Sets check whether this {@code Subject}
* has been set read-only before permitting subsequent modifications. * has been set read-only before permitting subsequent modifications.
* The newly created Sets also prevent illegal modifications * The newly created Sets also prevent illegal modifications
* by ensuring that callers have sufficient permissions. * by ensuring that callers have sufficient permissions.
* *
* <p> To modify the Principals Set, the caller must have * <p> To modify the Principals Set, the caller must have
* <code>AuthPermission("modifyPrincipals")</code>. * {@code AuthPermission("modifyPrincipals")}.
* To modify the public credential Set, the caller must have * To modify the public credential Set, the caller must have
* <code>AuthPermission("modifyPublicCredentials")</code>. * {@code AuthPermission("modifyPublicCredentials")}.
* To modify the private credential Set, the caller must have * To modify the private credential Set, the caller must have
* <code>AuthPermission("modifyPrivateCredentials")</code>. * {@code AuthPermission("modifyPrivateCredentials")}.
*/ */
public Subject() { public Subject() {
@ -162,39 +162,39 @@ public final class Subject implements java.io.Serializable {
} }
/** /**
* Create an instance of a <code>Subject</code> with * Create an instance of a {@code Subject} with
* Principals and credentials. * Principals and credentials.
* *
* <p> The Principals and credentials from the specified Sets * <p> The Principals and credentials from the specified Sets
* are copied into newly constructed Sets. * are copied into newly constructed Sets.
* These newly created Sets check whether this <code>Subject</code> * These newly created Sets check whether this {@code Subject}
* has been set read-only before permitting subsequent modifications. * has been set read-only before permitting subsequent modifications.
* The newly created Sets also prevent illegal modifications * The newly created Sets also prevent illegal modifications
* by ensuring that callers have sufficient permissions. * by ensuring that callers have sufficient permissions.
* *
* <p> To modify the Principals Set, the caller must have * <p> To modify the Principals Set, the caller must have
* <code>AuthPermission("modifyPrincipals")</code>. * {@code AuthPermission("modifyPrincipals")}.
* To modify the public credential Set, the caller must have * To modify the public credential Set, the caller must have
* <code>AuthPermission("modifyPublicCredentials")</code>. * {@code AuthPermission("modifyPublicCredentials")}.
* To modify the private credential Set, the caller must have * To modify the private credential Set, the caller must have
* <code>AuthPermission("modifyPrivateCredentials")</code>. * {@code AuthPermission("modifyPrivateCredentials")}.
* <p> * <p>
* *
* @param readOnly true if the <code>Subject</code> is to be read-only, * @param readOnly true if the {@code Subject} is to be read-only,
* and false otherwise. <p> * and false otherwise. <p>
* *
* @param principals the <code>Set</code> of Principals * @param principals the {@code Set} of Principals
* to be associated with this <code>Subject</code>. <p> * to be associated with this {@code Subject}. <p>
* *
* @param pubCredentials the <code>Set</code> of public credentials * @param pubCredentials the {@code Set} of public credentials
* to be associated with this <code>Subject</code>. <p> * to be associated with this {@code Subject}. <p>
* *
* @param privCredentials the <code>Set</code> of private credentials * @param privCredentials the {@code Set} of private credentials
* to be associated with this <code>Subject</code>. * to be associated with this {@code Subject}.
* *
* @exception NullPointerException if the specified * @exception NullPointerException if the specified
* <code>principals</code>, <code>pubCredentials</code>, * {@code principals}, {@code pubCredentials},
* or <code>privCredentials</code> are <code>null</code>. * or {@code privCredentials} are {@code null}.
*/ */
public Subject(boolean readOnly, Set<? extends Principal> principals, public Subject(boolean readOnly, Set<? extends Principal> principals,
Set<?> pubCredentials, Set<?> privCredentials) Set<?> pubCredentials, Set<?> privCredentials)
@ -216,24 +216,24 @@ public final class Subject implements java.io.Serializable {
} }
/** /**
* Set this <code>Subject</code> to be read-only. * Set this {@code Subject} to be read-only.
* *
* <p> Modifications (additions and removals) to this Subject's * <p> Modifications (additions and removals) to this Subject's
* <code>Principal</code> <code>Set</code> and * {@code Principal} {@code Set} and
* credential Sets will be disallowed. * credential Sets will be disallowed.
* The <code>destroy</code> operation on this Subject's credentials will * The {@code destroy} operation on this Subject's credentials will
* still be permitted. * still be permitted.
* *
* <p> Subsequent attempts to modify the Subject's <code>Principal</code> * <p> Subsequent attempts to modify the Subject's {@code Principal}
* and credential Sets will result in an * and credential Sets will result in an
* <code>IllegalStateException</code> being thrown. * {@code IllegalStateException} being thrown.
* Also, once a <code>Subject</code> is read-only, * Also, once a {@code Subject} is read-only,
* it can not be reset to being writable again. * it can not be reset to being writable again.
* *
* <p> * <p>
* *
* @exception SecurityException if the caller does not have permission * @exception SecurityException if the caller does not have permission
* to set this <code>Subject</code> to be read-only. * to set this {@code Subject} to be read-only.
*/ */
public void setReadOnly() { public void setReadOnly() {
java.lang.SecurityManager sm = System.getSecurityManager(); java.lang.SecurityManager sm = System.getSecurityManager();
@ -245,40 +245,40 @@ public final class Subject implements java.io.Serializable {
} }
/** /**
* Query whether this <code>Subject</code> is read-only. * Query whether this {@code Subject} is read-only.
* *
* <p> * <p>
* *
* @return true if this <code>Subject</code> is read-only, false otherwise. * @return true if this {@code Subject} is read-only, false otherwise.
*/ */
public boolean isReadOnly() { public boolean isReadOnly() {
return this.readOnly; return this.readOnly;
} }
/** /**
* Get the <code>Subject</code> associated with the provided * Get the {@code Subject} associated with the provided
* <code>AccessControlContext</code>. * {@code AccessControlContext}.
* *
* <p> The <code>AccessControlContext</code> may contain many * <p> The {@code AccessControlContext} may contain many
* Subjects (from nested <code>doAs</code> calls). * Subjects (from nested {@code doAs} calls).
* In this situation, the most recent <code>Subject</code> associated * In this situation, the most recent {@code Subject} associated
* with the <code>AccessControlContext</code> is returned. * with the {@code AccessControlContext} is returned.
* *
* <p> * <p>
* *
* @param acc the <code>AccessControlContext</code> from which to retrieve * @param acc the {@code AccessControlContext} from which to retrieve
* the <code>Subject</code>. * the {@code Subject}.
* *
* @return the <code>Subject</code> associated with the provided * @return the {@code Subject} associated with the provided
* <code>AccessControlContext</code>, or <code>null</code> * {@code AccessControlContext}, or {@code null}
* if no <code>Subject</code> is associated * if no {@code Subject} is associated
* with the provided <code>AccessControlContext</code>. * with the provided {@code AccessControlContext}.
* *
* @exception SecurityException if the caller does not have permission * @exception SecurityException if the caller does not have permission
* to get the <code>Subject</code>. <p> * to get the {@code Subject}. <p>
* *
* @exception NullPointerException if the provided * @exception NullPointerException if the provided
* <code>AccessControlContext</code> is <code>null</code>. * {@code AccessControlContext} is {@code null}.
*/ */
public static Subject getSubject(final AccessControlContext acc) { public static Subject getSubject(final AccessControlContext acc) {
@ -306,36 +306,36 @@ public final class Subject implements java.io.Serializable {
} }
/** /**
* Perform work as a particular <code>Subject</code>. * Perform work as a particular {@code Subject}.
* *
* <p> This method first retrieves the current Thread's * <p> This method first retrieves the current Thread's
* <code>AccessControlContext</code> via * {@code AccessControlContext} via
* <code>AccessController.getContext</code>, * {@code AccessController.getContext},
* and then instantiates a new <code>AccessControlContext</code> * and then instantiates a new {@code AccessControlContext}
* using the retrieved context along with a new * using the retrieved context along with a new
* <code>SubjectDomainCombiner</code> (constructed using * {@code SubjectDomainCombiner} (constructed using
* the provided <code>Subject</code>). * the provided {@code Subject}).
* Finally, this method invokes <code>AccessController.doPrivileged</code>, * Finally, this method invokes {@code AccessController.doPrivileged},
* passing it the provided <code>PrivilegedAction</code>, * passing it the provided {@code PrivilegedAction},
* as well as the newly constructed <code>AccessControlContext</code>. * as well as the newly constructed {@code AccessControlContext}.
* *
* <p> * <p>
* *
* @param subject the <code>Subject</code> that the specified * @param subject the {@code Subject} that the specified
* <code>action</code> will run as. This parameter * {@code action} will run as. This parameter
* may be <code>null</code>. <p> * may be {@code null}. <p>
* *
* @param <T> the type of the value returned by the PrivilegedAction's * @param <T> the type of the value returned by the PrivilegedAction's
* {@code run} method. * {@code run} method.
* *
* @param action the code to be run as the specified * @param action the code to be run as the specified
* <code>Subject</code>. <p> * {@code Subject}. <p>
* *
* @return the value returned by the PrivilegedAction's * @return the value returned by the PrivilegedAction's
* <code>run</code> method. * {@code run} method.
* *
* @exception NullPointerException if the <code>PrivilegedAction</code> * @exception NullPointerException if the {@code PrivilegedAction}
* is <code>null</code>. <p> * is {@code null}. <p>
* *
* @exception SecurityException if the caller does not have permission * @exception SecurityException if the caller does not have permission
* to invoke this method. * to invoke this method.
@ -362,41 +362,41 @@ public final class Subject implements java.io.Serializable {
} }
/** /**
* Perform work as a particular <code>Subject</code>. * Perform work as a particular {@code Subject}.
* *
* <p> This method first retrieves the current Thread's * <p> This method first retrieves the current Thread's
* <code>AccessControlContext</code> via * {@code AccessControlContext} via
* <code>AccessController.getContext</code>, * {@code AccessController.getContext},
* and then instantiates a new <code>AccessControlContext</code> * and then instantiates a new {@code AccessControlContext}
* using the retrieved context along with a new * using the retrieved context along with a new
* <code>SubjectDomainCombiner</code> (constructed using * {@code SubjectDomainCombiner} (constructed using
* the provided <code>Subject</code>). * the provided {@code Subject}).
* Finally, this method invokes <code>AccessController.doPrivileged</code>, * Finally, this method invokes {@code AccessController.doPrivileged},
* passing it the provided <code>PrivilegedExceptionAction</code>, * passing it the provided {@code PrivilegedExceptionAction},
* as well as the newly constructed <code>AccessControlContext</code>. * as well as the newly constructed {@code AccessControlContext}.
* *
* <p> * <p>
* *
* @param subject the <code>Subject</code> that the specified * @param subject the {@code Subject} that the specified
* <code>action</code> will run as. This parameter * {@code action} will run as. This parameter
* may be <code>null</code>. <p> * may be {@code null}. <p>
* *
* @param <T> the type of the value returned by the * @param <T> the type of the value returned by the
* PrivilegedExceptionAction's {@code run} method. * PrivilegedExceptionAction's {@code run} method.
* *
* @param action the code to be run as the specified * @param action the code to be run as the specified
* <code>Subject</code>. <p> * {@code Subject}. <p>
* *
* @return the value returned by the * @return the value returned by the
* PrivilegedExceptionAction's <code>run</code> method. * PrivilegedExceptionAction's {@code run} method.
* *
* @exception PrivilegedActionException if the * @exception PrivilegedActionException if the
* <code>PrivilegedExceptionAction.run</code> * {@code PrivilegedExceptionAction.run}
* method throws a checked exception. <p> * method throws a checked exception. <p>
* *
* @exception NullPointerException if the specified * @exception NullPointerException if the specified
* <code>PrivilegedExceptionAction</code> is * {@code PrivilegedExceptionAction} is
* <code>null</code>. <p> * {@code null}. <p>
* *
* @exception SecurityException if the caller does not have permission * @exception SecurityException if the caller does not have permission
* to invoke this method. * to invoke this method.
@ -424,36 +424,36 @@ public final class Subject implements java.io.Serializable {
} }
/** /**
* Perform privileged work as a particular <code>Subject</code>. * Perform privileged work as a particular {@code Subject}.
* *
* <p> This method behaves exactly as <code>Subject.doAs</code>, * <p> This method behaves exactly as {@code Subject.doAs},
* except that instead of retrieving the current Thread's * except that instead of retrieving the current Thread's
* <code>AccessControlContext</code>, it uses the provided * {@code AccessControlContext}, it uses the provided
* <code>AccessControlContext</code>. If the provided * {@code AccessControlContext}. If the provided
* <code>AccessControlContext</code> is <code>null</code>, * {@code AccessControlContext} is {@code null},
* this method instantiates a new <code>AccessControlContext</code> * this method instantiates a new {@code AccessControlContext}
* with an empty collection of ProtectionDomains. * with an empty collection of ProtectionDomains.
* *
* <p> * <p>
* *
* @param subject the <code>Subject</code> that the specified * @param subject the {@code Subject} that the specified
* <code>action</code> will run as. This parameter * {@code action} will run as. This parameter
* may be <code>null</code>. <p> * may be {@code null}. <p>
* *
* @param <T> the type of the value returned by the PrivilegedAction's * @param <T> the type of the value returned by the PrivilegedAction's
* {@code run} method. * {@code run} method.
* *
* @param action the code to be run as the specified * @param action the code to be run as the specified
* <code>Subject</code>. <p> * {@code Subject}. <p>
* *
* @param acc the <code>AccessControlContext</code> to be tied to the * @param acc the {@code AccessControlContext} to be tied to the
* specified <i>subject</i> and <i>action</i>. <p> * specified <i>subject</i> and <i>action</i>. <p>
* *
* @return the value returned by the PrivilegedAction's * @return the value returned by the PrivilegedAction's
* <code>run</code> method. * {@code run} method.
* *
* @exception NullPointerException if the <code>PrivilegedAction</code> * @exception NullPointerException if the {@code PrivilegedAction}
* is <code>null</code>. <p> * is {@code null}. <p>
* *
* @exception SecurityException if the caller does not have permission * @exception SecurityException if the caller does not have permission
* to invoke this method. * to invoke this method.
@ -485,41 +485,41 @@ public final class Subject implements java.io.Serializable {
} }
/** /**
* Perform privileged work as a particular <code>Subject</code>. * Perform privileged work as a particular {@code Subject}.
* *
* <p> This method behaves exactly as <code>Subject.doAs</code>, * <p> This method behaves exactly as {@code Subject.doAs},
* except that instead of retrieving the current Thread's * except that instead of retrieving the current Thread's
* <code>AccessControlContext</code>, it uses the provided * {@code AccessControlContext}, it uses the provided
* <code>AccessControlContext</code>. If the provided * {@code AccessControlContext}. If the provided
* <code>AccessControlContext</code> is <code>null</code>, * {@code AccessControlContext} is {@code null},
* this method instantiates a new <code>AccessControlContext</code> * this method instantiates a new {@code AccessControlContext}
* with an empty collection of ProtectionDomains. * with an empty collection of ProtectionDomains.
* *
* <p> * <p>
* *
* @param subject the <code>Subject</code> that the specified * @param subject the {@code Subject} that the specified
* <code>action</code> will run as. This parameter * {@code action} will run as. This parameter
* may be <code>null</code>. <p> * may be {@code null}. <p>
* *
* @param <T> the type of the value returned by the * @param <T> the type of the value returned by the
* PrivilegedExceptionAction's {@code run} method. * PrivilegedExceptionAction's {@code run} method.
* *
* @param action the code to be run as the specified * @param action the code to be run as the specified
* <code>Subject</code>. <p> * {@code Subject}. <p>
* *
* @param acc the <code>AccessControlContext</code> to be tied to the * @param acc the {@code AccessControlContext} to be tied to the
* specified <i>subject</i> and <i>action</i>. <p> * specified <i>subject</i> and <i>action</i>. <p>
* *
* @return the value returned by the * @return the value returned by the
* PrivilegedExceptionAction's <code>run</code> method. * PrivilegedExceptionAction's {@code run} method.
* *
* @exception PrivilegedActionException if the * @exception PrivilegedActionException if the
* <code>PrivilegedExceptionAction.run</code> * {@code PrivilegedExceptionAction.run}
* method throws a checked exception. <p> * method throws a checked exception. <p>
* *
* @exception NullPointerException if the specified * @exception NullPointerException if the specified
* <code>PrivilegedExceptionAction</code> is * {@code PrivilegedExceptionAction} is
* <code>null</code>. <p> * {@code null}. <p>
* *
* @exception SecurityException if the caller does not have permission * @exception SecurityException if the caller does not have permission
* to invoke this method. * to invoke this method.
@ -568,19 +568,19 @@ public final class Subject implements java.io.Serializable {
} }
/** /**
* Return the <code>Set</code> of Principals associated with this * Return the {@code Set} of Principals associated with this
* <code>Subject</code>. Each <code>Principal</code> represents * {@code Subject}. Each {@code Principal} represents
* an identity for this <code>Subject</code>. * an identity for this {@code Subject}.
* *
* <p> The returned <code>Set</code> is backed by this Subject's * <p> The returned {@code Set} is backed by this Subject's
* internal <code>Principal</code> <code>Set</code>. Any modification * internal {@code Principal} {@code Set}. Any modification
* to the returned <code>Set</code> affects the internal * to the returned {@code Set} affects the internal
* <code>Principal</code> <code>Set</code> as well. * {@code Principal} {@code Set} as well.
* *
* <p> * <p>
* *
* @return The <code>Set</code> of Principals associated with this * @return The {@code Set} of Principals associated with this
* <code>Subject</code>. * {@code Subject}.
*/ */
public Set<Principal> getPrincipals() { public Set<Principal> getPrincipals() {
@ -590,28 +590,28 @@ public final class Subject implements java.io.Serializable {
} }
/** /**
* Return a <code>Set</code> of Principals associated with this * Return a {@code Set} of Principals associated with this
* <code>Subject</code> that are instances or subclasses of the specified * {@code Subject} that are instances or subclasses of the specified
* <code>Class</code>. * {@code Class}.
* *
* <p> The returned <code>Set</code> is not backed by this Subject's * <p> The returned {@code Set} is not backed by this Subject's
* internal <code>Principal</code> <code>Set</code>. A new * internal {@code Principal} {@code Set}. A new
* <code>Set</code> is created and returned for each method invocation. * {@code Set} is created and returned for each method invocation.
* Modifications to the returned <code>Set</code> * Modifications to the returned {@code Set}
* will not affect the internal <code>Principal</code> <code>Set</code>. * will not affect the internal {@code Principal} {@code Set}.
* *
* <p> * <p>
* *
* @param <T> the type of the class modeled by {@code c} * @param <T> the type of the class modeled by {@code c}
* *
* @param c the returned <code>Set</code> of Principals will all be * @param c the returned {@code Set} of Principals will all be
* instances of this class. * instances of this class.
* *
* @return a <code>Set</code> of Principals that are instances of the * @return a {@code Set} of Principals that are instances of the
* specified <code>Class</code>. * specified {@code Class}.
* *
* @exception NullPointerException if the specified <code>Class</code> * @exception NullPointerException if the specified {@code Class}
* is <code>null</code>. * is {@code null}.
*/ */
public <T extends Principal> Set<T> getPrincipals(Class<T> c) { public <T extends Principal> Set<T> getPrincipals(Class<T> c) {
@ -625,18 +625,18 @@ public final class Subject implements java.io.Serializable {
} }
/** /**
* Return the <code>Set</code> of public credentials held by this * Return the {@code Set} of public credentials held by this
* <code>Subject</code>. * {@code Subject}.
* *
* <p> The returned <code>Set</code> is backed by this Subject's * <p> The returned {@code Set} is backed by this Subject's
* internal public Credential <code>Set</code>. Any modification * internal public Credential {@code Set}. Any modification
* to the returned <code>Set</code> affects the internal public * to the returned {@code Set} affects the internal public
* Credential <code>Set</code> as well. * Credential {@code Set} as well.
* *
* <p> * <p>
* *
* @return A <code>Set</code> of public credentials held by this * @return A {@code Set} of public credentials held by this
* <code>Subject</code>. * {@code Subject}.
*/ */
public Set<Object> getPublicCredentials() { public Set<Object> getPublicCredentials() {
@ -646,29 +646,29 @@ public final class Subject implements java.io.Serializable {
} }
/** /**
* Return the <code>Set</code> of private credentials held by this * Return the {@code Set} of private credentials held by this
* <code>Subject</code>. * {@code Subject}.
* *
* <p> The returned <code>Set</code> is backed by this Subject's * <p> The returned {@code Set} is backed by this Subject's
* internal private Credential <code>Set</code>. Any modification * internal private Credential {@code Set}. Any modification
* to the returned <code>Set</code> affects the internal private * to the returned {@code Set} affects the internal private
* Credential <code>Set</code> as well. * Credential {@code Set} as well.
* *
* <p> A caller requires permissions to access the Credentials * <p> A caller requires permissions to access the Credentials
* in the returned <code>Set</code>, or to modify the * in the returned {@code Set}, or to modify the
* <code>Set</code> itself. A <code>SecurityException</code> * {@code Set} itself. A {@code SecurityException}
* is thrown if the caller does not have the proper permissions. * is thrown if the caller does not have the proper permissions.
* *
* <p> While iterating through the <code>Set</code>, * <p> While iterating through the {@code Set},
* a <code>SecurityException</code> is thrown * a {@code SecurityException} is thrown
* if the caller does not have permission to access a * if the caller does not have permission to access a
* particular Credential. The <code>Iterator</code> * particular Credential. The {@code Iterator}
* is nevertheless advanced to next element in the <code>Set</code>. * is nevertheless advanced to next element in the {@code Set}.
* *
* <p> * <p>
* *
* @return A <code>Set</code> of private credentials held by this * @return A {@code Set} of private credentials held by this
* <code>Subject</code>. * {@code Subject}.
*/ */
public Set<Object> getPrivateCredentials() { public Set<Object> getPrivateCredentials() {
@ -686,28 +686,28 @@ public final class Subject implements java.io.Serializable {
} }
/** /**
* Return a <code>Set</code> of public credentials associated with this * Return a {@code Set} of public credentials associated with this
* <code>Subject</code> that are instances or subclasses of the specified * {@code Subject} that are instances or subclasses of the specified
* <code>Class</code>. * {@code Class}.
* *
* <p> The returned <code>Set</code> is not backed by this Subject's * <p> The returned {@code Set} is not backed by this Subject's
* internal public Credential <code>Set</code>. A new * internal public Credential {@code Set}. A new
* <code>Set</code> is created and returned for each method invocation. * {@code Set} is created and returned for each method invocation.
* Modifications to the returned <code>Set</code> * Modifications to the returned {@code Set}
* will not affect the internal public Credential <code>Set</code>. * will not affect the internal public Credential {@code Set}.
* *
* <p> * <p>
* *
* @param <T> the type of the class modeled by {@code c} * @param <T> the type of the class modeled by {@code c}
* *
* @param c the returned <code>Set</code> of public credentials will all be * @param c the returned {@code Set} of public credentials will all be
* instances of this class. * instances of this class.
* *
* @return a <code>Set</code> of public credentials that are instances * @return a {@code Set} of public credentials that are instances
* of the specified <code>Class</code>. * of the specified {@code Class}.
* *
* @exception NullPointerException if the specified <code>Class</code> * @exception NullPointerException if the specified {@code Class}
* is <code>null</code>. * is {@code null}.
*/ */
public <T> Set<T> getPublicCredentials(Class<T> c) { public <T> Set<T> getPublicCredentials(Class<T> c) {
@ -721,32 +721,32 @@ public final class Subject implements java.io.Serializable {
} }
/** /**
* Return a <code>Set</code> of private credentials associated with this * Return a {@code Set} of private credentials associated with this
* <code>Subject</code> that are instances or subclasses of the specified * {@code Subject} that are instances or subclasses of the specified
* <code>Class</code>. * {@code Class}.
* *
* <p> The caller must have permission to access all of the * <p> The caller must have permission to access all of the
* requested Credentials, or a <code>SecurityException</code> * requested Credentials, or a {@code SecurityException}
* will be thrown. * will be thrown.
* *
* <p> The returned <code>Set</code> is not backed by this Subject's * <p> The returned {@code Set} is not backed by this Subject's
* internal private Credential <code>Set</code>. A new * internal private Credential {@code Set}. A new
* <code>Set</code> is created and returned for each method invocation. * {@code Set} is created and returned for each method invocation.
* Modifications to the returned <code>Set</code> * Modifications to the returned {@code Set}
* will not affect the internal private Credential <code>Set</code>. * will not affect the internal private Credential {@code Set}.
* *
* <p> * <p>
* *
* @param <T> the type of the class modeled by {@code c} * @param <T> the type of the class modeled by {@code c}
* *
* @param c the returned <code>Set</code> of private credentials will all be * @param c the returned {@code Set} of private credentials will all be
* instances of this class. * instances of this class.
* *
* @return a <code>Set</code> of private credentials that are instances * @return a {@code Set} of private credentials that are instances
* of the specified <code>Class</code>. * of the specified {@code Class}.
* *
* @exception NullPointerException if the specified <code>Class</code> * @exception NullPointerException if the specified {@code Class}
* is <code>null</code>. * is {@code null}.
*/ */
public <T> Set<T> getPrivateCredentials(Class<T> c) { public <T> Set<T> getPrivateCredentials(Class<T> c) {
@ -768,25 +768,25 @@ public final class Subject implements java.io.Serializable {
} }
/** /**
* Compares the specified Object with this <code>Subject</code> * Compares the specified Object with this {@code Subject}
* for equality. Returns true if the given object is also a Subject * for equality. Returns true if the given object is also a Subject
* and the two <code>Subject</code> instances are equivalent. * and the two {@code Subject} instances are equivalent.
* More formally, two <code>Subject</code> instances are * More formally, two {@code Subject} instances are
* equal if their <code>Principal</code> and <code>Credential</code> * equal if their {@code Principal} and {@code Credential}
* Sets are equal. * Sets are equal.
* *
* <p> * <p>
* *
* @param o Object to be compared for equality with this * @param o Object to be compared for equality with this
* <code>Subject</code>. * {@code Subject}.
* *
* @return true if the specified Object is equal to this * @return true if the specified Object is equal to this
* <code>Subject</code>. * {@code Subject}.
* *
* @exception SecurityException if the caller does not have permission * @exception SecurityException if the caller does not have permission
* to access the private credentials for this <code>Subject</code>, * to access the private credentials for this {@code Subject},
* or if the caller does not have permission to access the * or if the caller does not have permission to access the
* private credentials for the provided <code>Subject</code>. * private credentials for the provided {@code Subject}.
*/ */
public boolean equals(Object o) { public boolean equals(Object o) {
@ -833,11 +833,11 @@ public final class Subject implements java.io.Serializable {
} }
/** /**
* Return the String representation of this <code>Subject</code>. * Return the String representation of this {@code Subject}.
* *
* <p> * <p>
* *
* @return the String representation of this <code>Subject</code>. * @return the String representation of this {@code Subject}.
*/ */
public String toString() { public String toString() {
return toString(true); return toString(true);
@ -894,11 +894,11 @@ public final class Subject implements java.io.Serializable {
} }
/** /**
* Returns a hashcode for this <code>Subject</code>. * Returns a hashcode for this {@code Subject}.
* *
* <p> * <p>
* *
* @return a hashcode for this <code>Subject</code>. * @return a hashcode for this {@code Subject}.
* *
* @exception SecurityException if the caller does not have permission * @exception SecurityException if the caller does not have permission
* to access this Subject's private credentials. * to access this Subject's private credentials.
@ -910,10 +910,10 @@ public final class Subject implements java.io.Serializable {
* hashcodes of this Subject's Principals and credentials. * hashcodes of this Subject's Principals and credentials.
* *
* If a particular credential was destroyed * If a particular credential was destroyed
* (<code>credential.hashCode()</code> throws an * ({@code credential.hashCode()} throws an
* <code>IllegalStateException</code>), * {@code IllegalStateException}),
* the hashcode for that credential is derived via: * the hashcode for that credential is derived via:
* <code>credential.getClass().toString().hashCode()</code>. * {@code credential.getClass().toString().hashCode()}.
*/ */
int hashCode = 0; int hashCode = 0;
@ -964,7 +964,7 @@ public final class Subject implements java.io.Serializable {
s.defaultReadObject(); s.defaultReadObject();
// The Credential <code>Set</code> is not serialized, but we do not // The Credential {@code Set} is not serialized, but we do not
// want the default deserialization routine to set it to null. // want the default deserialization routine to set it to null.
this.pubCredentials = Collections.synchronizedSet this.pubCredentials = Collections.synchronizedSet
(new SecureSet<Object>(this, PUB_CREDENTIAL_SET)); (new SecureSet<Object>(this, PUB_CREDENTIAL_SET));
@ -998,13 +998,13 @@ public final class Subject implements java.io.Serializable {
/** /**
* @serial An integer identifying the type of objects contained * @serial An integer identifying the type of objects contained
* in this set. If <code>which == 1</code>, * in this set. If {@code which == 1},
* this is a Principal set and all the elements are * this is a Principal set and all the elements are
* of type <code>java.security.Principal</code>. * of type {@code java.security.Principal}.
* If <code>which == 2</code>, this is a public credential * If {@code which == 2}, this is a public credential
* set and all the elements are of type <code>Object</code>. * set and all the elements are of type {@code Object}.
* If <code>which == 3</code>, this is a private credential * If {@code which == 3}, this is a private credential
* set and all the elements are of type <code>Object</code>. * set and all the elements are of type {@code Object}.
*/ */
private int which; private int which;
@ -1321,7 +1321,7 @@ public final class Subject implements java.io.Serializable {
} }
/** /**
* This class implements a <code>Set</code> which returns only * This class implements a {@code Set} which returns only
* members that are an instance of a specified Class. * members that are an instance of a specified Class.
*/ */
private class ClassSet<T> extends AbstractSet<T> { private class ClassSet<T> extends AbstractSet<T> {

62
jdk/src/share/classes/javax/security/auth/SubjectDomainCombiner.java
View file

@ -1,5 +1,5 @@
/* /*
* Copyright (c) 1999, 2011, Oracle and/or its affiliates. All rights reserved. * Copyright (c) 1999, 2013, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
* *
* This code is free software; you can redistribute it and/or modify it * This code is free software; you can redistribute it and/or modify it
@ -39,9 +39,9 @@ import java.util.WeakHashMap;
import java.lang.ref.WeakReference; import java.lang.ref.WeakReference;
/** /**
* A <code>SubjectDomainCombiner</code> updates ProtectionDomains * A {@code SubjectDomainCombiner} updates ProtectionDomains
* with Principals from the <code>Subject</code> associated with this * with Principals from the {@code Subject} associated with this
* <code>SubjectDomainCombiner</code>. * {@code SubjectDomainCombiner}.
* *
*/ */
public class SubjectDomainCombiner implements java.security.DomainCombiner { public class SubjectDomainCombiner implements java.security.DomainCombiner {
@ -66,13 +66,13 @@ public class SubjectDomainCombiner implements java.security.DomainCombiner {
(useJavaxPolicy && cachePolicy()); (useJavaxPolicy && cachePolicy());
/** /**
* Associate the provided <code>Subject</code> with this * Associate the provided {@code Subject} with this
* <code>SubjectDomainCombiner</code>. * {@code SubjectDomainCombiner}.
* *
* <p> * <p>
* *
* @param subject the <code>Subject</code> to be associated with * @param subject the {@code Subject} to be associated with
* with this <code>SubjectDomainCombiner</code>. * with this {@code SubjectDomainCombiner}.
*/ */
public SubjectDomainCombiner(Subject subject) { public SubjectDomainCombiner(Subject subject) {
this.subject = subject; this.subject = subject;
@ -85,19 +85,19 @@ public class SubjectDomainCombiner implements java.security.DomainCombiner {
} }
/** /**
* Get the <code>Subject</code> associated with this * Get the {@code Subject} associated with this
* <code>SubjectDomainCombiner</code>. * {@code SubjectDomainCombiner}.
* *
* <p> * <p>
* *
* @return the <code>Subject</code> associated with this * @return the {@code Subject} associated with this
* <code>SubjectDomainCombiner</code>, or <code>null</code> * {@code SubjectDomainCombiner}, or {@code null}
* if no <code>Subject</code> is associated with this * if no {@code Subject} is associated with this
* <code>SubjectDomainCombiner</code>. * {@code SubjectDomainCombiner}.
* *
* @exception SecurityException if the caller does not have permission * @exception SecurityException if the caller does not have permission
* to get the <code>Subject</code> associated with this * to get the {@code Subject} associated with this
* <code>SubjectDomainCombiner</code>. * {@code SubjectDomainCombiner}.
*/ */
public Subject getSubject() { public Subject getSubject() {
java.lang.SecurityManager sm = System.getSecurityManager(); java.lang.SecurityManager sm = System.getSecurityManager();
@ -110,18 +110,18 @@ public class SubjectDomainCombiner implements java.security.DomainCombiner {
/** /**
* Update the relevant ProtectionDomains with the Principals * Update the relevant ProtectionDomains with the Principals
* from the <code>Subject</code> associated with this * from the {@code Subject} associated with this
* <code>SubjectDomainCombiner</code>. * {@code SubjectDomainCombiner}.
* *
* <p> A new <code>ProtectionDomain</code> instance is created * <p> A new {@code ProtectionDomain} instance is created
* for each <code>ProtectionDomain</code> in the * for each {@code ProtectionDomain} in the
* <i>currentDomains</i> array. Each new <code>ProtectionDomain</code> * <i>currentDomains</i> array. Each new {@code ProtectionDomain}
* instance is created using the <code>CodeSource</code>, * instance is created using the {@code CodeSource},
* <code>Permission</code>s and <code>ClassLoader</code> * {@code Permission}s and {@code ClassLoader}
* from the corresponding <code>ProtectionDomain</code> in * from the corresponding {@code ProtectionDomain} in
* <i>currentDomains</i>, as well as with the Principals from * <i>currentDomains</i>, as well as with the Principals from
* the <code>Subject</code> associated with this * the {@code Subject} associated with this
* <code>SubjectDomainCombiner</code>. * {@code SubjectDomainCombiner}.
* *
* <p> All of the newly instantiated ProtectionDomains are * <p> All of the newly instantiated ProtectionDomains are
* combined into a new array. The ProtectionDomains from the * combined into a new array. The ProtectionDomains from the
@ -136,23 +136,23 @@ public class SubjectDomainCombiner implements java.security.DomainCombiner {
* *
* @param currentDomains the ProtectionDomains associated with the * @param currentDomains the ProtectionDomains associated with the
* current execution Thread, up to the most recent * current execution Thread, up to the most recent
* privileged <code>ProtectionDomain</code>. * privileged {@code ProtectionDomain}.
* The ProtectionDomains are are listed in order of execution, * The ProtectionDomains are are listed in order of execution,
* with the most recently executing <code>ProtectionDomain</code> * with the most recently executing {@code ProtectionDomain}
* residing at the beginning of the array. This parameter may * residing at the beginning of the array. This parameter may
* be <code>null</code> if the current execution Thread * be {@code null} if the current execution Thread
* has no associated ProtectionDomains.<p> * has no associated ProtectionDomains.<p>
* *
* @param assignedDomains the ProtectionDomains inherited from the * @param assignedDomains the ProtectionDomains inherited from the
* parent Thread, or the ProtectionDomains from the * parent Thread, or the ProtectionDomains from the
* privileged <i>context</i>, if a call to * privileged <i>context</i>, if a call to
* AccessController.doPrivileged(..., <i>context</i>) * AccessController.doPrivileged(..., <i>context</i>)
* had occurred This parameter may be <code>null</code> * had occurred This parameter may be {@code null}
* if there were no ProtectionDomains inherited from the * if there were no ProtectionDomains inherited from the
* parent Thread, or from the privileged <i>context</i>. * parent Thread, or from the privileged <i>context</i>.
* *
* @return a new array consisting of the updated ProtectionDomains, * @return a new array consisting of the updated ProtectionDomains,
* or <code>null</code>. * or {@code null}.
*/ */
public ProtectionDomain[] combine(ProtectionDomain[] currentDomains, public ProtectionDomain[] combine(ProtectionDomain[] currentDomains,
ProtectionDomain[] assignedDomains) { ProtectionDomain[] assignedDomains) {

8
jdk/src/share/classes/javax/security/auth/callback/Callback.java
View file

@ -1,5 +1,5 @@
/* /*
* Copyright (c) 1999, Oracle and/or its affiliates. All rights reserved. * Copyright (c) 1999, 2013, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
* *
* This code is free software; you can redistribute it and/or modify it * This code is free software; you can redistribute it and/or modify it
@ -28,14 +28,14 @@ package javax.security.auth.callback;
/** /**
* <p> Implementations of this interface are passed to a * <p> Implementations of this interface are passed to a
* <code>CallbackHandler</code>, allowing underlying security services * {@code CallbackHandler}, allowing underlying security services
* the ability to interact with a calling application to retrieve specific * the ability to interact with a calling application to retrieve specific
* authentication data such as usernames and passwords, or to display * authentication data such as usernames and passwords, or to display
* certain information, such as error and warning messages. * certain information, such as error and warning messages.
* *
* <p> <code>Callback</code> implementations do not retrieve or * <p> {@code Callback} implementations do not retrieve or
* display the information requested by underlying security services. * display the information requested by underlying security services.
* <code>Callback</code> implementations simply provide the means * {@code Callback} implementations simply provide the means
* to pass such requests to applications, and for applications, * to pass such requests to applications, and for applications,
* if appropriate, to return requested information back to the * if appropriate, to return requested information back to the
* underlying security services. * underlying security services.

28
jdk/src/share/classes/javax/security/auth/callback/CallbackHandler.java
View file

@ -1,5 +1,5 @@
/* /*
* Copyright (c) 1999, 2012, Oracle and/or its affiliates. All rights reserved. * Copyright (c) 1999, 2013, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
* *
* This code is free software; you can redistribute it and/or modify it * This code is free software; you can redistribute it and/or modify it
@ -26,7 +26,7 @@
package javax.security.auth.callback; package javax.security.auth.callback;
/** /**
* <p> An application implements a <code>CallbackHandler</code> and passes * <p> An application implements a {@code CallbackHandler} and passes
* it to underlying security services so that they may interact with * it to underlying security services so that they may interact with
* the application to retrieve specific authentication data, * the application to retrieve specific authentication data,
* such as usernames and passwords, or to display certain information, * such as usernames and passwords, or to display certain information,
@ -40,12 +40,12 @@ package javax.security.auth.callback;
* *
* <p> Underlying security services make requests for different types * <p> Underlying security services make requests for different types
* of information by passing individual Callbacks to the * of information by passing individual Callbacks to the
* <code>CallbackHandler</code>. The <code>CallbackHandler</code> * {@code CallbackHandler}. The {@code CallbackHandler}
* implementation decides how to retrieve and display information * implementation decides how to retrieve and display information
* depending on the Callbacks passed to it. For example, * depending on the Callbacks passed to it. For example,
* if the underlying service needs a username and password to * if the underlying service needs a username and password to
* authenticate a user, it uses a <code>NameCallback</code> and * authenticate a user, it uses a {@code NameCallback} and
* <code>PasswordCallback</code>. The <code>CallbackHandler</code> * {@code PasswordCallback}. The {@code CallbackHandler}
* can then choose to prompt for a username and password serially, * can then choose to prompt for a username and password serially,
* or to prompt for both in a single window. * or to prompt for both in a single window.
* *
@ -54,10 +54,10 @@ package javax.security.auth.callback;
* {@code auth.login.defaultCallbackHandler} security property. * {@code auth.login.defaultCallbackHandler} security property.
* *
* <p> If the security property is set to the fully qualified name of a * <p> If the security property is set to the fully qualified name of a
* <code>CallbackHandler</code> implementation class, * {@code CallbackHandler} implementation class,
* then a <code>LoginContext</code> will load the specified * then a {@code LoginContext} will load the specified
* <code>CallbackHandler</code> and pass it to the underlying LoginModules. * {@code CallbackHandler} and pass it to the underlying LoginModules.
* The <code>LoginContext</code> only loads the default handler * The {@code LoginContext} only loads the default handler
* if it was not provided one. * if it was not provided one.
* *
* <p> All default handler implementations must provide a public * <p> All default handler implementations must provide a public
@ -71,11 +71,11 @@ public interface CallbackHandler {
* <p> Retrieve or display the information requested in the * <p> Retrieve or display the information requested in the
* provided Callbacks. * provided Callbacks.
* *
* <p> The <code>handle</code> method implementation checks the * <p> The {@code handle} method implementation checks the
* instance(s) of the <code>Callback</code> object(s) passed in * instance(s) of the {@code Callback} object(s) passed in
* to retrieve or display the requested information. * to retrieve or display the requested information.
* The following example is provided to help demonstrate what an * The following example is provided to help demonstrate what an
* <code>handle</code> method implementation might look like. * {@code handle} method implementation might look like.
* This example code is for guidance only. Many details, * This example code is for guidance only. Many details,
* including proper error handling, are left out for simplicity. * including proper error handling, are left out for simplicity.
* *
@ -135,7 +135,7 @@ public interface CallbackHandler {
* } * }
* }</pre> * }</pre>
* *
* @param callbacks an array of <code>Callback</code> objects provided * @param callbacks an array of {@code Callback} objects provided
* by an underlying security service which contains * by an underlying security service which contains
* the information requested to be retrieved or displayed. * the information requested to be retrieved or displayed.
* *
@ -143,7 +143,7 @@ public interface CallbackHandler {
* *
* @exception UnsupportedCallbackException if the implementation of this * @exception UnsupportedCallbackException if the implementation of this
* method does not support one or more of the Callbacks * method does not support one or more of the Callbacks
* specified in the <code>callbacks</code> parameter. * specified in the {@code callbacks} parameter.
*/ */
void handle(Callback[] callbacks) void handle(Callback[] callbacks)
throws java.io.IOException, UnsupportedCallbackException; throws java.io.IOException, UnsupportedCallbackException;

40
jdk/src/share/classes/javax/security/auth/callback/ChoiceCallback.java
View file

@ -1,5 +1,5 @@
/* /*
* Copyright (c) 1999, 2003, Oracle and/or its affiliates. All rights reserved. * Copyright (c) 1999, 2013, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
* *
* This code is free software; you can redistribute it and/or modify it * This code is free software; you can redistribute it and/or modify it
@ -27,8 +27,8 @@ package javax.security.auth.callback;
/** /**
* <p> Underlying security services instantiate and pass a * <p> Underlying security services instantiate and pass a
* <code>ChoiceCallback</code> to the <code>handle</code> * {@code ChoiceCallback} to the {@code handle}
* method of a <code>CallbackHandler</code> to display a list of choices * method of a {@code CallbackHandler} to display a list of choices
* and to retrieve the selected choice(s). * and to retrieve the selected choice(s).
* *
* @see javax.security.auth.callback.CallbackHandler * @see javax.security.auth.callback.CallbackHandler
@ -60,13 +60,13 @@ public class ChoiceCallback implements Callback, java.io.Serializable {
private boolean multipleSelectionsAllowed; private boolean multipleSelectionsAllowed;
/** /**
* @serial the selected choices, represented as indexes into the * @serial the selected choices, represented as indexes into the
* <code>choices</code> list. * {@code choices} list.
* @since 1.4 * @since 1.4
*/ */
private int[] selections; private int[] selections;
/** /**
* Construct a <code>ChoiceCallback</code> with a prompt, * Construct a {@code ChoiceCallback} with a prompt,
* a list of choices, a default choice, and a boolean specifying * a list of choices, a default choice, and a boolean specifying
* whether or not multiple selections from the list of choices are allowed. * whether or not multiple selections from the list of choices are allowed.
* *
@ -79,21 +79,21 @@ public class ChoiceCallback implements Callback, java.io.Serializable {
* @param defaultChoice the choice to be used as the default choice * @param defaultChoice the choice to be used as the default choice
* when the list of choices are displayed. This value * when the list of choices are displayed. This value
* is represented as an index into the * is represented as an index into the
* <code>choices</code> array. <p> * {@code choices} array. <p>
* *
* @param multipleSelectionsAllowed boolean specifying whether or * @param multipleSelectionsAllowed boolean specifying whether or
* not multiple selections can be made from the * not multiple selections can be made from the
* list of choices. * list of choices.
* *
* @exception IllegalArgumentException if <code>prompt</code> is null, * @exception IllegalArgumentException if {@code prompt} is null,
* if <code>prompt</code> has a length of 0, * if {@code prompt} has a length of 0,
* if <code>choices</code> is null, * if {@code choices} is null,
* if <code>choices</code> has a length of 0, * if {@code choices} has a length of 0,
* if any element from <code>choices</code> is null, * if any element from {@code choices} is null,
* if any element from <code>choices</code> * if any element from {@code choices}
* has a length of 0 or if <code>defaultChoice</code> * has a length of 0 or if {@code defaultChoice}
* does not fall within the array boundaries of * does not fall within the array boundaries of
* <code>choices</code>. * {@code choices}.
*/ */
public ChoiceCallback(String prompt, String[] choices, public ChoiceCallback(String prompt, String[] choices,
int defaultChoice, boolean multipleSelectionsAllowed) { int defaultChoice, boolean multipleSelectionsAllowed) {
@ -142,7 +142,7 @@ public class ChoiceCallback implements Callback, java.io.Serializable {
* <p> * <p>
* *
* @return the defaultChoice, represented as an index into * @return the defaultChoice, represented as an index into
* the <code>choices</code> list. * the {@code choices} list.
*/ */
public int getDefaultChoice() { public int getDefaultChoice() {
return defaultChoice; return defaultChoice;
@ -150,7 +150,7 @@ public class ChoiceCallback implements Callback, java.io.Serializable {
/** /**
* Get the boolean determining whether multiple selections from * Get the boolean determining whether multiple selections from
* the <code>choices</code> list are allowed. * the {@code choices} list are allowed.
* *
* <p> * <p>
* *
@ -166,7 +166,7 @@ public class ChoiceCallback implements Callback, java.io.Serializable {
* <p> * <p>
* *
* @param selection the selection represented as an index into the * @param selection the selection represented as an index into the
* <code>choices</code> list. * {@code choices} list.
* *
* @see #getSelectedIndexes * @see #getSelectedIndexes
*/ */
@ -181,11 +181,11 @@ public class ChoiceCallback implements Callback, java.io.Serializable {
* <p> * <p>
* *
* @param selections the selections represented as indexes into the * @param selections the selections represented as indexes into the
* <code>choices</code> list. * {@code choices} list.
* *
* @exception UnsupportedOperationException if multiple selections are * @exception UnsupportedOperationException if multiple selections are
* not allowed, as determined by * not allowed, as determined by
* <code>allowMultipleSelections</code>. * {@code allowMultipleSelections}.
* *
* @see #getSelectedIndexes * @see #getSelectedIndexes
*/ */
@ -201,7 +201,7 @@ public class ChoiceCallback implements Callback, java.io.Serializable {
* <p> * <p>
* *
* @return the selected choices, represented as indexes into the * @return the selected choices, represented as indexes into the
* <code>choices</code> list. * {@code choices} list.
* *
* @see #setSelectedIndexes * @see #setSelectedIndexes
*/ */

236
jdk/src/share/classes/javax/security/auth/callback/ConfirmationCallback.java
View file

@ -1,5 +1,5 @@
/* /*
* Copyright (c) 1999, 2003, Oracle and/or its affiliates. All rights reserved. * Copyright (c) 1999, 2013, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
* *
* This code is free software; you can redistribute it and/or modify it * This code is free software; you can redistribute it and/or modify it
@ -27,8 +27,8 @@ package javax.security.auth.callback;
/** /**
* <p> Underlying security services instantiate and pass a * <p> Underlying security services instantiate and pass a
* <code>ConfirmationCallback</code> to the <code>handle</code> * {@code ConfirmationCallback} to the {@code handle}
* method of a <code>CallbackHandler</code> to ask for YES/NO, * method of a {@code CallbackHandler} to ask for YES/NO,
* OK/CANCEL, YES/NO/CANCEL or other similar confirmations. * OK/CANCEL, YES/NO/CANCEL or other similar confirmations.
* *
* @see javax.security.auth.callback.CallbackHandler * @see javax.security.auth.callback.CallbackHandler
@ -40,9 +40,9 @@ public class ConfirmationCallback implements Callback, java.io.Serializable {
/** /**
* Unspecified option type. * Unspecified option type.
* *
* <p> The <code>getOptionType</code> method returns this * <p> The {@code getOptionType} method returns this
* value if this <code>ConfirmationCallback</code> was instantiated * value if this {@code ConfirmationCallback} was instantiated
* with <code>options</code> instead of an <code>optionType</code>. * with {@code options} instead of an {@code optionType}.
*/ */
public static final int UNSPECIFIED_OPTION = -1; public static final int UNSPECIFIED_OPTION = -1;
@ -50,9 +50,9 @@ public class ConfirmationCallback implements Callback, java.io.Serializable {
* YES/NO confirmation option. * YES/NO confirmation option.
* *
* <p> An underlying security service specifies this as the * <p> An underlying security service specifies this as the
* <code>optionType</code> to a <code>ConfirmationCallback</code> * {@code optionType} to a {@code ConfirmationCallback}
* constructor if it requires a confirmation which can be answered * constructor if it requires a confirmation which can be answered
* with either <code>YES</code> or <code>NO</code>. * with either {@code YES} or {@code NO}.
*/ */
public static final int YES_NO_OPTION = 0; public static final int YES_NO_OPTION = 0;
@ -60,9 +60,9 @@ public class ConfirmationCallback implements Callback, java.io.Serializable {
* YES/NO/CANCEL confirmation confirmation option. * YES/NO/CANCEL confirmation confirmation option.
* *
* <p> An underlying security service specifies this as the * <p> An underlying security service specifies this as the
* <code>optionType</code> to a <code>ConfirmationCallback</code> * {@code optionType} to a {@code ConfirmationCallback}
* constructor if it requires a confirmation which can be answered * constructor if it requires a confirmation which can be answered
* with either <code>YES</code>, <code>NO</code> or <code>CANCEL</code>. * with either {@code YES}, {@code NO} or {@code CANCEL}.
*/ */
public static final int YES_NO_CANCEL_OPTION = 1; public static final int YES_NO_CANCEL_OPTION = 1;
@ -70,45 +70,45 @@ public class ConfirmationCallback implements Callback, java.io.Serializable {
* OK/CANCEL confirmation confirmation option. * OK/CANCEL confirmation confirmation option.
* *
* <p> An underlying security service specifies this as the * <p> An underlying security service specifies this as the
* <code>optionType</code> to a <code>ConfirmationCallback</code> * {@code optionType} to a {@code ConfirmationCallback}
* constructor if it requires a confirmation which can be answered * constructor if it requires a confirmation which can be answered
* with either <code>OK</code> or <code>CANCEL</code>. * with either {@code OK} or {@code CANCEL}.
*/ */
public static final int OK_CANCEL_OPTION = 2; public static final int OK_CANCEL_OPTION = 2;
/** /**
* YES option. * YES option.
* *
* <p> If an <code>optionType</code> was specified to this * <p> If an {@code optionType} was specified to this
* <code>ConfirmationCallback</code>, this option may be specified as a * {@code ConfirmationCallback}, this option may be specified as a
* <code>defaultOption</code> or returned as the selected index. * {@code defaultOption} or returned as the selected index.
*/ */
public static final int YES = 0; public static final int YES = 0;
/** /**
* NO option. * NO option.
* *
* <p> If an <code>optionType</code> was specified to this * <p> If an {@code optionType} was specified to this
* <code>ConfirmationCallback</code>, this option may be specified as a * {@code ConfirmationCallback}, this option may be specified as a
* <code>defaultOption</code> or returned as the selected index. * {@code defaultOption} or returned as the selected index.
*/ */
public static final int NO = 1; public static final int NO = 1;
/** /**
* CANCEL option. * CANCEL option.
* *
* <p> If an <code>optionType</code> was specified to this * <p> If an {@code optionType} was specified to this
* <code>ConfirmationCallback</code>, this option may be specified as a * {@code ConfirmationCallback}, this option may be specified as a
* <code>defaultOption</code> or returned as the selected index. * {@code defaultOption} or returned as the selected index.
*/ */
public static final int CANCEL = 2; public static final int CANCEL = 2;
/** /**
* OK option. * OK option.
* *
* <p> If an <code>optionType</code> was specified to this * <p> If an {@code optionType} was specified to this
* <code>ConfirmationCallback</code>, this option may be specified as a * {@code ConfirmationCallback}, this option may be specified as a
* <code>defaultOption</code> or returned as the selected index. * {@code defaultOption} or returned as the selected index.
*/ */
public static final int OK = 3; public static final int OK = 3;
@ -152,7 +152,7 @@ public class ConfirmationCallback implements Callback, java.io.Serializable {
private int selection; private int selection;
/** /**
* Construct a <code>ConfirmationCallback</code> with a * Construct a {@code ConfirmationCallback} with a
* message type, an option type and a default option. * message type, an option type and a default option.
* *
* <p> Underlying security services use this constructor if * <p> Underlying security services use this constructor if
@ -161,27 +161,27 @@ public class ConfirmationCallback implements Callback, java.io.Serializable {
* *
* <p> * <p>
* *
* @param messageType the message type (<code>INFORMATION</code>, * @param messageType the message type ({@code INFORMATION},
* <code>WARNING</code> or <code>ERROR</code>). <p> * {@code WARNING} or {@code ERROR}). <p>
* *
* @param optionType the option type (<code>YES_NO_OPTION</code>, * @param optionType the option type ({@code YES_NO_OPTION},
* <code>YES_NO_CANCEL_OPTION</code> or * {@code YES_NO_CANCEL_OPTION} or
* <code>OK_CANCEL_OPTION</code>). <p> * {@code OK_CANCEL_OPTION}). <p>
* *
* @param defaultOption the default option * @param defaultOption the default option
* from the provided optionType (<code>YES</code>, * from the provided optionType ({@code YES},
* <code>NO</code>, <code>CANCEL</code> or * {@code NO}, {@code CANCEL} or
* <code>OK</code>). * {@code OK}).
* *
* @exception IllegalArgumentException if messageType is not either * @exception IllegalArgumentException if messageType is not either
* <code>INFORMATION</code>, <code>WARNING</code>, * {@code INFORMATION}, {@code WARNING},
* or <code>ERROR</code>, if optionType is not either * or {@code ERROR}, if optionType is not either
* <code>YES_NO_OPTION</code>, * {@code YES_NO_OPTION},
* <code>YES_NO_CANCEL_OPTION</code>, or * {@code YES_NO_CANCEL_OPTION}, or
* <code>OK_CANCEL_OPTION</code>, * {@code OK_CANCEL_OPTION},
* or if <code>defaultOption</code> * or if {@code defaultOption}
* does not correspond to one of the options in * does not correspond to one of the options in
* <code>optionType</code>. * {@code optionType}.
*/ */
public ConfirmationCallback(int messageType, public ConfirmationCallback(int messageType,
int optionType, int defaultOption) { int optionType, int defaultOption) {
@ -212,35 +212,35 @@ public class ConfirmationCallback implements Callback, java.io.Serializable {
} }
/** /**
* Construct a <code>ConfirmationCallback</code> with a * Construct a {@code ConfirmationCallback} with a
* message type, a list of options and a default option. * message type, a list of options and a default option.
* *
* <p> Underlying security services use this constructor if * <p> Underlying security services use this constructor if
* they require a confirmation different from the available preset * they require a confirmation different from the available preset
* confirmations provided (for example, CONTINUE/ABORT or STOP/GO). * confirmations provided (for example, CONTINUE/ABORT or STOP/GO).
* The confirmation options are listed in the <code>options</code> array, * The confirmation options are listed in the {@code options} array,
* and are displayed by the <code>CallbackHandler</code> implementation * and are displayed by the {@code CallbackHandler} implementation
* in a manner consistent with the way preset options are displayed. * in a manner consistent with the way preset options are displayed.
* *
* <p> * <p>
* *
* @param messageType the message type (<code>INFORMATION</code>, * @param messageType the message type ({@code INFORMATION},
* <code>WARNING</code> or <code>ERROR</code>). <p> * {@code WARNING} or {@code ERROR}). <p>
* *
* @param options the list of confirmation options. <p> * @param options the list of confirmation options. <p>
* *
* @param defaultOption the default option, represented as an index * @param defaultOption the default option, represented as an index
* into the <code>options</code> array. * into the {@code options} array.
* *
* @exception IllegalArgumentException if messageType is not either * @exception IllegalArgumentException if messageType is not either
* <code>INFORMATION</code>, <code>WARNING</code>, * {@code INFORMATION}, {@code WARNING},
* or <code>ERROR</code>, if <code>options</code> is null, * or {@code ERROR}, if {@code options} is null,
* if <code>options</code> has a length of 0, * if {@code options} has a length of 0,
* if any element from <code>options</code> is null, * if any element from {@code options} is null,
* if any element from <code>options</code> * if any element from {@code options}
* has a length of 0, or if <code>defaultOption</code> * has a length of 0, or if {@code defaultOption}
* does not lie within the array boundaries of * does not lie within the array boundaries of
* <code>options</code>. * {@code options}.
*/ */
public ConfirmationCallback(int messageType, public ConfirmationCallback(int messageType,
String[] options, int defaultOption) { String[] options, int defaultOption) {
@ -261,7 +261,7 @@ public class ConfirmationCallback implements Callback, java.io.Serializable {
} }
/** /**
* Construct a <code>ConfirmationCallback</code> with a prompt, * Construct a {@code ConfirmationCallback} with a prompt,
* message type, an option type and a default option. * message type, an option type and a default option.
* *
* <p> Underlying security services use this constructor if * <p> Underlying security services use this constructor if
@ -272,29 +272,29 @@ public class ConfirmationCallback implements Callback, java.io.Serializable {
* *
* @param prompt the prompt used to describe the list of options. <p> * @param prompt the prompt used to describe the list of options. <p>
* *
* @param messageType the message type (<code>INFORMATION</code>, * @param messageType the message type ({@code INFORMATION},
* <code>WARNING</code> or <code>ERROR</code>). <p> * {@code WARNING} or {@code ERROR}). <p>
* *
* @param optionType the option type (<code>YES_NO_OPTION</code>, * @param optionType the option type ({@code YES_NO_OPTION},
* <code>YES_NO_CANCEL_OPTION</code> or * {@code YES_NO_CANCEL_OPTION} or
* <code>OK_CANCEL_OPTION</code>). <p> * {@code OK_CANCEL_OPTION}). <p>
* *
* @param defaultOption the default option * @param defaultOption the default option
* from the provided optionType (<code>YES</code>, * from the provided optionType ({@code YES},
* <code>NO</code>, <code>CANCEL</code> or * {@code NO}, {@code CANCEL} or
* <code>OK</code>). * {@code OK}).
* *
* @exception IllegalArgumentException if <code>prompt</code> is null, * @exception IllegalArgumentException if {@code prompt} is null,
* if <code>prompt</code> has a length of 0, * if {@code prompt} has a length of 0,
* if messageType is not either * if messageType is not either
* <code>INFORMATION</code>, <code>WARNING</code>, * {@code INFORMATION}, {@code WARNING},
* or <code>ERROR</code>, if optionType is not either * or {@code ERROR}, if optionType is not either
* <code>YES_NO_OPTION</code>, * {@code YES_NO_OPTION},
* <code>YES_NO_CANCEL_OPTION</code>, or * {@code YES_NO_CANCEL_OPTION}, or
* <code>OK_CANCEL_OPTION</code>, * {@code OK_CANCEL_OPTION},
* or if <code>defaultOption</code> * or if {@code defaultOption}
* does not correspond to one of the options in * does not correspond to one of the options in
* <code>optionType</code>. * {@code optionType}.
*/ */
public ConfirmationCallback(String prompt, int messageType, public ConfirmationCallback(String prompt, int messageType,
int optionType, int defaultOption) { int optionType, int defaultOption) {
@ -327,39 +327,39 @@ public class ConfirmationCallback implements Callback, java.io.Serializable {
} }
/** /**
* Construct a <code>ConfirmationCallback</code> with a prompt, * Construct a {@code ConfirmationCallback} with a prompt,
* message type, a list of options and a default option. * message type, a list of options and a default option.
* *
* <p> Underlying security services use this constructor if * <p> Underlying security services use this constructor if
* they require a confirmation different from the available preset * they require a confirmation different from the available preset
* confirmations provided (for example, CONTINUE/ABORT or STOP/GO). * confirmations provided (for example, CONTINUE/ABORT or STOP/GO).
* The confirmation options are listed in the <code>options</code> array, * The confirmation options are listed in the {@code options} array,
* and are displayed by the <code>CallbackHandler</code> implementation * and are displayed by the {@code CallbackHandler} implementation
* in a manner consistent with the way preset options are displayed. * in a manner consistent with the way preset options are displayed.
* *
* <p> * <p>
* *
* @param prompt the prompt used to describe the list of options. <p> * @param prompt the prompt used to describe the list of options. <p>
* *
* @param messageType the message type (<code>INFORMATION</code>, * @param messageType the message type ({@code INFORMATION},
* <code>WARNING</code> or <code>ERROR</code>). <p> * {@code WARNING} or {@code ERROR}). <p>
* *
* @param options the list of confirmation options. <p> * @param options the list of confirmation options. <p>
* *
* @param defaultOption the default option, represented as an index * @param defaultOption the default option, represented as an index
* into the <code>options</code> array. * into the {@code options} array.
* *
* @exception IllegalArgumentException if <code>prompt</code> is null, * @exception IllegalArgumentException if {@code prompt} is null,
* if <code>prompt</code> has a length of 0, * if {@code prompt} has a length of 0,
* if messageType is not either * if messageType is not either
* <code>INFORMATION</code>, <code>WARNING</code>, * {@code INFORMATION}, {@code WARNING},
* or <code>ERROR</code>, if <code>options</code> is null, * or {@code ERROR}, if {@code options} is null,
* if <code>options</code> has a length of 0, * if {@code options} has a length of 0,
* if any element from <code>options</code> is null, * if any element from {@code options} is null,
* if any element from <code>options</code> * if any element from {@code options}
* has a length of 0, or if <code>defaultOption</code> * has a length of 0, or if {@code defaultOption}
* does not lie within the array boundaries of * does not lie within the array boundaries of
* <code>options</code>. * {@code options}.
*/ */
public ConfirmationCallback(String prompt, int messageType, public ConfirmationCallback(String prompt, int messageType,
String[] options, int defaultOption) { String[] options, int defaultOption) {
@ -386,8 +386,8 @@ public class ConfirmationCallback implements Callback, java.io.Serializable {
* *
* <p> * <p>
* *
* @return the prompt, or null if this <code>ConfirmationCallback</code> * @return the prompt, or null if this {@code ConfirmationCallback}
* was instantiated without a <code>prompt</code>. * was instantiated without a {@code prompt}.
*/ */
public String getPrompt() { public String getPrompt() {
return prompt; return prompt;
@ -398,8 +398,8 @@ public class ConfirmationCallback implements Callback, java.io.Serializable {
* *
* <p> * <p>
* *
* @return the message type (<code>INFORMATION</code>, * @return the message type ({@code INFORMATION},
* <code>WARNING</code> or <code>ERROR</code>). * {@code WARNING} or {@code ERROR}).
*/ */
public int getMessageType() { public int getMessageType() {
return messageType; return messageType;
@ -408,20 +408,20 @@ public class ConfirmationCallback implements Callback, java.io.Serializable {
/** /**
* Get the option type. * Get the option type.
* *
* <p> If this method returns <code>UNSPECIFIED_OPTION</code>, then this * <p> If this method returns {@code UNSPECIFIED_OPTION}, then this
* <code>ConfirmationCallback</code> was instantiated with * {@code ConfirmationCallback} was instantiated with
* <code>options</code> instead of an <code>optionType</code>. * {@code options} instead of an {@code optionType}.
* In this case, invoke the <code>getOptions</code> method * In this case, invoke the {@code getOptions} method
* to determine which confirmation options to display. * to determine which confirmation options to display.
* *
* <p> * <p>
* *
* @return the option type (<code>YES_NO_OPTION</code>, * @return the option type ({@code YES_NO_OPTION},
* <code>YES_NO_CANCEL_OPTION</code> or * {@code YES_NO_CANCEL_OPTION} or
* <code>OK_CANCEL_OPTION</code>), or * {@code OK_CANCEL_OPTION}), or
* <code>UNSPECIFIED_OPTION</code> if this * {@code UNSPECIFIED_OPTION} if this
* <code>ConfirmationCallback</code> was instantiated with * {@code ConfirmationCallback} was instantiated with
* <code>options</code> instead of an <code>optionType</code>. * {@code options} instead of an {@code optionType}.
*/ */
public int getOptionType() { public int getOptionType() {
return optionType; return optionType;
@ -433,8 +433,8 @@ public class ConfirmationCallback implements Callback, java.io.Serializable {
* <p> * <p>
* *
* @return the list of confirmation options, or null if this * @return the list of confirmation options, or null if this
* <code>ConfirmationCallback</code> was instantiated with * {@code ConfirmationCallback} was instantiated with
* an <code>optionType</code> instead of <code>options</code>. * an {@code optionType} instead of {@code options}.
*/ */
public String[] getOptions() { public String[] getOptions() {
return options; return options;
@ -446,14 +446,14 @@ public class ConfirmationCallback implements Callback, java.io.Serializable {
* <p> * <p>
* *
* @return the default option, represented as * @return the default option, represented as
* <code>YES</code>, <code>NO</code>, <code>OK</code> or * {@code YES}, {@code NO}, {@code OK} or
* <code>CANCEL</code> if an <code>optionType</code> * {@code CANCEL} if an {@code optionType}
* was specified to the constructor of this * was specified to the constructor of this
* <code>ConfirmationCallback</code>. * {@code ConfirmationCallback}.
* Otherwise, this method returns the default option as * Otherwise, this method returns the default option as
* an index into the * an index into the
* <code>options</code> array specified to the constructor * {@code options} array specified to the constructor
* of this <code>ConfirmationCallback</code>. * of this {@code ConfirmationCallback}.
*/ */
public int getDefaultOption() { public int getDefaultOption() {
return defaultOption; return defaultOption;
@ -464,13 +464,13 @@ public class ConfirmationCallback implements Callback, java.io.Serializable {
* *
* <p> * <p>
* *
* @param selection the selection represented as <code>YES</code>, * @param selection the selection represented as {@code YES},
* <code>NO</code>, <code>OK</code> or <code>CANCEL</code> * {@code NO}, {@code OK} or {@code CANCEL}
* if an <code>optionType</code> was specified to the constructor * if an {@code optionType} was specified to the constructor
* of this <code>ConfirmationCallback</code>. * of this {@code ConfirmationCallback}.
* Otherwise, the selection represents the index into the * Otherwise, the selection represents the index into the
* <code>options</code> array specified to the constructor * {@code options} array specified to the constructor
* of this <code>ConfirmationCallback</code>. * of this {@code ConfirmationCallback}.
* *
* @see #getSelectedIndex * @see #getSelectedIndex
*/ */
@ -484,14 +484,14 @@ public class ConfirmationCallback implements Callback, java.io.Serializable {
* <p> * <p>
* *
* @return the selected confirmation option represented as * @return the selected confirmation option represented as
* <code>YES</code>, <code>NO</code>, <code>OK</code> or * {@code YES}, {@code NO}, {@code OK} or
* <code>CANCEL</code> if an <code>optionType</code> * {@code CANCEL} if an {@code optionType}
* was specified to the constructor of this * was specified to the constructor of this
* <code>ConfirmationCallback</code>. * {@code ConfirmationCallback}.
* Otherwise, this method returns the selected confirmation * Otherwise, this method returns the selected confirmation
* option as an index into the * option as an index into the
* <code>options</code> array specified to the constructor * {@code options} array specified to the constructor
* of this <code>ConfirmationCallback</code>. * of this {@code ConfirmationCallback}.
* *
* @see #setSelectedIndex * @see #setSelectedIndex
*/ */

18
jdk/src/share/classes/javax/security/auth/callback/LanguageCallback.java
View file

@ -1,5 +1,5 @@
/* /*
* Copyright (c) 1999, 2003, Oracle and/or its affiliates. All rights reserved. * Copyright (c) 1999, 2013, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
* *
* This code is free software; you can redistribute it and/or modify it * This code is free software; you can redistribute it and/or modify it
@ -29,8 +29,8 @@ import java.util.Locale;
/** /**
* <p> Underlying security services instantiate and pass a * <p> Underlying security services instantiate and pass a
* <code>LanguageCallback</code> to the <code>handle</code> * {@code LanguageCallback} to the {@code handle}
* method of a <code>CallbackHandler</code> to retrieve the <code>Locale</code> * method of a {@code CallbackHandler} to retrieve the {@code Locale}
* used for localizing text. * used for localizing text.
* *
* @see javax.security.auth.callback.CallbackHandler * @see javax.security.auth.callback.CallbackHandler
@ -46,16 +46,16 @@ public class LanguageCallback implements Callback, java.io.Serializable {
private Locale locale; private Locale locale;
/** /**
* Construct a <code>LanguageCallback</code>. * Construct a {@code LanguageCallback}.
*/ */
public LanguageCallback() { } public LanguageCallback() { }
/** /**
* Set the retrieved <code>Locale</code>. * Set the retrieved {@code Locale}.
* *
* <p> * <p>
* *
* @param locale the retrieved <code>Locale</code>. * @param locale the retrieved {@code Locale}.
* *
* @see #getLocale * @see #getLocale
*/ */
@ -64,12 +64,12 @@ public class LanguageCallback implements Callback, java.io.Serializable {
} }
/** /**
* Get the retrieved <code>Locale</code>. * Get the retrieved {@code Locale}.
* *
* <p> * <p>
* *
* @return the retrieved <code>Locale</code>, or null * @return the retrieved {@code Locale}, or null
* if no <code>Locale</code> could be retrieved. * if no {@code Locale} could be retrieved.
* *
* @see #setLocale * @see #setLocale
*/ */

26
jdk/src/share/classes/javax/security/auth/callback/NameCallback.java
View file

@ -1,5 +1,5 @@
/* /*
* Copyright (c) 1999, 2003, Oracle and/or its affiliates. All rights reserved. * Copyright (c) 1999, 2013, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
* *
* This code is free software; you can redistribute it and/or modify it * This code is free software; you can redistribute it and/or modify it
@ -27,8 +27,8 @@ package javax.security.auth.callback;
/** /**
* <p> Underlying security services instantiate and pass a * <p> Underlying security services instantiate and pass a
* <code>NameCallback</code> to the <code>handle</code> * {@code NameCallback} to the {@code handle}
* method of a <code>CallbackHandler</code> to retrieve name information. * method of a {@code CallbackHandler} to retrieve name information.
* *
* @see javax.security.auth.callback.CallbackHandler * @see javax.security.auth.callback.CallbackHandler
*/ */
@ -53,14 +53,14 @@ public class NameCallback implements Callback, java.io.Serializable {
private String inputName; private String inputName;
/** /**
* Construct a <code>NameCallback</code> with a prompt. * Construct a {@code NameCallback} with a prompt.
* *
* <p> * <p>
* *
* @param prompt the prompt used to request the name. * @param prompt the prompt used to request the name.
* *
* @exception IllegalArgumentException if <code>prompt</code> is null * @exception IllegalArgumentException if {@code prompt} is null
* or if <code>prompt</code> has a length of 0. * or if {@code prompt} has a length of 0.
*/ */
public NameCallback(String prompt) { public NameCallback(String prompt) {
if (prompt == null || prompt.length() == 0) if (prompt == null || prompt.length() == 0)
@ -69,7 +69,7 @@ public class NameCallback implements Callback, java.io.Serializable {
} }
/** /**
* Construct a <code>NameCallback</code> with a prompt * Construct a {@code NameCallback} with a prompt
* and default name. * and default name.
* *
* <p> * <p>
@ -79,10 +79,10 @@ public class NameCallback implements Callback, java.io.Serializable {
* @param defaultName the name to be used as the default name displayed * @param defaultName the name to be used as the default name displayed
* with the prompt. * with the prompt.
* *
* @exception IllegalArgumentException if <code>prompt</code> is null, * @exception IllegalArgumentException if {@code prompt} is null,
* if <code>prompt</code> has a length of 0, * if {@code prompt} has a length of 0,
* if <code>defaultName</code> is null, * if {@code defaultName} is null,
* or if <code>defaultName</code> has a length of 0. * or if {@code defaultName} has a length of 0.
*/ */
public NameCallback(String prompt, String defaultName) { public NameCallback(String prompt, String defaultName) {
if (prompt == null || prompt.length() == 0 || if (prompt == null || prompt.length() == 0 ||
@ -109,8 +109,8 @@ public class NameCallback implements Callback, java.io.Serializable {
* *
* <p> * <p>
* *
* @return the default name, or null if this <code>NameCallback</code> * @return the default name, or null if this {@code NameCallback}
* was not instantiated with a <code>defaultName</code>. * was not instantiated with a {@code defaultName}.
*/ */
public String getDefaultName() { public String getDefaultName() {
return defaultName; return defaultName;

12
jdk/src/share/classes/javax/security/auth/callback/PasswordCallback.java
View file

@ -1,5 +1,5 @@
/* /*
* Copyright (c) 1999, 2003, Oracle and/or its affiliates. All rights reserved. * Copyright (c) 1999, 2013, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
* *
* This code is free software; you can redistribute it and/or modify it * This code is free software; you can redistribute it and/or modify it
@ -27,8 +27,8 @@ package javax.security.auth.callback;
/** /**
* <p> Underlying security services instantiate and pass a * <p> Underlying security services instantiate and pass a
* <code>PasswordCallback</code> to the <code>handle</code> * {@code PasswordCallback} to the {@code handle}
* method of a <code>CallbackHandler</code> to retrieve password information. * method of a {@code CallbackHandler} to retrieve password information.
* *
* @see javax.security.auth.callback.CallbackHandler * @see javax.security.auth.callback.CallbackHandler
*/ */
@ -53,7 +53,7 @@ public class PasswordCallback implements Callback, java.io.Serializable {
private char[] inputPassword; private char[] inputPassword;
/** /**
* Construct a <code>PasswordCallback</code> with a prompt * Construct a {@code PasswordCallback} with a prompt
* and a boolean specifying whether the password should be displayed * and a boolean specifying whether the password should be displayed
* as it is being typed. * as it is being typed.
* *
@ -64,8 +64,8 @@ public class PasswordCallback implements Callback, java.io.Serializable {
* @param echoOn true if the password should be displayed * @param echoOn true if the password should be displayed
* as it is being typed. * as it is being typed.
* *
* @exception IllegalArgumentException if <code>prompt</code> is null or * @exception IllegalArgumentException if {@code prompt} is null or
* if <code>prompt</code> has a length of 0. * if {@code prompt} has a length of 0.
*/ */
public PasswordCallback(String prompt, boolean echoOn) { public PasswordCallback(String prompt, boolean echoOn) {
if (prompt == null || prompt.length() == 0) if (prompt == null || prompt.length() == 0)

26
jdk/src/share/classes/javax/security/auth/callback/TextInputCallback.java
View file

@ -1,5 +1,5 @@
/* /*
* Copyright (c) 1999, 2003, Oracle and/or its affiliates. All rights reserved. * Copyright (c) 1999, 2013, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
* *
* This code is free software; you can redistribute it and/or modify it * This code is free software; you can redistribute it and/or modify it
@ -27,8 +27,8 @@ package javax.security.auth.callback;
/** /**
* <p> Underlying security services instantiate and pass a * <p> Underlying security services instantiate and pass a
* <code>TextInputCallback</code> to the <code>handle</code> * {@code TextInputCallback} to the {@code handle}
* method of a <code>CallbackHandler</code> to retrieve generic text * method of a {@code CallbackHandler} to retrieve generic text
* information. * information.
* *
* @see javax.security.auth.callback.CallbackHandler * @see javax.security.auth.callback.CallbackHandler
@ -54,14 +54,14 @@ public class TextInputCallback implements Callback, java.io.Serializable {
private String inputText; private String inputText;
/** /**
* Construct a <code>TextInputCallback</code> with a prompt. * Construct a {@code TextInputCallback} with a prompt.
* *
* <p> * <p>
* *
* @param prompt the prompt used to request the information. * @param prompt the prompt used to request the information.
* *
* @exception IllegalArgumentException if <code>prompt</code> is null * @exception IllegalArgumentException if {@code prompt} is null
* or if <code>prompt</code> has a length of 0. * or if {@code prompt} has a length of 0.
*/ */
public TextInputCallback(String prompt) { public TextInputCallback(String prompt) {
if (prompt == null || prompt.length() == 0) if (prompt == null || prompt.length() == 0)
@ -70,7 +70,7 @@ public class TextInputCallback implements Callback, java.io.Serializable {
} }
/** /**
* Construct a <code>TextInputCallback</code> with a prompt * Construct a {@code TextInputCallback} with a prompt
* and default input value. * and default input value.
* *
* <p> * <p>
@ -80,10 +80,10 @@ public class TextInputCallback implements Callback, java.io.Serializable {
* @param defaultText the text to be used as the default text displayed * @param defaultText the text to be used as the default text displayed
* with the prompt. * with the prompt.
* *
* @exception IllegalArgumentException if <code>prompt</code> is null, * @exception IllegalArgumentException if {@code prompt} is null,
* if <code>prompt</code> has a length of 0, * if {@code prompt} has a length of 0,
* if <code>defaultText</code> is null * if {@code defaultText} is null
* or if <code>defaultText</code> has a length of 0. * or if {@code defaultText} has a length of 0.
*/ */
public TextInputCallback(String prompt, String defaultText) { public TextInputCallback(String prompt, String defaultText) {
if (prompt == null || prompt.length() == 0 || if (prompt == null || prompt.length() == 0 ||
@ -110,8 +110,8 @@ public class TextInputCallback implements Callback, java.io.Serializable {
* *
* <p> * <p>
* *
* @return the default text, or null if this <code>TextInputCallback</code> * @return the default text, or null if this {@code TextInputCallback}
* was not instantiated with <code>defaultText</code>. * was not instantiated with {@code defaultText}.
*/ */
public String getDefaultText() { public String getDefaultText() {
return defaultText; return defaultText;

24
jdk/src/share/classes/javax/security/auth/callback/TextOutputCallback.java
View file

@ -1,5 +1,5 @@
/* /*
* Copyright (c) 1999, 2003, Oracle and/or its affiliates. All rights reserved. * Copyright (c) 1999, 2013, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
* *
* This code is free software; you can redistribute it and/or modify it * This code is free software; you can redistribute it and/or modify it
@ -27,8 +27,8 @@ package javax.security.auth.callback;
/** /**
* <p> Underlying security services instantiate and pass a * <p> Underlying security services instantiate and pass a
* <code>TextOutputCallback</code> to the <code>handle</code> * {@code TextOutputCallback} to the {@code handle}
* method of a <code>CallbackHandler</code> to display information messages, * method of a {@code CallbackHandler} to display information messages,
* warning messages and error messages. * warning messages and error messages.
* *
* @see javax.security.auth.callback.CallbackHandler * @see javax.security.auth.callback.CallbackHandler
@ -61,16 +61,16 @@ public class TextOutputCallback implements Callback, java.io.Serializable {
* *
* <p> * <p>
* *
* @param messageType the message type (<code>INFORMATION</code>, * @param messageType the message type ({@code INFORMATION},
* <code>WARNING</code> or <code>ERROR</code>). <p> * {@code WARNING} or {@code ERROR}). <p>
* *
* @param message the message to be displayed. <p> * @param message the message to be displayed. <p>
* *
* @exception IllegalArgumentException if <code>messageType</code> * @exception IllegalArgumentException if {@code messageType}
* is not either <code>INFORMATION</code>, * is not either {@code INFORMATION},
* <code>WARNING</code> or <code>ERROR</code>, * {@code WARNING} or {@code ERROR},
* if <code>message</code> is null, * if {@code message} is null,
* or if <code>message</code> has a length of 0. * or if {@code message} has a length of 0.
*/ */
public TextOutputCallback(int messageType, String message) { public TextOutputCallback(int messageType, String message) {
if ((messageType != INFORMATION && if ((messageType != INFORMATION &&
@ -87,8 +87,8 @@ public class TextOutputCallback implements Callback, java.io.Serializable {
* *
* <p> * <p>
* *
* @return the message type (<code>INFORMATION</code>, * @return the message type ({@code INFORMATION},
* <code>WARNING</code> or <code>ERROR</code>). * {@code WARNING} or {@code ERROR}).
*/ */
public int getMessageType() { public int getMessageType() {
return messageType; return messageType;

16
jdk/src/share/classes/javax/security/auth/callback/UnsupportedCallbackException.java
View file

@ -1,5 +1,5 @@
/* /*
* Copyright (c) 1999, 2003, Oracle and/or its affiliates. All rights reserved. * Copyright (c) 1999, 2013, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
* *
* This code is free software; you can redistribute it and/or modify it * This code is free software; you can redistribute it and/or modify it
@ -26,8 +26,8 @@
package javax.security.auth.callback; package javax.security.auth.callback;
/** /**
* Signals that a <code>CallbackHandler</code> does not * Signals that a {@code CallbackHandler} does not
* recognize a particular <code>Callback</code>. * recognize a particular {@code Callback}.
* *
*/ */
public class UnsupportedCallbackException extends Exception { public class UnsupportedCallbackException extends Exception {
@ -40,12 +40,12 @@ public class UnsupportedCallbackException extends Exception {
private Callback callback; private Callback callback;
/** /**
* Constructs a <code>UnsupportedCallbackException</code> * Constructs a {@code UnsupportedCallbackException}
* with no detail message. * with no detail message.
* *
* <p> * <p>
* *
* @param callback the unrecognized <code>Callback</code>. * @param callback the unrecognized {@code Callback}.
*/ */
public UnsupportedCallbackException(Callback callback) { public UnsupportedCallbackException(Callback callback) {
super(); super();
@ -59,7 +59,7 @@ public class UnsupportedCallbackException extends Exception {
* *
* <p> * <p>
* *
* @param callback the unrecognized <code>Callback</code>. <p> * @param callback the unrecognized {@code Callback}. <p>
* *
* @param msg the detail message. * @param msg the detail message.
*/ */
@ -69,11 +69,11 @@ public class UnsupportedCallbackException extends Exception {
} }
/** /**
* Get the unrecognized <code>Callback</code>. * Get the unrecognized {@code Callback}.
* *
* <p> * <p>
* *
* @return the unrecognized <code>Callback</code>. * @return the unrecognized {@code Callback}.
*/ */
public Callback getCallback() { public Callback getCallback() {
return callback; return callback;

35
jdk/src/share/classes/javax/security/auth/callback/package-info.java Normal file
View file

@ -0,0 +1,35 @@
/*
* Copyright (c) 2000, 2013, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
* under the terms of the GNU General Public License version 2 only, as
* published by the Free Software Foundation. Oracle designates this
* particular file as subject to the "Classpath" exception as provided
* by Oracle in the LICENSE file that accompanied this code.
*
* This code is distributed in the hope that it will be useful, but WITHOUT
* ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
* FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
* version 2 for more details (a copy is included in the LICENSE file that
* accompanied this code).
*
* You should have received a copy of the GNU General Public License version
* 2 along with this work; if not, write to the Free Software Foundation,
* Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
*
* Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
* or visit www.oracle.com if you need additional information or have any
* questions.
*/
/**
* This package provides the classes necessary for services
* to interact with applications in order to retrieve
* information (authentication data including usernames
* or passwords, for example) or to display information
* (error and warning messages, for example).
*
* @since JDK1.4
*/
package javax.security.auth.callback;

57
jdk/src/share/classes/javax/security/auth/callback/package.html
View file

@ -1,57 +0,0 @@
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 3.2 Final//EN">
<html>
<head>
<!--
Copyright (c) 2000, Oracle and/or its affiliates. All rights reserved.
DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
This code is free software; you can redistribute it and/or modify it
under the terms of the GNU General Public License version 2 only, as
published by the Free Software Foundation. Oracle designates this
particular file as subject to the "Classpath" exception as provided
by Oracle in the LICENSE file that accompanied this code.
This code is distributed in the hope that it will be useful, but WITHOUT
ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
version 2 for more details (a copy is included in the LICENSE file that
accompanied this code).
You should have received a copy of the GNU General Public License version
2 along with this work; if not, write to the Free Software Foundation,
Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
or visit www.oracle.com if you need additional information or have any
questions.
-->
</head>
<body bgcolor="white">
This package provides the classes necessary for services
to interact with applications in order to retrieve
information (authentication data including usernames
or passwords, for example) or to display information
(error and warning messages, for example).
<!--
<h2>Package Specification</h2>
##### FILL IN ANY SPECS NEEDED BY JAVA COMPATIBILITY KIT #####
<ul>
<li><a href="">##### REFER TO ANY FRAMEMAKER SPECIFICATION HERE #####</a>
</ul>
<h2>Related Documentation</h2>
For overviews, tutorials, examples, guides, and tool documentation, please see:
<ul>
<li><a href="">##### REFER TO NON-SPEC DOCUMENTATION HERE #####</a>
</ul>
-->
@since JDK1.4
</body>
</html>

18
jdk/src/share/classes/javax/security/auth/kerberos/DelegationPermission.java
View file

@ -1,5 +1,5 @@
/* /*
* Copyright (c) 2000, 2012, Oracle and/or its affiliates. All rights reserved. * Copyright (c) 2000, 2013, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
* *
* This code is free software; you can redistribute it and/or modify it * This code is free software; you can redistribute it and/or modify it
@ -38,7 +38,7 @@ import java.io.IOException;
* This class is used to restrict the usage of the Kerberos * This class is used to restrict the usage of the Kerberos
* delegation model, ie: forwardable and proxiable tickets. * delegation model, ie: forwardable and proxiable tickets.
* <p> * <p>
* The target name of this <code>Permission</code> specifies a pair of * The target name of this {@code Permission} specifies a pair of
* kerberos service principals. The first is the subordinate service principal * kerberos service principals. The first is the subordinate service principal
* being entrusted to use the TGT. The second service principal designates * being entrusted to use the TGT. The second service principal designates
* the target service the subordinate service principal is to * the target service the subordinate service principal is to
@ -71,15 +71,15 @@ public final class DelegationPermission extends BasicPermission
private transient String subordinate, service; private transient String subordinate, service;
/** /**
* Create a new <code>DelegationPermission</code> * Create a new {@code DelegationPermission}
* with the specified subordinate and target principals. * with the specified subordinate and target principals.
* *
* <p> * <p>
* *
* @param principals the name of the subordinate and target principals * @param principals the name of the subordinate and target principals
* *
* @throws NullPointerException if <code>principals</code> is <code>null</code>. * @throws NullPointerException if {@code principals} is {@code null}.
* @throws IllegalArgumentException if <code>principals</code> is empty. * @throws IllegalArgumentException if {@code principals} is empty.
*/ */
public DelegationPermission(String principals) { public DelegationPermission(String principals) {
super(principals); super(principals);
@ -87,7 +87,7 @@ public final class DelegationPermission extends BasicPermission
} }
/** /**
* Create a new <code>DelegationPermission</code> * Create a new {@code DelegationPermission}
* with the specified subordinate and target principals. * with the specified subordinate and target principals.
* <p> * <p>
* *
@ -95,8 +95,8 @@ public final class DelegationPermission extends BasicPermission
* <p> * <p>
* @param actions should be null. * @param actions should be null.
* *
* @throws NullPointerException if <code>principals</code> is <code>null</code>. * @throws NullPointerException if {@code principals} is {@code null}.
* @throws IllegalArgumentException if <code>principals</code> is empty. * @throws IllegalArgumentException if {@code principals} is empty.
*/ */
public DelegationPermission(String principals, String actions) { public DelegationPermission(String principals, String actions) {
super(principals, actions); super(principals, actions);
@ -134,7 +134,7 @@ public final class DelegationPermission extends BasicPermission
* Checks if this Kerberos delegation permission object "implies" the * Checks if this Kerberos delegation permission object "implies" the
* specified permission. * specified permission.
* <P> * <P>
* If none of the above are true, <code>implies</code> returns false. * If none of the above are true, {@code implies} returns false.
* @param p the permission to check against. * @param p the permission to check against.
* *
* @return true if the specified permission is implied by this object, * @return true if the specified permission is implied by this object,

10
jdk/src/share/classes/javax/security/auth/kerberos/KerberosKey.java
View file

@ -1,5 +1,5 @@
/* /*
* Copyright (c) 2000, 2011, Oracle and/or its affiliates. All rights reserved. * Copyright (c) 2000, 2013, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
* *
* This code is free software; you can redistribute it and/or modify it * This code is free software; you can redistribute it and/or modify it
@ -76,7 +76,7 @@ public class KerberosKey implements SecretKey, Destroyable {
private int versionNum; private int versionNum;
/** /**
* <code>KeyImpl</code> is serialized by writing out the ASN1 Encoded bytes * {@code KeyImpl} is serialized by writing out the ASN1 Encoded bytes
* of the encryption key. * of the encryption key.
* The ASN1 encoding is defined in RFC4120 and as follows: * The ASN1 encoding is defined in RFC4120 and as follows:
* <pre> * <pre>
@ -241,7 +241,7 @@ public class KerberosKey implements SecretKey, Destroyable {
/** /**
* Returns a hashcode for this KerberosKey. * Returns a hashcode for this KerberosKey.
* *
* @return a hashCode() for the <code>KerberosKey</code> * @return a hashCode() for the {@code KerberosKey}
* @since 1.6 * @since 1.6
*/ */
public int hashCode() { public int hashCode() {
@ -260,8 +260,8 @@ public class KerberosKey implements SecretKey, Destroyable {
/** /**
* Compares the specified Object with this KerberosKey for equality. * Compares the specified Object with this KerberosKey for equality.
* Returns true if the given object is also a * Returns true if the given object is also a
* <code>KerberosKey</code> and the two * {@code KerberosKey} and the two
* <code>KerberosKey</code> instances are equivalent. * {@code KerberosKey} instances are equivalent.
* *
* @param other the Object to compare to * @param other the Object to compare to
* @return true if the specified object is equal to this KerberosKey, * @return true if the specified object is equal to this KerberosKey,

20
jdk/src/share/classes/javax/security/auth/kerberos/KerberosPrincipal.java
View file

@ -1,5 +1,5 @@
/* /*
* Copyright (c) 2000, 2012, Oracle and/or its affiliates. All rights reserved. * Copyright (c) 2000, 2013, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
* *
* This code is free software; you can redistribute it and/or modify it * This code is free software; you can redistribute it and/or modify it
@ -181,11 +181,11 @@ public final class KerberosPrincipal
/** /**
* Returns a hashcode for this principal. The hash code is defined to * Returns a hashcode for this principal. The hash code is defined to
* be the result of the following calculation: * be the result of the following calculation:
* <pre><code> * <pre>{@code
* hashCode = getName().hashCode(); * hashCode = getName().hashCode();
* </code></pre> * }</pre>
* *
* @return a hashCode() for the <code>KerberosPrincipal</code> * @return a hashCode() for the {@code KerberosPrincipal}
*/ */
public int hashCode() { public int hashCode() {
return getName().hashCode(); return getName().hashCode();
@ -194,11 +194,11 @@ public final class KerberosPrincipal
/** /**
* Compares the specified Object with this Principal for equality. * Compares the specified Object with this Principal for equality.
* Returns true if the given object is also a * Returns true if the given object is also a
* <code>KerberosPrincipal</code> and the two * {@code KerberosPrincipal} and the two
* <code>KerberosPrincipal</code> instances are equivalent. * {@code KerberosPrincipal} instances are equivalent.
* More formally two <code>KerberosPrincipal</code> instances are equal * More formally two {@code KerberosPrincipal} instances are equal
* if the values returned by <code>getName()</code> are equal and the * if the values returned by {@code getName()} are equal and the
* values returned by <code>getNameType()</code> are equal. * values returned by {@code getNameType()} are equal.
* *
* @param other the Object to compare to * @param other the Object to compare to
* @return true if the Object passed in represents the same principal * @return true if the Object passed in represents the same principal
@ -225,7 +225,7 @@ public final class KerberosPrincipal
/** /**
* Save the KerberosPrincipal object to a stream * Save the KerberosPrincipal object to a stream
* *
* @serialData this <code>KerberosPrincipal</code> is serialized * @serialData this {@code KerberosPrincipal} is serialized
* by writing out the PrincipalName and the * by writing out the PrincipalName and the
* realm in their DER-encoded form as specified in Section 5.2.2 of * realm in their DER-encoded form as specified in Section 5.2.2 of
* <a href=http://www.ietf.org/rfc/rfc4120.txt> RFC4120</a>. * <a href=http://www.ietf.org/rfc/rfc4120.txt> RFC4120</a>.

10
jdk/src/share/classes/javax/security/auth/kerberos/KerberosTicket.java
View file

@ -1,5 +1,5 @@
/* /*
* Copyright (c) 2000, 2008, Oracle and/or its affiliates. All rights reserved. * Copyright (c) 2000, 2013, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
* *
* This code is free software; you can redistribute it and/or modify it * This code is free software; you can redistribute it and/or modify it
@ -103,7 +103,7 @@ public class KerberosTicket implements Destroyable, Refreshable,
private byte[] asn1Encoding; private byte[] asn1Encoding;
/** /**
*<code>KeyImpl</code> is serialized by writing out the ASN1 Encoded bytes *{@code KeyImpl} is serialized by writing out the ASN1 Encoded bytes
* of the encryption key. The ASN1 encoding is defined in RFC4120 and as * of the encryption key. The ASN1 encoding is defined in RFC4120 and as
* follows: * follows:
* <pre> * <pre>
@ -667,7 +667,7 @@ public class KerberosTicket implements Destroyable, Refreshable,
/** /**
* Returns a hashcode for this KerberosTicket. * Returns a hashcode for this KerberosTicket.
* *
* @return a hashCode() for the <code>KerberosTicket</code> * @return a hashCode() for the {@code KerberosTicket}
* @since 1.6 * @since 1.6
*/ */
public int hashCode() { public int hashCode() {
@ -704,8 +704,8 @@ public class KerberosTicket implements Destroyable, Refreshable,
/** /**
* Compares the specified Object with this KerberosTicket for equality. * Compares the specified Object with this KerberosTicket for equality.
* Returns true if the given object is also a * Returns true if the given object is also a
* <code>KerberosTicket</code> and the two * {@code KerberosTicket} and the two
* <code>KerberosTicket</code> instances are equivalent. * {@code KerberosTicket} instances are equivalent.
* *
* @param other the Object to compare to * @param other the Object to compare to
* @return true if the specified object is equal to this KerberosTicket, * @return true if the specified object is equal to this KerberosTicket,

4
jdk/src/share/classes/javax/security/auth/kerberos/KeyImpl.java
View file

@ -1,5 +1,5 @@
/* /*
* Copyright (c) 2000, 2010, Oracle and/or its affiliates. All rights reserved. * Copyright (c) 2000, 2013, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
* *
* This code is free software; you can redistribute it and/or modify it * This code is free software; you can redistribute it and/or modify it
@ -166,7 +166,7 @@ class KeyImpl implements SecretKey, Destroyable, Serializable {
} }
/** /**
* @serialData this <code>KeyImpl</code> is serialized by * @serialData this {@code KeyImpl} is serialized by
* writing out the ASN1 Encoded bytes of the encryption key. * writing out the ASN1 Encoded bytes of the encryption key.
* The ASN1 encoding is defined in RFC4120 and as follows: * The ASN1 encoding is defined in RFC4120 and as follows:
* EncryptionKey ::= SEQUENCE { * EncryptionKey ::= SEQUENCE {

8
jdk/src/share/classes/javax/security/auth/kerberos/KeyTab.java
View file

@ -1,5 +1,5 @@
/* /*
* Copyright (c) 2011, Oracle and/or its affiliates. All rights reserved. * Copyright (c) 2011, 2013, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
* *
* This code is free software; you can redistribute it and/or modify it * This code is free software; you can redistribute it and/or modify it
@ -312,7 +312,7 @@ public final class KeyTab {
/** /**
* Returns a hashcode for this KeyTab. * Returns a hashcode for this KeyTab.
* *
* @return a hashCode() for the <code>KeyTab</code> * @return a hashCode() for the {@code KeyTab}
*/ */
public int hashCode() { public int hashCode() {
return Objects.hash(file, princ, bound); return Objects.hash(file, princ, bound);
@ -321,8 +321,8 @@ public final class KeyTab {
/** /**
* Compares the specified Object with this KeyTab for equality. * Compares the specified Object with this KeyTab for equality.
* Returns true if the given object is also a * Returns true if the given object is also a
* <code>KeyTab</code> and the two * {@code KeyTab} and the two
* <code>KeyTab</code> instances are equivalent. * {@code KeyTab} instances are equivalent.
* *
* @param other the Object to compare to * @param other the Object to compare to
* @return true if the specified object is equal to this KeyTab * @return true if the specified object is equal to this KeyTab

12
jdk/src/share/classes/javax/security/auth/kerberos/ServicePermission.java
View file

@ -1,5 +1,5 @@
/* /*
* Copyright (c) 2000, 2012, Oracle and/or its affiliates. All rights reserved. * Copyright (c) 2000, 2013, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
* *
* This code is free software; you can redistribute it and/or modify it * This code is free software; you can redistribute it and/or modify it
@ -50,7 +50,7 @@ import java.io.IOException;
* used within. * used within.
* <p> * <p>
* The service principal name is the canonical name of the * The service principal name is the canonical name of the
* <code>KereberosPrincipal</code> supplying the service, that is * {@code KereberosPrincipal} supplying the service, that is
* the KerberosPrincipal represents a Kerberos service * the KerberosPrincipal represents a Kerberos service
* principal. This name is treated in a case sensitive manner. * principal. This name is treated in a case sensitive manner.
* An asterisk may appear by itself, to signify any service principal. * An asterisk may appear by itself, to signify any service principal.
@ -135,9 +135,9 @@ public final class ServicePermission extends Permission
// created and re-used in the getAction function. // created and re-used in the getAction function.
/** /**
* Create a new <code>ServicePermission</code> * Create a new {@code ServicePermission}
* with the specified <code>servicePrincipal</code> * with the specified {@code servicePrincipal}
* and <code>action</code>. * and {@code action}.
* *
* @param servicePrincipal the name of the service principal. * @param servicePrincipal the name of the service principal.
* An asterisk may appear by itself, to signify any service principal. * An asterisk may appear by itself, to signify any service principal.
@ -169,7 +169,7 @@ public final class ServicePermission extends Permission
* Checks if this Kerberos service permission object "implies" the * Checks if this Kerberos service permission object "implies" the
* specified permission. * specified permission.
* <P> * <P>
* If none of the above are true, <code>implies</code> returns false. * If none of the above are true, {@code implies} returns false.
* @param p the permission to check against. * @param p the permission to check against.
* *
* @return true if the specified permission is implied by this object, * @return true if the specified permission is implied by this object,

53
jdk/src/share/classes/javax/security/auth/kerberos/package-info.java Normal file
View file

@ -0,0 +1,53 @@
/*
* Copyright (c) 2001, 2013, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
* under the terms of the GNU General Public License version 2 only, as
* published by the Free Software Foundation. Oracle designates this
* particular file as subject to the "Classpath" exception as provided
* by Oracle in the LICENSE file that accompanied this code.
*
* This code is distributed in the hope that it will be useful, but WITHOUT
* ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
* FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
* version 2 for more details (a copy is included in the LICENSE file that
* accompanied this code).
*
* You should have received a copy of the GNU General Public License version
* 2 along with this work; if not, write to the Free Software Foundation,
* Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
*
* Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
* or visit www.oracle.com if you need additional information or have any
* questions.
*/
/**
* This package contains utility classes related to the Kerberos network
* authentication protocol. They do not provide much Kerberos support
* themselves.<p>
*
* The Kerberos network authentication protocol is defined in
* <a href=http://www.ietf.org/rfc/rfc4120.txt>RFC 4120</a>. The Java
* platform contains support for the client side of Kerberos via the
* {@link org.ietf.jgss} package. There might also be
* a login module that implements
* {@link javax.security.auth.spi.LoginModule LoginModule} to authenticate
* Kerberos principals.<p>
*
* You can provide the name of your default realm and Key Distribution
* Center (KDC) host for that realm using the system properties
* {@code java.security.krb5.realm} and {@code java.security.krb5.kdc}.
* Both properties must be set.
* Alternatively, the {@code java.security.krb5.conf} system property can
* be set to the location of an MIT style {@code krb5.conf} configuration
* file. If none of these system properties are set, the {@code krb5.conf}
* file is searched for in an implementation-specific manner. Typically,
* an implementation will first look for a {@code krb5.conf} file in
* {@code <java-home>/lib/security} and failing that, in an OS-specific
* location.<p>
*
* @since JDK1.4
*/
package javax.security.auth.kerberos;

74
jdk/src/share/classes/javax/security/auth/kerberos/package.html
View file

@ -1,74 +0,0 @@
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 3.2 Final//EN">
<html>
<head>
<!--
Copyright (c) 2001, 2006, Oracle and/or its affiliates. All rights reserved.
DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
This code is free software; you can redistribute it and/or modify it
under the terms of the GNU General Public License version 2 only, as
published by the Free Software Foundation. Oracle designates this
particular file as subject to the "Classpath" exception as provided
by Oracle in the LICENSE file that accompanied this code.
This code is distributed in the hope that it will be useful, but WITHOUT
ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
version 2 for more details (a copy is included in the LICENSE file that
accompanied this code).
You should have received a copy of the GNU General Public License version
2 along with this work; if not, write to the Free Software Foundation,
Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
or visit www.oracle.com if you need additional information or have any
questions.
-->
</head>
<body bgcolor="white">
This package contains utility classes related to the Kerberos network
authentication protocol. They do not provide much Kerberos support
themselves.<p>
The Kerberos network authentication protocol is defined in
<a href=http://www.ietf.org/rfc/rfc4120.txt>RFC 4120</a>. The Java
platform contains support for the client side of Kerberos via the
{@link org.ietf.jgss} package. There might also be
a login module that implements
{@link javax.security.auth.spi.LoginModule LoginModule} to authenticate
Kerberos principals.<p>
You can provide the name of your default realm and Key Distribution
Center (KDC) host for that realm using the system properties
{@code java.security.krb5.realm} and {@code java.security.krb5.kdc}.
Both properties must be set.
Alternatively, the {@code java.security.krb5.conf} system property can
be set to the location of an MIT style {@code krb5.conf} configuration
file. If none of these system properties are set, the {@code krb5.conf}
file is searched for in an implementation-specific manner. Typically,
an implementation will first look for a {@code krb5.conf} file in
{@code <java-home>/lib/security} and failing that, in an OS-specific
location.<p>
<!--
<h2>Package Specification</h2>
##### FILL IN ANY SPECS NEEDED BY JAVA COMPATIBILITY KIT #####
<ul>
<li><a href="">##### REFER TO ANY FRAMEMAKER SPECIFICATION HERE #####</a>
</ul>
<h2>Related Documentation</h2>
For overviews, tutorials, examples, guides, and tool documentation, please see:
<ul>
<li><a href="">##### REFER TO NON-SPEC DOCUMENTATION HERE #####</a>
</ul>
-->
@since JDK1.4
</body>
</html>

6
jdk/src/share/classes/javax/security/auth/login/AccountExpiredException.java
View file

@ -1,5 +1,5 @@
/* /*
* Copyright (c) 1998, 2003, Oracle and/or its affiliates. All rights reserved. * Copyright (c) 1998, 2013, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
* *
* This code is free software; you can redistribute it and/or modify it * This code is free software; you can redistribute it and/or modify it
@ -29,9 +29,9 @@ package javax.security.auth.login;
* Signals that a user account has expired. * Signals that a user account has expired.
* *
* <p> This exception is thrown by LoginModules when they determine * <p> This exception is thrown by LoginModules when they determine
* that an account has expired. For example, a <code>LoginModule</code>, * that an account has expired. For example, a {@code LoginModule},
* after successfully authenticating a user, may determine that the * after successfully authenticating a user, may determine that the
* user's account has expired. In this case the <code>LoginModule</code> * user's account has expired. In this case the {@code LoginModule}
* throws this exception to notify the application. The application can * throws this exception to notify the application. The application can
* then take the appropriate steps to notify the user. * then take the appropriate steps to notify the user.
* *

56
jdk/src/share/classes/javax/security/auth/login/AppConfigurationEntry.java
View file

@ -1,5 +1,5 @@
/* /*
* Copyright (c) 1998, 2010, Oracle and/or its affiliates. All rights reserved. * Copyright (c) 1998, 2013, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
* *
* This code is free software; you can redistribute it and/or modify it * This code is free software; you can redistribute it and/or modify it
@ -29,14 +29,14 @@ import java.util.Map;
import java.util.Collections; import java.util.Collections;
/** /**
* This class represents a single <code>LoginModule</code> entry * This class represents a single {@code LoginModule} entry
* configured for the application specified in the * configured for the application specified in the
* <code>getAppConfigurationEntry(String appName)</code> * {@code getAppConfigurationEntry(String appName)}
* method in the <code>Configuration</code> class. Each respective * method in the {@code Configuration} class. Each respective
* <code>AppConfigurationEntry</code> contains a <code>LoginModule</code> name, * {@code AppConfigurationEntry} contains a {@code LoginModule} name,
* a control flag (specifying whether this <code>LoginModule</code> is * a control flag (specifying whether this {@code LoginModule} is
* REQUIRED, REQUISITE, SUFFICIENT, or OPTIONAL), and LoginModule-specific * REQUIRED, REQUISITE, SUFFICIENT, or OPTIONAL), and LoginModule-specific
* options. Please refer to the <code>Configuration</code> class for * options. Please refer to the {@code Configuration} class for
* more information on the different control flags and their semantics. * more information on the different control flags and their semantics.
* *
* @see javax.security.auth.login.Configuration * @see javax.security.auth.login.Configuration
@ -50,25 +50,25 @@ public class AppConfigurationEntry {
/** /**
* Default constructor for this class. * Default constructor for this class.
* *
* <p> This entry represents a single <code>LoginModule</code> * <p> This entry represents a single {@code LoginModule}
* entry configured for the application specified in the * entry configured for the application specified in the
* <code>getAppConfigurationEntry(String appName)</code> * {@code getAppConfigurationEntry(String appName)}
* method from the <code>Configuration</code> class. * method from the {@code Configuration} class.
* *
* @param loginModuleName String representing the class name of the * @param loginModuleName String representing the class name of the
* <code>LoginModule</code> configured for the * {@code LoginModule} configured for the
* specified application. <p> * specified application. <p>
* *
* @param controlFlag either REQUIRED, REQUISITE, SUFFICIENT, * @param controlFlag either REQUIRED, REQUISITE, SUFFICIENT,
* or OPTIONAL. <p> * or OPTIONAL. <p>
* *
* @param options the options configured for this <code>LoginModule</code>. * @param options the options configured for this {@code LoginModule}.
* *
* @exception IllegalArgumentException if <code>loginModuleName</code> * @exception IllegalArgumentException if {@code loginModuleName}
* is null, if <code>LoginModuleName</code> * is null, if {@code LoginModuleName}
* has a length of 0, if <code>controlFlag</code> * has a length of 0, if {@code controlFlag}
* is not either REQUIRED, REQUISITE, SUFFICIENT * is not either REQUIRED, REQUISITE, SUFFICIENT
* or OPTIONAL, or if <code>options</code> is null. * or OPTIONAL, or if {@code options} is null.
*/ */
public AppConfigurationEntry(String loginModuleName, public AppConfigurationEntry(String loginModuleName,
LoginModuleControlFlag controlFlag, LoginModuleControlFlag controlFlag,
@ -88,9 +88,9 @@ public class AppConfigurationEntry {
} }
/** /**
* Get the class name of the configured <code>LoginModule</code>. * Get the class name of the configured {@code LoginModule}.
* *
* @return the class name of the configured <code>LoginModule</code> as * @return the class name of the configured {@code LoginModule} as
* a String. * a String.
*/ */
public String getLoginModuleName() { public String getLoginModuleName() {
@ -100,28 +100,28 @@ public class AppConfigurationEntry {
/** /**
* Return the controlFlag * Return the controlFlag
* (either REQUIRED, REQUISITE, SUFFICIENT, or OPTIONAL) * (either REQUIRED, REQUISITE, SUFFICIENT, or OPTIONAL)
* for this <code>LoginModule</code>. * for this {@code LoginModule}.
* *
* @return the controlFlag * @return the controlFlag
* (either REQUIRED, REQUISITE, SUFFICIENT, or OPTIONAL) * (either REQUIRED, REQUISITE, SUFFICIENT, or OPTIONAL)
* for this <code>LoginModule</code>. * for this {@code LoginModule}.
*/ */
public LoginModuleControlFlag getControlFlag() { public LoginModuleControlFlag getControlFlag() {
return controlFlag; return controlFlag;
} }
/** /**
* Get the options configured for this <code>LoginModule</code>. * Get the options configured for this {@code LoginModule}.
* *
* @return the options configured for this <code>LoginModule</code> * @return the options configured for this {@code LoginModule}
* as an unmodifiable <code>Map</code>. * as an unmodifiable {@code Map}.
*/ */
public Map<String,?> getOptions() { public Map<String,?> getOptions() {
return options; return options;
} }
/** /**
* This class represents whether or not a <code>LoginModule</code> * This class represents whether or not a {@code LoginModule}
* is REQUIRED, REQUISITE, SUFFICIENT or OPTIONAL. * is REQUIRED, REQUISITE, SUFFICIENT or OPTIONAL.
*/ */
public static class LoginModuleControlFlag { public static class LoginModuleControlFlag {
@ -129,25 +129,25 @@ public class AppConfigurationEntry {
private String controlFlag; private String controlFlag;
/** /**
* Required <code>LoginModule</code>. * Required {@code LoginModule}.
*/ */
public static final LoginModuleControlFlag REQUIRED = public static final LoginModuleControlFlag REQUIRED =
new LoginModuleControlFlag("required"); new LoginModuleControlFlag("required");
/** /**
* Requisite <code>LoginModule</code>. * Requisite {@code LoginModule}.
*/ */
public static final LoginModuleControlFlag REQUISITE = public static final LoginModuleControlFlag REQUISITE =
new LoginModuleControlFlag("requisite"); new LoginModuleControlFlag("requisite");
/** /**
* Sufficient <code>LoginModule</code>. * Sufficient {@code LoginModule}.
*/ */
public static final LoginModuleControlFlag SUFFICIENT = public static final LoginModuleControlFlag SUFFICIENT =
new LoginModuleControlFlag("sufficient"); new LoginModuleControlFlag("sufficient");
/** /**
* Optional <code>LoginModule</code>. * Optional {@code LoginModule}.
*/ */
public static final LoginModuleControlFlag OPTIONAL = public static final LoginModuleControlFlag OPTIONAL =
new LoginModuleControlFlag("optional"); new LoginModuleControlFlag("optional");

74
jdk/src/share/classes/javax/security/auth/login/Configuration.java
View file

@ -1,5 +1,5 @@
/* /*
* Copyright (c) 1998, 2012, Oracle and/or its affiliates. All rights reserved. * Copyright (c) 1998, 2013, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
* *
* This code is free software; you can redistribute it and/or modify it * This code is free software; you can redistribute it and/or modify it
@ -49,9 +49,9 @@ import sun.security.jca.GetInstance;
* *
* <p> A login configuration contains the following information. * <p> A login configuration contains the following information.
* Note that this example only represents the default syntax for the * Note that this example only represents the default syntax for the
* <code>Configuration</code>. Subclass implementations of this class * {@code Configuration}. Subclass implementations of this class
* may implement alternative syntaxes and may retrieve the * may implement alternative syntaxes and may retrieve the
* <code>Configuration</code> from any source such as files, databases, * {@code Configuration} from any source such as files, databases,
* or servers. * or servers.
* *
* <pre> * <pre>
@ -70,9 +70,9 @@ import sun.security.jca.GetInstance;
* }; * };
* </pre> * </pre>
* *
* <p> Each entry in the <code>Configuration</code> is indexed via an * <p> Each entry in the {@code Configuration} is indexed via an
* application name, <i>Name</i>, and contains a list of * application name, <i>Name</i>, and contains a list of
* LoginModules configured for that application. Each <code>LoginModule</code> * LoginModules configured for that application. Each {@code LoginModule}
* is specified via its fully qualified class name. * is specified via its fully qualified class name.
* Authentication proceeds down the module list in the exact order specified. * Authentication proceeds down the module list in the exact order specified.
* If an application does not have specific entry, * If an application does not have specific entry,
@ -83,55 +83,55 @@ import sun.security.jca.GetInstance;
* valid values for <i>Flag</i> and their respective semantics: * valid values for <i>Flag</i> and their respective semantics:
* *
* <pre> * <pre>
* 1) Required - The <code>LoginModule</code> is required to succeed. * 1) Required - The {@code LoginModule} is required to succeed.
* If it succeeds or fails, authentication still continues * If it succeeds or fails, authentication still continues
* to proceed down the <code>LoginModule</code> list. * to proceed down the {@code LoginModule} list.
* *
* 2) Requisite - The <code>LoginModule</code> is required to succeed. * 2) Requisite - The {@code LoginModule} is required to succeed.
* If it succeeds, authentication continues down the * If it succeeds, authentication continues down the
* <code>LoginModule</code> list. If it fails, * {@code LoginModule} list. If it fails,
* control immediately returns to the application * control immediately returns to the application
* (authentication does not proceed down the * (authentication does not proceed down the
* <code>LoginModule</code> list). * {@code LoginModule} list).
* *
* 3) Sufficient - The <code>LoginModule</code> is not required to * 3) Sufficient - The {@code LoginModule} is not required to
* succeed. If it does succeed, control immediately * succeed. If it does succeed, control immediately
* returns to the application (authentication does not * returns to the application (authentication does not
* proceed down the <code>LoginModule</code> list). * proceed down the {@code LoginModule} list).
* If it fails, authentication continues down the * If it fails, authentication continues down the
* <code>LoginModule</code> list. * {@code LoginModule} list.
* *
* 4) Optional - The <code>LoginModule</code> is not required to * 4) Optional - The {@code LoginModule} is not required to
* succeed. If it succeeds or fails, * succeed. If it succeeds or fails,
* authentication still continues to proceed down the * authentication still continues to proceed down the
* <code>LoginModule</code> list. * {@code LoginModule} list.
* </pre> * </pre>
* *
* <p> The overall authentication succeeds only if all <i>Required</i> and * <p> The overall authentication succeeds only if all <i>Required</i> and
* <i>Requisite</i> LoginModules succeed. If a <i>Sufficient</i> * <i>Requisite</i> LoginModules succeed. If a <i>Sufficient</i>
* <code>LoginModule</code> is configured and succeeds, * {@code LoginModule} is configured and succeeds,
* then only the <i>Required</i> and <i>Requisite</i> LoginModules prior to * then only the <i>Required</i> and <i>Requisite</i> LoginModules prior to
* that <i>Sufficient</i> <code>LoginModule</code> need to have succeeded for * that <i>Sufficient</i> {@code LoginModule} need to have succeeded for
* the overall authentication to succeed. If no <i>Required</i> or * the overall authentication to succeed. If no <i>Required</i> or
* <i>Requisite</i> LoginModules are configured for an application, * <i>Requisite</i> LoginModules are configured for an application,
* then at least one <i>Sufficient</i> or <i>Optional</i> * then at least one <i>Sufficient</i> or <i>Optional</i>
* <code>LoginModule</code> must succeed. * {@code LoginModule} must succeed.
* *
* <p> <i>ModuleOptions</i> is a space separated list of * <p> <i>ModuleOptions</i> is a space separated list of
* <code>LoginModule</code>-specific values which are passed directly to * {@code LoginModule}-specific values which are passed directly to
* the underlying LoginModules. Options are defined by the * the underlying LoginModules. Options are defined by the
* <code>LoginModule</code> itself, and control the behavior within it. * {@code LoginModule} itself, and control the behavior within it.
* For example, a <code>LoginModule</code> may define options to support * For example, a {@code LoginModule} may define options to support
* debugging/testing capabilities. The correct way to specify options in the * debugging/testing capabilities. The correct way to specify options in the
* <code>Configuration</code> is by using the following key-value pairing: * {@code Configuration} is by using the following key-value pairing:
* <i>debug="true"</i>. The key and value should be separated by an * <i>debug="true"</i>. The key and value should be separated by an
* 'equals' symbol, and the value should be surrounded by double quotes. * 'equals' symbol, and the value should be surrounded by double quotes.
* If a String in the form, ${system.property}, occurs in the value, * If a String in the form, ${system.property}, occurs in the value,
* it will be expanded to the value of the system property. * it will be expanded to the value of the system property.
* Note that there is no limit to the number of * Note that there is no limit to the number of
* options a <code>LoginModule</code> may define. * options a {@code LoginModule} may define.
* *
* <p> The following represents an example <code>Configuration</code> entry * <p> The following represents an example {@code Configuration} entry
* based on the syntax above: * based on the syntax above:
* *
* <pre> * <pre>
@ -143,7 +143,7 @@ import sun.security.jca.GetInstance;
* }; * };
* </pre> * </pre>
* *
* <p> This <code>Configuration</code> specifies that an application named, * <p> This {@code Configuration} specifies that an application named,
* "Login", requires users to first authenticate to the * "Login", requires users to first authenticate to the
* <i>com.sun.security.auth.module.UnixLoginModule</i>, which is * <i>com.sun.security.auth.module.UnixLoginModule</i>, which is
* required to succeed. Even if the <i>UnixLoginModule</i> * required to succeed. Even if the <i>UnixLoginModule</i>
@ -165,11 +165,11 @@ import sun.security.jca.GetInstance;
* *
* <p> There is only one Configuration object installed in the runtime at any * <p> There is only one Configuration object installed in the runtime at any
* given time. A Configuration object can be installed by calling the * given time. A Configuration object can be installed by calling the
* <code>setConfiguration</code> method. The installed Configuration object * {@code setConfiguration} method. The installed Configuration object
* can be obtained by calling the <code>getConfiguration</code> method. * can be obtained by calling the {@code getConfiguration} method.
* *
* <p> If no Configuration object has been installed in the runtime, a call to * <p> If no Configuration object has been installed in the runtime, a call to
* <code>getConfiguration</code> installs an instance of the default * {@code getConfiguration} installs an instance of the default
* Configuration implementation (a default subclass implementation of this * Configuration implementation (a default subclass implementation of this
* abstract class). * abstract class).
* The default Configuration implementation can be changed by setting the value * The default Configuration implementation can be changed by setting the value
@ -178,7 +178,7 @@ import sun.security.jca.GetInstance;
* *
* <p> Application code can directly subclass Configuration to provide a custom * <p> Application code can directly subclass Configuration to provide a custom
* implementation. In addition, an instance of a Configuration object can be * implementation. In addition, an instance of a Configuration object can be
* constructed by invoking one of the <code>getInstance</code> factory methods * constructed by invoking one of the {@code getInstance} factory methods
* with a standard type. The default policy type is "JavaLoginConfig". * with a standard type. The default policy type is "JavaLoginConfig".
* See the Configuration section in the <a href= * See the Configuration section in the <a href=
* "{@docRoot}/../technotes/guides/security/StandardNames.html#Configuration"> * "{@docRoot}/../technotes/guides/security/StandardNames.html#Configuration">
@ -222,7 +222,7 @@ public abstract class Configuration {
* <p> * <p>
* *
* @return the login Configuration. If a Configuration object was set * @return the login Configuration. If a Configuration object was set
* via the <code>Configuration.setConfiguration</code> method, * via the {@code Configuration.setConfiguration} method,
* then that object is returned. Otherwise, a default * then that object is returned. Otherwise, a default
* Configuration object is returned. * Configuration object is returned.
* *
@ -286,14 +286,14 @@ public abstract class Configuration {
} }
/** /**
* Set the login <code>Configuration</code>. * Set the login {@code Configuration}.
* *
* <p> * <p>
* *
* @param configuration the new <code>Configuration</code> * @param configuration the new {@code Configuration}
* *
* @exception SecurityException if the current thread does not have * @exception SecurityException if the current thread does not have
* Permission to set the <code>Configuration</code>. * Permission to set the {@code Configuration}.
* *
* @see #getConfiguration * @see #getConfiguration
*/ */
@ -505,7 +505,7 @@ public abstract class Configuration {
* Return the Provider of this Configuration. * Return the Provider of this Configuration.
* *
* <p> This Configuration instance will only have a Provider if it * <p> This Configuration instance will only have a Provider if it
* was obtained via a call to <code>Configuration.getInstance</code>. * was obtained via a call to {@code Configuration.getInstance}.
* Otherwise this method returns null. * Otherwise this method returns null.
* *
* @return the Provider of this Configuration, or null. * @return the Provider of this Configuration, or null.
@ -520,7 +520,7 @@ public abstract class Configuration {
* Return the type of this Configuration. * Return the type of this Configuration.
* *
* <p> This Configuration instance will only have a type if it * <p> This Configuration instance will only have a type if it
* was obtained via a call to <code>Configuration.getInstance</code>. * was obtained via a call to {@code Configuration.getInstance}.
* Otherwise this method returns null. * Otherwise this method returns null.
* *
* @return the type of this Configuration, or null. * @return the type of this Configuration, or null.
@ -535,7 +535,7 @@ public abstract class Configuration {
* Return Configuration parameters. * Return Configuration parameters.
* *
* <p> This Configuration instance will only have parameters if it * <p> This Configuration instance will only have parameters if it
* was obtained via a call to <code>Configuration.getInstance</code>. * was obtained via a call to {@code Configuration.getInstance}.
* Otherwise this method returns null. * Otherwise this method returns null.
* *
* @return Configuration parameters, or null. * @return Configuration parameters, or null.
@ -567,7 +567,7 @@ public abstract class Configuration {
* <p> This method causes this Configuration object to refresh/reload its * <p> This method causes this Configuration object to refresh/reload its
* contents in an implementation-dependent manner. * contents in an implementation-dependent manner.
* For example, if this Configuration object stores its entries in a file, * For example, if this Configuration object stores its entries in a file,
* calling <code>refresh</code> may cause the file to be re-read. * calling {@code refresh} may cause the file to be re-read.
* *
* <p> The default implementation of this method does nothing. * <p> The default implementation of this method does nothing.
* This method should be overridden if a refresh operation is supported * This method should be overridden if a refresh operation is supported

10
jdk/src/share/classes/javax/security/auth/login/ConfigurationSpi.java
View file

@ -1,5 +1,5 @@
/* /*
* Copyright (c) 2005, Oracle and/or its affiliates. All rights reserved. * Copyright (c) 2005, 2013, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
* *
* This code is free software; you can redistribute it and/or modify it * This code is free software; you can redistribute it and/or modify it
@ -28,15 +28,15 @@ package javax.security.auth.login;
/** /**
* This class defines the <i>Service Provider Interface</i> (<b>SPI</b>) * This class defines the <i>Service Provider Interface</i> (<b>SPI</b>)
* for the <code>Configuration</code> class. * for the {@code Configuration} class.
* All the abstract methods in this class must be implemented by each * All the abstract methods in this class must be implemented by each
* service provider who wishes to supply a Configuration implementation. * service provider who wishes to supply a Configuration implementation.
* *
* <p> Subclass implementations of this abstract class must provide * <p> Subclass implementations of this abstract class must provide
* a public constructor that takes a <code>Configuration.Parameters</code> * a public constructor that takes a {@code Configuration.Parameters}
* object as an input parameter. This constructor also must throw * object as an input parameter. This constructor also must throw
* an IllegalArgumentException if it does not understand the * an IllegalArgumentException if it does not understand the
* <code>Configuration.Parameters</code> input. * {@code Configuration.Parameters} input.
* *
* *
* @since 1.6 * @since 1.6
@ -62,7 +62,7 @@ public abstract class ConfigurationSpi {
* <p> This method causes this Configuration object to refresh/reload its * <p> This method causes this Configuration object to refresh/reload its
* contents in an implementation-dependent manner. * contents in an implementation-dependent manner.
* For example, if this Configuration object stores its entries in a file, * For example, if this Configuration object stores its entries in a file,
* calling <code>refresh</code> may cause the file to be re-read. * calling {@code refresh} may cause the file to be re-read.
* *
* <p> The default implementation of this method does nothing. * <p> The default implementation of this method does nothing.
* This method should be overridden if a refresh operation is supported * This method should be overridden if a refresh operation is supported

12
jdk/src/share/classes/javax/security/auth/login/CredentialExpiredException.java
View file

@ -1,5 +1,5 @@
/* /*
* Copyright (c) 1998, 2003, Oracle and/or its affiliates. All rights reserved. * Copyright (c) 1998, 2013, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
* *
* This code is free software; you can redistribute it and/or modify it * This code is free software; you can redistribute it and/or modify it
@ -26,14 +26,14 @@
package javax.security.auth.login; package javax.security.auth.login;
/** /**
* Signals that a <code>Credential</code> has expired. * Signals that a {@code Credential} has expired.
* *
* <p> This exception is thrown by LoginModules when they determine * <p> This exception is thrown by LoginModules when they determine
* that a <code>Credential</code> has expired. * that a {@code Credential} has expired.
* For example, a <code>LoginModule</code> authenticating a user * For example, a {@code LoginModule} authenticating a user
* in its <code>login</code> method may determine that the user's * in its {@code login} method may determine that the user's
* password, although entered correctly, has expired. In this case * password, although entered correctly, has expired. In this case
* the <code>LoginModule</code> throws this exception to notify * the {@code LoginModule} throws this exception to notify
* the application. The application can then take the appropriate * the application. The application can then take the appropriate
* steps to assist the user in updating the password. * steps to assist the user in updating the password.
* *

4
jdk/src/share/classes/javax/security/auth/login/FailedLoginException.java
View file

@ -1,5 +1,5 @@
/* /*
* Copyright (c) 1998, 2003, Oracle and/or its affiliates. All rights reserved. * Copyright (c) 1998, 2013, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
* *
* This code is free software; you can redistribute it and/or modify it * This code is free software; you can redistribute it and/or modify it
@ -29,7 +29,7 @@ package javax.security.auth.login;
* Signals that user authentication failed. * Signals that user authentication failed.
* *
* <p> This exception is thrown by LoginModules if authentication failed. * <p> This exception is thrown by LoginModules if authentication failed.
* For example, a <code>LoginModule</code> throws this exception if * For example, a {@code LoginModule} throws this exception if
* the user entered an incorrect password. * the user entered an incorrect password.
* *
*/ */

220
jdk/src/share/classes/javax/security/auth/login/LoginContext.java
View file

@ -1,5 +1,5 @@
/* /*
* Copyright (c) 1998, 2012, Oracle and/or its affiliates. All rights reserved. * Copyright (c) 1998, 2013, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
* *
* This code is free software; you can redistribute it and/or modify it * This code is free software; you can redistribute it and/or modify it
@ -41,11 +41,11 @@ import sun.security.util.PendingException;
import sun.security.util.ResourcesMgr; import sun.security.util.ResourcesMgr;
/** /**
* <p> The <code>LoginContext</code> class describes the basic methods used * <p> The {@code LoginContext} class describes the basic methods used
* to authenticate Subjects and provides a way to develop an * to authenticate Subjects and provides a way to develop an
* application independent of the underlying authentication technology. * application independent of the underlying authentication technology.
* A <code>Configuration</code> specifies the authentication technology, or * A {@code Configuration} specifies the authentication technology, or
* <code>LoginModule</code>, to be used with a particular application. * {@code LoginModule}, to be used with a particular application.
* Different LoginModules can be plugged in under an application * Different LoginModules can be plugged in under an application
* without requiring any modifications to the application itself. * without requiring any modifications to the application itself.
* *
@ -57,36 +57,36 @@ import sun.security.util.ResourcesMgr;
* LoginModule under an application. * LoginModule under an application.
* *
* <p> A typical caller instantiates a LoginContext with * <p> A typical caller instantiates a LoginContext with
* a <i>name</i> and a <code>CallbackHandler</code>. * a <i>name</i> and a {@code CallbackHandler}.
* LoginContext uses the <i>name</i> as the index into a * LoginContext uses the <i>name</i> as the index into a
* Configuration to determine which LoginModules should be used, * Configuration to determine which LoginModules should be used,
* and which ones must succeed in order for the overall authentication to * and which ones must succeed in order for the overall authentication to
* succeed. The <code>CallbackHandler</code> is passed to the underlying * succeed. The {@code CallbackHandler} is passed to the underlying
* LoginModules so they may communicate and interact with users * LoginModules so they may communicate and interact with users
* (prompting for a username and password via a graphical user interface, * (prompting for a username and password via a graphical user interface,
* for example). * for example).
* *
* <p> Once the caller has instantiated a LoginContext, * <p> Once the caller has instantiated a LoginContext,
* it invokes the <code>login</code> method to authenticate * it invokes the {@code login} method to authenticate
* a <code>Subject</code>. The <code>login</code> method invokes * a {@code Subject}. The {@code login} method invokes
* the configured modules to perform their respective types of authentication * the configured modules to perform their respective types of authentication
* (username/password, smart card pin verification, etc.). * (username/password, smart card pin verification, etc.).
* Note that the LoginModules will not attempt authentication retries nor * Note that the LoginModules will not attempt authentication retries nor
* introduce delays if the authentication fails. * introduce delays if the authentication fails.
* Such tasks belong to the LoginContext caller. * Such tasks belong to the LoginContext caller.
* *
* <p> If the <code>login</code> method returns without * <p> If the {@code login} method returns without
* throwing an exception, then the overall authentication succeeded. * throwing an exception, then the overall authentication succeeded.
* The caller can then retrieve * The caller can then retrieve
* the newly authenticated Subject by invoking the * the newly authenticated Subject by invoking the
* <code>getSubject</code> method. Principals and Credentials associated * {@code getSubject} method. Principals and Credentials associated
* with the Subject may be retrieved by invoking the Subject's * with the Subject may be retrieved by invoking the Subject's
* respective <code>getPrincipals</code>, <code>getPublicCredentials</code>, * respective {@code getPrincipals}, {@code getPublicCredentials},
* and <code>getPrivateCredentials</code> methods. * and {@code getPrivateCredentials} methods.
* *
* <p> To logout the Subject, the caller calls * <p> To logout the Subject, the caller calls
* the <code>logout</code> method. As with the <code>login</code> * the {@code logout} method. As with the {@code login}
* method, this <code>logout</code> method invokes the <code>logout</code> * method, this {@code logout} method invokes the {@code logout}
* method for the configured modules. * method for the configured modules.
* *
* <p> A LoginContext should not be used to authenticate * <p> A LoginContext should not be used to authenticate
@ -96,14 +96,14 @@ import sun.security.util.ResourcesMgr;
* <p> The following documentation applies to all LoginContext constructors: * <p> The following documentation applies to all LoginContext constructors:
* <ol> * <ol>
* *
* <li> <code>Subject</code> * <li> {@code Subject}
* <ul> * <ul>
* <li> If the constructor has a Subject * <li> If the constructor has a Subject
* input parameter, the LoginContext uses the caller-specified * input parameter, the LoginContext uses the caller-specified
* Subject object. * Subject object.
* <p> * <p>
* <li> If the caller specifies a <code>null</code> Subject * <li> If the caller specifies a {@code null} Subject
* and a <code>null</code> value is permitted, * and a {@code null} value is permitted,
* the LoginContext instantiates a new Subject. * the LoginContext instantiates a new Subject.
* <p> * <p>
* <li> If the constructor does <b>not</b> have a Subject * <li> If the constructor does <b>not</b> have a Subject
@ -111,14 +111,14 @@ import sun.security.util.ResourcesMgr;
* <p> * <p>
* </ul> * </ul>
* *
* <li> <code>Configuration</code> * <li> {@code Configuration}
* <ul> * <ul>
* <li> If the constructor has a Configuration * <li> If the constructor has a Configuration
* input parameter and the caller specifies a non-null Configuration, * input parameter and the caller specifies a non-null Configuration,
* the LoginContext uses the caller-specified Configuration. * the LoginContext uses the caller-specified Configuration.
* <p> * <p>
* If the constructor does <b>not</b> have a Configuration * If the constructor does <b>not</b> have a Configuration
* input parameter, or if the caller specifies a <code>null</code> * input parameter, or if the caller specifies a {@code null}
* Configuration object, the constructor uses the following call to * Configuration object, the constructor uses the following call to
* get the installed Configuration: * get the installed Configuration:
* <pre> * <pre>
@ -126,42 +126,42 @@ import sun.security.util.ResourcesMgr;
* </pre> * </pre>
* For both cases, * For both cases,
* the <i>name</i> argument given to the constructor is passed to the * the <i>name</i> argument given to the constructor is passed to the
* <code>Configuration.getAppConfigurationEntry</code> method. * {@code Configuration.getAppConfigurationEntry} method.
* If the Configuration has no entries for the specified <i>name</i>, * If the Configuration has no entries for the specified <i>name</i>,
* then the <code>LoginContext</code> calls * then the {@code LoginContext} calls
* <code>getAppConfigurationEntry</code> with the name, "<i>other</i>" * {@code getAppConfigurationEntry} with the name, "<i>other</i>"
* (the default entry name). If there is no entry for "<i>other</i>", * (the default entry name). If there is no entry for "<i>other</i>",
* then a <code>LoginException</code> is thrown. * then a {@code LoginException} is thrown.
* <p> * <p>
* <li> When LoginContext uses the installed Configuration, the caller * <li> When LoginContext uses the installed Configuration, the caller
* requires the createLoginContext.<em>name</em> and possibly * requires the createLoginContext.<em>name</em> and possibly
* createLoginContext.other AuthPermissions. Furthermore, the * createLoginContext.other AuthPermissions. Furthermore, the
* LoginContext will invoke configured modules from within an * LoginContext will invoke configured modules from within an
* <code>AccessController.doPrivileged</code> call so that modules that * {@code AccessController.doPrivileged} call so that modules that
* perform security-sensitive tasks (such as connecting to remote hosts, * perform security-sensitive tasks (such as connecting to remote hosts,
* and updating the Subject) will require the respective permissions, but * and updating the Subject) will require the respective permissions, but
* the callers of the LoginContext will not require those permissions. * the callers of the LoginContext will not require those permissions.
* <p> * <p>
* <li> When LoginContext uses a caller-specified Configuration, the caller * <li> When LoginContext uses a caller-specified Configuration, the caller
* does not require any createLoginContext AuthPermission. The LoginContext * does not require any createLoginContext AuthPermission. The LoginContext
* saves the <code>AccessControlContext</code> for the caller, * saves the {@code AccessControlContext} for the caller,
* and invokes the configured modules from within an * and invokes the configured modules from within an
* <tt>AccessController.doPrivileged</tt> call constrained by that context. * {@code AccessController.doPrivileged} call constrained by that context.
* This means the caller context (stored when the LoginContext was created) * This means the caller context (stored when the LoginContext was created)
* must have sufficient permissions to perform any security-sensitive tasks * must have sufficient permissions to perform any security-sensitive tasks
* that the modules may perform. * that the modules may perform.
* <p> * <p>
* </ul> * </ul>
* *
* <li> <code>CallbackHandler</code> * <li> {@code CallbackHandler}
* <ul> * <ul>
* <li> If the constructor has a CallbackHandler * <li> If the constructor has a CallbackHandler
* input parameter, the LoginContext uses the caller-specified * input parameter, the LoginContext uses the caller-specified
* CallbackHandler object. * CallbackHandler object.
* <p> * <p>
* <li> If the constructor does <b>not</b> have a CallbackHandler * <li> If the constructor does <b>not</b> have a CallbackHandler
* input parameter, or if the caller specifies a <code>null</code> * input parameter, or if the caller specifies a {@code null}
* CallbackHandler object (and a <code>null</code> value is permitted), * CallbackHandler object (and a {@code null} value is permitted),
* the LoginContext queries the * the LoginContext queries the
* {@code auth.login.defaultCallbackHandler} security property for the * {@code auth.login.defaultCallbackHandler} security property for the
* fully qualified class name of a default handler * fully qualified class name of a default handler
@ -177,10 +177,10 @@ import sun.security.util.ResourcesMgr;
* then this LoginContext must wrap any * then this LoginContext must wrap any
* caller-specified or default CallbackHandler implementation * caller-specified or default CallbackHandler implementation
* in a new CallbackHandler implementation * in a new CallbackHandler implementation
* whose <code>handle</code> method implementation invokes the * whose {@code handle} method implementation invokes the
* specified CallbackHandler's <code>handle</code> method in a * specified CallbackHandler's {@code handle} method in a
* <code>java.security.AccessController.doPrivileged</code> call * {@code java.security.AccessController.doPrivileged} call
* constrained by the caller's current <code>AccessControlContext</code>. * constrained by the caller's current {@code AccessControlContext}.
* </ul> * </ul>
* </ol> * </ol>
* *
@ -317,14 +317,14 @@ public class LoginContext {
} }
/** /**
* Instantiate a new <code>LoginContext</code> object with a name. * Instantiate a new {@code LoginContext} object with a name.
* *
* @param name the name used as the index into the * @param name the name used as the index into the
* <code>Configuration</code>. * {@code Configuration}.
* *
* @exception LoginException if the caller-specified <code>name</code> * @exception LoginException if the caller-specified {@code name}
* does not appear in the <code>Configuration</code> * does not appear in the {@code Configuration}
* and there is no <code>Configuration</code> entry * and there is no {@code Configuration} entry
* for "<i>other</i>", or if the * for "<i>other</i>", or if the
* <i>auth.login.defaultCallbackHandler</i> * <i>auth.login.defaultCallbackHandler</i>
* security property was set, but the implementation * security property was set, but the implementation
@ -343,21 +343,21 @@ public class LoginContext {
} }
/** /**
* Instantiate a new <code>LoginContext</code> object with a name * Instantiate a new {@code LoginContext} object with a name
* and a <code>Subject</code> object. * and a {@code Subject} object.
* *
* <p> * <p>
* *
* @param name the name used as the index into the * @param name the name used as the index into the
* <code>Configuration</code>. <p> * {@code Configuration}. <p>
* *
* @param subject the <code>Subject</code> to authenticate. * @param subject the {@code Subject} to authenticate.
* *
* @exception LoginException if the caller-specified <code>name</code> * @exception LoginException if the caller-specified {@code name}
* does not appear in the <code>Configuration</code> * does not appear in the {@code Configuration}
* and there is no <code>Configuration</code> entry * and there is no {@code Configuration} entry
* for "<i>other</i>", if the caller-specified <code>subject</code> * for "<i>other</i>", if the caller-specified {@code subject}
* is <code>null</code>, or if the * is {@code null}, or if the
* <i>auth.login.defaultCallbackHandler</i> * <i>auth.login.defaultCallbackHandler</i>
* security property was set, but the implementation * security property was set, but the implementation
* class could not be loaded. * class could not be loaded.
@ -381,22 +381,22 @@ public class LoginContext {
} }
/** /**
* Instantiate a new <code>LoginContext</code> object with a name * Instantiate a new {@code LoginContext} object with a name
* and a <code>CallbackHandler</code> object. * and a {@code CallbackHandler} object.
* *
* <p> * <p>
* *
* @param name the name used as the index into the * @param name the name used as the index into the
* <code>Configuration</code>. <p> * {@code Configuration}. <p>
* *
* @param callbackHandler the <code>CallbackHandler</code> object used by * @param callbackHandler the {@code CallbackHandler} object used by
* LoginModules to communicate with the user. * LoginModules to communicate with the user.
* *
* @exception LoginException if the caller-specified <code>name</code> * @exception LoginException if the caller-specified {@code name}
* does not appear in the <code>Configuration</code> * does not appear in the {@code Configuration}
* and there is no <code>Configuration</code> entry * and there is no {@code Configuration} entry
* for "<i>other</i>", or if the caller-specified * for "<i>other</i>", or if the caller-specified
* <code>callbackHandler</code> is <code>null</code>. * {@code callbackHandler} is {@code null}.
* <p> * <p>
* @exception SecurityException if a SecurityManager is set and * @exception SecurityException if a SecurityManager is set and
* the caller does not have * the caller does not have
@ -417,27 +417,27 @@ public class LoginContext {
} }
/** /**
* Instantiate a new <code>LoginContext</code> object with a name, * Instantiate a new {@code LoginContext} object with a name,
* a <code>Subject</code> to be authenticated, and a * a {@code Subject} to be authenticated, and a
* <code>CallbackHandler</code> object. * {@code CallbackHandler} object.
* *
* <p> * <p>
* *
* @param name the name used as the index into the * @param name the name used as the index into the
* <code>Configuration</code>. <p> * {@code Configuration}. <p>
* *
* @param subject the <code>Subject</code> to authenticate. <p> * @param subject the {@code Subject} to authenticate. <p>
* *
* @param callbackHandler the <code>CallbackHandler</code> object used by * @param callbackHandler the {@code CallbackHandler} object used by
* LoginModules to communicate with the user. * LoginModules to communicate with the user.
* *
* @exception LoginException if the caller-specified <code>name</code> * @exception LoginException if the caller-specified {@code name}
* does not appear in the <code>Configuration</code> * does not appear in the {@code Configuration}
* and there is no <code>Configuration</code> entry * and there is no {@code Configuration} entry
* for "<i>other</i>", or if the caller-specified * for "<i>other</i>", or if the caller-specified
* <code>subject</code> is <code>null</code>, * {@code subject} is {@code null},
* or if the caller-specified * or if the caller-specified
* <code>callbackHandler</code> is <code>null</code>. * {@code callbackHandler} is {@code null}.
* <p> * <p>
* @exception SecurityException if a SecurityManager is set and * @exception SecurityException if a SecurityManager is set and
* the caller does not have * the caller does not have
@ -458,34 +458,34 @@ public class LoginContext {
} }
/** /**
* Instantiate a new <code>LoginContext</code> object with a name, * Instantiate a new {@code LoginContext} object with a name,
* a <code>Subject</code> to be authenticated, * a {@code Subject} to be authenticated,
* a <code>CallbackHandler</code> object, and a login * a {@code CallbackHandler} object, and a login
* <code>Configuration</code>. * {@code Configuration}.
* *
* <p> * <p>
* *
* @param name the name used as the index into the caller-specified * @param name the name used as the index into the caller-specified
* <code>Configuration</code>. <p> * {@code Configuration}. <p>
* *
* @param subject the <code>Subject</code> to authenticate, * @param subject the {@code Subject} to authenticate,
* or <code>null</code>. <p> * or {@code null}. <p>
* *
* @param callbackHandler the <code>CallbackHandler</code> object used by * @param callbackHandler the {@code CallbackHandler} object used by
* LoginModules to communicate with the user, or <code>null</code>. * LoginModules to communicate with the user, or {@code null}.
* <p> * <p>
* *
* @param config the <code>Configuration</code> that lists the * @param config the {@code Configuration} that lists the
* login modules to be called to perform the authentication, * login modules to be called to perform the authentication,
* or <code>null</code>. * or {@code null}.
* *
* @exception LoginException if the caller-specified <code>name</code> * @exception LoginException if the caller-specified {@code name}
* does not appear in the <code>Configuration</code> * does not appear in the {@code Configuration}
* and there is no <code>Configuration</code> entry * and there is no {@code Configuration} entry
* for "<i>other</i>". * for "<i>other</i>".
* <p> * <p>
* @exception SecurityException if a SecurityManager is set, * @exception SecurityException if a SecurityManager is set,
* <i>config</i> is <code>null</code>, * <i>config</i> is {@code null},
* and either the caller does not have * and either the caller does not have
* AuthPermission("createLoginContext.<i>name</i>"), * AuthPermission("createLoginContext.<i>name</i>"),
* or if a configuration entry for <i>name</i> does not exist and * or if a configuration entry for <i>name</i> does not exist and
@ -522,46 +522,46 @@ public class LoginContext {
/** /**
* Perform the authentication. * Perform the authentication.
* *
* <p> This method invokes the <code>login</code> method for each * <p> This method invokes the {@code login} method for each
* LoginModule configured for the <i>name</i> specified to the * LoginModule configured for the <i>name</i> specified to the
* <code>LoginContext</code> constructor, as determined by the login * {@code LoginContext} constructor, as determined by the login
* <code>Configuration</code>. Each <code>LoginModule</code> * {@code Configuration}. Each {@code LoginModule}
* then performs its respective type of authentication * then performs its respective type of authentication
* (username/password, smart card pin verification, etc.). * (username/password, smart card pin verification, etc.).
* *
* <p> This method completes a 2-phase authentication process by * <p> This method completes a 2-phase authentication process by
* calling each configured LoginModule's <code>commit</code> method * calling each configured LoginModule's {@code commit} method
* if the overall authentication succeeded (the relevant REQUIRED, * if the overall authentication succeeded (the relevant REQUIRED,
* REQUISITE, SUFFICIENT, and OPTIONAL LoginModules succeeded), * REQUISITE, SUFFICIENT, and OPTIONAL LoginModules succeeded),
* or by calling each configured LoginModule's <code>abort</code> method * or by calling each configured LoginModule's {@code abort} method
* if the overall authentication failed. If authentication succeeded, * if the overall authentication failed. If authentication succeeded,
* each successful LoginModule's <code>commit</code> method associates * each successful LoginModule's {@code commit} method associates
* the relevant Principals and Credentials with the <code>Subject</code>. * the relevant Principals and Credentials with the {@code Subject}.
* If authentication failed, each LoginModule's <code>abort</code> method * If authentication failed, each LoginModule's {@code abort} method
* removes/destroys any previously stored state. * removes/destroys any previously stored state.
* *
* <p> If the <code>commit</code> phase of the authentication process * <p> If the {@code commit} phase of the authentication process
* fails, then the overall authentication fails and this method * fails, then the overall authentication fails and this method
* invokes the <code>abort</code> method for each configured * invokes the {@code abort} method for each configured
* <code>LoginModule</code>. * {@code LoginModule}.
* *
* <p> If the <code>abort</code> phase * <p> If the {@code abort} phase
* fails for any reason, then this method propagates the * fails for any reason, then this method propagates the
* original exception thrown either during the <code>login</code> phase * original exception thrown either during the {@code login} phase
* or the <code>commit</code> phase. In either case, the overall * or the {@code commit} phase. In either case, the overall
* authentication fails. * authentication fails.
* *
* <p> In the case where multiple LoginModules fail, * <p> In the case where multiple LoginModules fail,
* this method propagates the exception raised by the first * this method propagates the exception raised by the first
* <code>LoginModule</code> which failed. * {@code LoginModule} which failed.
* *
* <p> Note that if this method enters the <code>abort</code> phase * <p> Note that if this method enters the {@code abort} phase
* (either the <code>login</code> or <code>commit</code> phase failed), * (either the {@code login} or {@code commit} phase failed),
* this method invokes all LoginModules configured for the * this method invokes all LoginModules configured for the
* application regardless of their respective <code>Configuration</code> * application regardless of their respective {@code Configuration}
* flag parameters. Essentially this means that <code>Requisite</code> * flag parameters. Essentially this means that {@code Requisite}
* and <code>Sufficient</code> semantics are ignored during the * and {@code Sufficient} semantics are ignored during the
* <code>abort</code> phase. This guarantees that proper cleanup * {@code abort} phase. This guarantees that proper cleanup
* and state restoration can take place. * and state restoration can take place.
* *
* <p> * <p>
@ -602,19 +602,19 @@ public class LoginContext {
} }
/** /**
* Logout the <code>Subject</code>. * Logout the {@code Subject}.
* *
* <p> This method invokes the <code>logout</code> method for each * <p> This method invokes the {@code logout} method for each
* <code>LoginModule</code> configured for this <code>LoginContext</code>. * {@code LoginModule} configured for this {@code LoginContext}.
* Each <code>LoginModule</code> performs its respective logout procedure * Each {@code LoginModule} performs its respective logout procedure
* which may include removing/destroying * which may include removing/destroying
* <code>Principal</code> and <code>Credential</code> information * {@code Principal} and {@code Credential} information
* from the <code>Subject</code> and state cleanup. * from the {@code Subject} and state cleanup.
* *
* <p> Note that this method invokes all LoginModules configured for the * <p> Note that this method invokes all LoginModules configured for the
* application regardless of their respective * application regardless of their respective
* <code>Configuration</code> flag parameters. Essentially this means * {@code Configuration} flag parameters. Essentially this means
* that <code>Requisite</code> and <code>Sufficient</code> semantics are * that {@code Requisite} and {@code Sufficient} semantics are
* ignored for this method. This guarantees that proper cleanup * ignored for this method. This guarantees that proper cleanup
* and state restoration can take place. * and state restoration can take place.
* *

39
jdk/src/share/classes/javax/security/auth/login/package-info.java Normal file
View file

@ -0,0 +1,39 @@
/*
* Copyright (c) 2000, 2013, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
* under the terms of the GNU General Public License version 2 only, as
* published by the Free Software Foundation. Oracle designates this
* particular file as subject to the "Classpath" exception as provided
* by Oracle in the LICENSE file that accompanied this code.
*
* This code is distributed in the hope that it will be useful, but WITHOUT
* ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
* FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
* version 2 for more details (a copy is included in the LICENSE file that
* accompanied this code).
*
* You should have received a copy of the GNU General Public License version
* 2 along with this work; if not, write to the Free Software Foundation,
* Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
*
* Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
* or visit www.oracle.com if you need additional information or have any
* questions.
*/
/**
* This package provides a pluggable authentication framework.
* <h2>Package Specification</h2>
*
* <ul>
* <li><a href="{@docRoot}/../technotes/guides/security/StandardNames.html">
* <b>Java&trade;
* Cryptography Architecture Standard Algorithm Name
* Documentation</b></a></li>
* </ul>
*
* @since 1.4
*/
package javax.security.auth.login;

54
jdk/src/share/classes/javax/security/auth/login/package.html
View file

@ -1,54 +0,0 @@
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 3.2 Final//EN">
<html>
<head>
<!--
Copyright (c) 2000, 2011, Oracle and/or its affiliates. All rights reserved.
DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
This code is free software; you can redistribute it and/or modify it
under the terms of the GNU General Public License version 2 only, as
published by the Free Software Foundation. Oracle designates this
particular file as subject to the "Classpath" exception as provided
by Oracle in the LICENSE file that accompanied this code.
This code is distributed in the hope that it will be useful, but WITHOUT
ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
version 2 for more details (a copy is included in the LICENSE file that
accompanied this code).
You should have received a copy of the GNU General Public License version
2 along with this work; if not, write to the Free Software Foundation,
Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
or visit www.oracle.com if you need additional information or have any
questions.
-->
</head>
<body bgcolor="white">
This package provides a pluggable authentication framework.
<h2>Package Specification</h2>
<ul>
<li><a href="{@docRoot}/../technotes/guides/security/StandardNames.html">
<b>Java<FONT SIZE=-2><SUP>TM</SUP></FONT>
Cryptography Architecture Standard Algorithm Name
Documentation</b></a></li>
</ul>
<!--
<h2>Related Documentation</h2>
For overviews, tutorials, examples, guides, and tool documentation, please see:
<ul>
<li><a href="">##### REFER TO NON-SPEC DOCUMENTATION HERE #####</a>
</ul>
-->
@since 1.4
</body>
</html>

38
jdk/src/share/classes/javax/security/auth/package-info.java Normal file
View file

@ -0,0 +1,38 @@
/*
* Copyright (c) 2000, 2013, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
* under the terms of the GNU General Public License version 2 only, as
* published by the Free Software Foundation. Oracle designates this
* particular file as subject to the "Classpath" exception as provided
* by Oracle in the LICENSE file that accompanied this code.
*
* This code is distributed in the hope that it will be useful, but WITHOUT
* ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
* FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
* version 2 for more details (a copy is included in the LICENSE file that
* accompanied this code).
*
* You should have received a copy of the GNU General Public License version
* 2 along with this work; if not, write to the Free Software Foundation,
* Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
*
* Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
* or visit www.oracle.com if you need additional information or have any
* questions.
*/
/**
* This package provides a framework for authentication and
* authorization. The framework allows
* authentication to be performed in pluggable fashion. Different
* authentication modules can be plugged under an application without
* requiring modifications to the application itself. The
* authorization component allows specification of access controls
* based on code location, code signers and code executors
* (Subjects).
*
* @since JDK1.4
*/
package javax.security.auth;

61
jdk/src/share/classes/javax/security/auth/package.html
View file

@ -1,61 +0,0 @@
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 3.2 Final//EN">
<html>
<head>
<!--
Copyright (c) 2000, Oracle and/or its affiliates. All rights reserved.
DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
This code is free software; you can redistribute it and/or modify it
under the terms of the GNU General Public License version 2 only, as
published by the Free Software Foundation. Oracle designates this
particular file as subject to the "Classpath" exception as provided
by Oracle in the LICENSE file that accompanied this code.
This code is distributed in the hope that it will be useful, but WITHOUT
ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
version 2 for more details (a copy is included in the LICENSE file that
accompanied this code).
You should have received a copy of the GNU General Public License version
2 along with this work; if not, write to the Free Software Foundation,
Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
or visit www.oracle.com if you need additional information or have any
questions.
-->
</head>
<body bgcolor="white">
This package provides a framework for authentication and
authorization. The framework allows
authentication to be performed in pluggable fashion. Different
authentication modules can be plugged under an application without
requiring modifications to the application itself. The
authorization component allows specification of access controls
based on code location, code signers and code executors
(Subjects).
<!--
<h2>Package Specification</h2>
##### FILL IN ANY SPECS NEEDED BY JAVA COMPATIBILITY KIT #####
<ul>
<li><a href="">##### REFER TO ANY FRAMEMAKER SPECIFICATION HERE #####</a>
</ul>
<h2>Related Documentation</h2>
For overviews, tutorials, examples, guides, and tool documentation, please see:
<ul>
<li><a href="">##### REFER TO NON-SPEC DOCUMENTATION HERE #####</a>
</ul>
-->
@since JDK1.4
</body>
</html>

142
jdk/src/share/classes/javax/security/auth/spi/LoginModule.java
View file

@ -1,5 +1,5 @@
/* /*
* Copyright (c) 1998, 2004, Oracle and/or its affiliates. All rights reserved. * Copyright (c) 1998, 2013, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
* *
* This code is free software; you can redistribute it and/or modify it * This code is free software; you can redistribute it and/or modify it
@ -32,95 +32,95 @@ import javax.security.auth.login.*;
import java.util.Map; import java.util.Map;
/** /**
* <p> <code>LoginModule</code> describes the interface * <p> {@code LoginModule} describes the interface
* implemented by authentication technology providers. LoginModules * implemented by authentication technology providers. LoginModules
* are plugged in under applications to provide a particular type of * are plugged in under applications to provide a particular type of
* authentication. * authentication.
* *
* <p> While applications write to the <code>LoginContext</code> API, * <p> While applications write to the {@code LoginContext} API,
* authentication technology providers implement the * authentication technology providers implement the
* <code>LoginModule</code> interface. * {@code LoginModule} interface.
* A <code>Configuration</code> specifies the LoginModule(s) * A {@code Configuration} specifies the LoginModule(s)
* to be used with a particular login application. Therefore different * to be used with a particular login application. Therefore different
* LoginModules can be plugged in under the application without * LoginModules can be plugged in under the application without
* requiring any modifications to the application itself. * requiring any modifications to the application itself.
* *
* <p> The <code>LoginContext</code> is responsible for reading the * <p> The {@code LoginContext} is responsible for reading the
* <code>Configuration</code> and instantiating the appropriate * {@code Configuration} and instantiating the appropriate
* LoginModules. Each <code>LoginModule</code> is initialized with * LoginModules. Each {@code LoginModule} is initialized with
* a <code>Subject</code>, a <code>CallbackHandler</code>, shared * a {@code Subject}, a {@code CallbackHandler}, shared
* <code>LoginModule</code> state, and LoginModule-specific options. * {@code LoginModule} state, and LoginModule-specific options.
* *
* The <code>Subject</code> represents the * The {@code Subject} represents the
* <code>Subject</code> currently being authenticated and is updated * {@code Subject} currently being authenticated and is updated
* with relevant Credentials if authentication succeeds. * with relevant Credentials if authentication succeeds.
* LoginModules use the <code>CallbackHandler</code> to * LoginModules use the {@code CallbackHandler} to
* communicate with users. The <code>CallbackHandler</code> may be * communicate with users. The {@code CallbackHandler} may be
* used to prompt for usernames and passwords, for example. * used to prompt for usernames and passwords, for example.
* Note that the <code>CallbackHandler</code> may be null. LoginModules * Note that the {@code CallbackHandler} may be null. LoginModules
* which absolutely require a <code>CallbackHandler</code> to authenticate * which absolutely require a {@code CallbackHandler} to authenticate
* the <code>Subject</code> may throw a <code>LoginException</code>. * the {@code Subject} may throw a {@code LoginException}.
* LoginModules optionally use the shared state to share information * LoginModules optionally use the shared state to share information
* or data among themselves. * or data among themselves.
* *
* <p> The LoginModule-specific options represent the options * <p> The LoginModule-specific options represent the options
* configured for this <code>LoginModule</code> by an administrator or user * configured for this {@code LoginModule} by an administrator or user
* in the login <code>Configuration</code>. * in the login {@code Configuration}.
* The options are defined by the <code>LoginModule</code> itself * The options are defined by the {@code LoginModule} itself
* and control the behavior within it. For example, a * and control the behavior within it. For example, a
* <code>LoginModule</code> may define options to support debugging/testing * {@code LoginModule} may define options to support debugging/testing
* capabilities. Options are defined using a key-value syntax, * capabilities. Options are defined using a key-value syntax,
* such as <i>debug=true</i>. The <code>LoginModule</code> * such as <i>debug=true</i>. The {@code LoginModule}
* stores the options as a <code>Map</code> so that the values may * stores the options as a {@code Map} so that the values may
* be retrieved using the key. Note that there is no limit to the number * be retrieved using the key. Note that there is no limit to the number
* of options a <code>LoginModule</code> chooses to define. * of options a {@code LoginModule} chooses to define.
* *
* <p> The calling application sees the authentication process as a single * <p> The calling application sees the authentication process as a single
* operation. However, the authentication process within the * operation. However, the authentication process within the
* <code>LoginModule</code> proceeds in two distinct phases. * {@code LoginModule} proceeds in two distinct phases.
* In the first phase, the LoginModule's * In the first phase, the LoginModule's
* <code>login</code> method gets invoked by the LoginContext's * {@code login} method gets invoked by the LoginContext's
* <code>login</code> method. The <code>login</code> * {@code login} method. The {@code login}
* method for the <code>LoginModule</code> then performs * method for the {@code LoginModule} then performs
* the actual authentication (prompt for and verify a password for example) * the actual authentication (prompt for and verify a password for example)
* and saves its authentication status as private state * and saves its authentication status as private state
* information. Once finished, the LoginModule's <code>login</code> * information. Once finished, the LoginModule's {@code login}
* method either returns <code>true</code> (if it succeeded) or * method either returns {@code true} (if it succeeded) or
* <code>false</code> (if it should be ignored), or throws a * {@code false} (if it should be ignored), or throws a
* <code>LoginException</code> to specify a failure. * {@code LoginException} to specify a failure.
* In the failure case, the <code>LoginModule</code> must not retry the * In the failure case, the {@code LoginModule} must not retry the
* authentication or introduce delays. The responsibility of such tasks * authentication or introduce delays. The responsibility of such tasks
* belongs to the application. If the application attempts to retry * belongs to the application. If the application attempts to retry
* the authentication, the LoginModule's <code>login</code> method will be * the authentication, the LoginModule's {@code login} method will be
* called again. * called again.
* *
* <p> In the second phase, if the LoginContext's overall authentication * <p> In the second phase, if the LoginContext's overall authentication
* succeeded (the relevant REQUIRED, REQUISITE, SUFFICIENT and OPTIONAL * succeeded (the relevant REQUIRED, REQUISITE, SUFFICIENT and OPTIONAL
* LoginModules succeeded), then the <code>commit</code> * LoginModules succeeded), then the {@code commit}
* method for the <code>LoginModule</code> gets invoked. * method for the {@code LoginModule} gets invoked.
* The <code>commit</code> method for a <code>LoginModule</code> checks its * The {@code commit} method for a {@code LoginModule} checks its
* privately saved state to see if its own authentication succeeded. * privately saved state to see if its own authentication succeeded.
* If the overall <code>LoginContext</code> authentication succeeded * If the overall {@code LoginContext} authentication succeeded
* and the LoginModule's own authentication succeeded, then the * and the LoginModule's own authentication succeeded, then the
* <code>commit</code> method associates the relevant * {@code commit} method associates the relevant
* Principals (authenticated identities) and Credentials (authentication data * Principals (authenticated identities) and Credentials (authentication data
* such as cryptographic keys) with the <code>Subject</code> * such as cryptographic keys) with the {@code Subject}
* located within the <code>LoginModule</code>. * located within the {@code LoginModule}.
* *
* <p> If the LoginContext's overall authentication failed (the relevant * <p> If the LoginContext's overall authentication failed (the relevant
* REQUIRED, REQUISITE, SUFFICIENT and OPTIONAL LoginModules did not succeed), * REQUIRED, REQUISITE, SUFFICIENT and OPTIONAL LoginModules did not succeed),
* then the <code>abort</code> method for each <code>LoginModule</code> * then the {@code abort} method for each {@code LoginModule}
* gets invoked. In this case, the <code>LoginModule</code> removes/destroys * gets invoked. In this case, the {@code LoginModule} removes/destroys
* any authentication state originally saved. * any authentication state originally saved.
* *
* <p> Logging out a <code>Subject</code> involves only one phase. * <p> Logging out a {@code Subject} involves only one phase.
* The <code>LoginContext</code> invokes the LoginModule's <code>logout</code> * The {@code LoginContext} invokes the LoginModule's {@code logout}
* method. The <code>logout</code> method for the <code>LoginModule</code> * method. The {@code logout} method for the {@code LoginModule}
* then performs the logout procedures, such as removing Principals or * then performs the logout procedures, such as removing Principals or
* Credentials from the <code>Subject</code> or logging session information. * Credentials from the {@code Subject} or logging session information.
* *
* <p> A <code>LoginModule</code> implementation must have a constructor with * <p> A {@code LoginModule} implementation must have a constructor with
* no arguments. This allows classes which load the <code>LoginModule</code> * no arguments. This allows classes which load the {@code LoginModule}
* to instantiate it. * to instantiate it.
* *
* @see javax.security.auth.login.LoginContext * @see javax.security.auth.login.LoginContext
@ -131,38 +131,38 @@ public interface LoginModule {
/** /**
* Initialize this LoginModule. * Initialize this LoginModule.
* *
* <p> This method is called by the <code>LoginContext</code> * <p> This method is called by the {@code LoginContext}
* after this <code>LoginModule</code> has been instantiated. * after this {@code LoginModule} has been instantiated.
* The purpose of this method is to initialize this * The purpose of this method is to initialize this
* <code>LoginModule</code> with the relevant information. * {@code LoginModule} with the relevant information.
* If this <code>LoginModule</code> does not understand * If this {@code LoginModule} does not understand
* any of the data stored in <code>sharedState</code> or * any of the data stored in {@code sharedState} or
* <code>options</code> parameters, they can be ignored. * {@code options} parameters, they can be ignored.
* *
* <p> * <p>
* *
* @param subject the <code>Subject</code> to be authenticated. <p> * @param subject the {@code Subject} to be authenticated. <p>
* *
* @param callbackHandler a <code>CallbackHandler</code> for communicating * @param callbackHandler a {@code CallbackHandler} for communicating
* with the end user (prompting for usernames and * with the end user (prompting for usernames and
* passwords, for example). <p> * passwords, for example). <p>
* *
* @param sharedState state shared with other configured LoginModules. <p> * @param sharedState state shared with other configured LoginModules. <p>
* *
* @param options options specified in the login * @param options options specified in the login
* <code>Configuration</code> for this particular * {@code Configuration} for this particular
* <code>LoginModule</code>. * {@code LoginModule}.
*/ */
void initialize(Subject subject, CallbackHandler callbackHandler, void initialize(Subject subject, CallbackHandler callbackHandler,
Map<String,?> sharedState, Map<String,?> sharedState,
Map<String,?> options); Map<String,?> options);
/** /**
* Method to authenticate a <code>Subject</code> (phase 1). * Method to authenticate a {@code Subject} (phase 1).
* *
* <p> The implementation of this method authenticates * <p> The implementation of this method authenticates
* a <code>Subject</code>. For example, it may prompt for * a {@code Subject}. For example, it may prompt for
* <code>Subject</code> information such * {@code Subject} information such
* as a username and password and then attempt to verify the password. * as a username and password and then attempt to verify the password.
* This method saves the result of the authentication attempt * This method saves the result of the authentication attempt
* as private state within the LoginModule. * as private state within the LoginModule.
@ -172,7 +172,7 @@ public interface LoginModule {
* @exception LoginException if the authentication fails * @exception LoginException if the authentication fails
* *
* @return true if the authentication succeeded, or false if this * @return true if the authentication succeeded, or false if this
* <code>LoginModule</code> should be ignored. * {@code LoginModule} should be ignored.
*/ */
boolean login() throws LoginException; boolean login() throws LoginException;
@ -186,9 +186,9 @@ public interface LoginModule {
* *
* <p> If this LoginModule's own authentication attempt * <p> If this LoginModule's own authentication attempt
* succeeded (checked by retrieving the private state saved by the * succeeded (checked by retrieving the private state saved by the
* <code>login</code> method), then this method associates relevant * {@code login} method), then this method associates relevant
* Principals and Credentials with the <code>Subject</code> located in the * Principals and Credentials with the {@code Subject} located in the
* <code>LoginModule</code>. If this LoginModule's own * {@code LoginModule}. If this LoginModule's own
* authentication attempted failed, then this method removes/destroys * authentication attempted failed, then this method removes/destroys
* any state that was originally saved. * any state that was originally saved.
* *
@ -197,7 +197,7 @@ public interface LoginModule {
* @exception LoginException if the commit fails * @exception LoginException if the commit fails
* *
* @return true if this method succeeded, or false if this * @return true if this method succeeded, or false if this
* <code>LoginModule</code> should be ignored. * {@code LoginModule} should be ignored.
*/ */
boolean commit() throws LoginException; boolean commit() throws LoginException;
@ -211,7 +211,7 @@ public interface LoginModule {
* *
* <p> If this LoginModule's own authentication attempt * <p> If this LoginModule's own authentication attempt
* succeeded (checked by retrieving the private state saved by the * succeeded (checked by retrieving the private state saved by the
* <code>login</code> method), then this method cleans up any state * {@code login} method), then this method cleans up any state
* that was originally saved. * that was originally saved.
* *
* <p> * <p>
@ -219,12 +219,12 @@ public interface LoginModule {
* @exception LoginException if the abort fails * @exception LoginException if the abort fails
* *
* @return true if this method succeeded, or false if this * @return true if this method succeeded, or false if this
* <code>LoginModule</code> should be ignored. * {@code LoginModule} should be ignored.
*/ */
boolean abort() throws LoginException; boolean abort() throws LoginException;
/** /**
* Method which logs out a <code>Subject</code>. * Method which logs out a {@code Subject}.
* *
* <p>An implementation of this method might remove/destroy a Subject's * <p>An implementation of this method might remove/destroy a Subject's
* Principals and Credentials. * Principals and Credentials.
@ -234,7 +234,7 @@ public interface LoginModule {
* @exception LoginException if the logout fails * @exception LoginException if the logout fails
* *
* @return true if this method succeeded, or false if this * @return true if this method succeeded, or false if this
* <code>LoginModule</code> should be ignored. * {@code LoginModule} should be ignored.
*/ */
boolean logout() throws LoginException; boolean logout() throws LoginException;
} }

32
jdk/src/share/classes/javax/security/auth/spi/package-info.java Normal file
View file

@ -0,0 +1,32 @@
/*
* Copyright (c) 2000, 2013, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
* under the terms of the GNU General Public License version 2 only, as
* published by the Free Software Foundation. Oracle designates this
* particular file as subject to the "Classpath" exception as provided
* by Oracle in the LICENSE file that accompanied this code.
*
* This code is distributed in the hope that it will be useful, but WITHOUT
* ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
* FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
* version 2 for more details (a copy is included in the LICENSE file that
* accompanied this code).
*
* You should have received a copy of the GNU General Public License version
* 2 along with this work; if not, write to the Free Software Foundation,
* Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
*
* Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
* or visit www.oracle.com if you need additional information or have any
* questions.
*/
/**
* This package provides the interface to be used for
* implementing pluggable authentication modules.
*
* @since JDK1.4
*/
package javax.security.auth.spi;

53
jdk/src/share/classes/javax/security/auth/spi/package.html
View file

@ -1,53 +0,0 @@
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 3.2 Final//EN">
<html>
<head>
<!--
Copyright (c) 2000, Oracle and/or its affiliates. All rights reserved.
DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
This code is free software; you can redistribute it and/or modify it
under the terms of the GNU General Public License version 2 only, as
published by the Free Software Foundation. Oracle designates this
particular file as subject to the "Classpath" exception as provided
by Oracle in the LICENSE file that accompanied this code.
This code is distributed in the hope that it will be useful, but WITHOUT
ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
version 2 for more details (a copy is included in the LICENSE file that
accompanied this code).
You should have received a copy of the GNU General Public License version
2 along with this work; if not, write to the Free Software Foundation,
Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
or visit www.oracle.com if you need additional information or have any
questions.
-->
</head>
<body bgcolor="white">
This package provides the interface to be used for
implementing pluggable authentication modules.
<!--
<h2>Package Specification</h2>
##### FILL IN ANY SPECS NEEDED BY JAVA COMPATIBILITY KIT #####
<ul>
<li><a href="">##### REFER TO ANY FRAMEMAKER SPECIFICATION HERE #####</a>
</ul>
<h2>Related Documentation</h2>
For overviews, tutorials, examples, guides, and tool documentation, please see:
<ul>
<li><a href="">##### REFER TO NON-SPEC DOCUMENTATION HERE #####</a>
</ul>
-->
@since JDK1.4
</body>
</html>

110
jdk/src/share/classes/javax/security/auth/x500/X500Principal.java
View file

@ -1,5 +1,5 @@
/* /*
* Copyright (c) 2000, 2012, Oracle and/or its affiliates. All rights reserved. * Copyright (c) 2000, 2013, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
* *
* This code is free software; you can redistribute it and/or modify it * This code is free software; you can redistribute it and/or modify it
@ -33,8 +33,8 @@ import sun.security.x509.X500Name;
import sun.security.util.*; import sun.security.util.*;
/** /**
* <p> This class represents an X.500 <code>Principal</code>. * <p> This class represents an X.500 {@code Principal}.
* <code>X500Principal</code>s are represented by distinguished names such as * {@code X500Principal}s are represented by distinguished names such as
* "CN=Duke, OU=JavaSoft, O=Sun Microsystems, C=US". * "CN=Duke, OU=JavaSoft, O=Sun Microsystems, C=US".
* *
* <p> This class can be instantiated by using a string representation * <p> This class can be instantiated by using a string representation
@ -50,12 +50,12 @@ import sun.security.util.*;
* <a href="http://www.ietf.org/rfc/rfc3280.txt">RFC 3280: Internet X.509 * <a href="http://www.ietf.org/rfc/rfc3280.txt">RFC 3280: Internet X.509
* Public Key Infrastructure Certificate and CRL Profile</a>. * Public Key Infrastructure Certificate and CRL Profile</a>.
* *
* <p> The string representation for this <code>X500Principal</code> * <p> The string representation for this {@code X500Principal}
* can be obtained by calling the <code>getName</code> methods. * can be obtained by calling the {@code getName} methods.
* *
* <p> Note that the <code>getSubjectX500Principal</code> and * <p> Note that the {@code getSubjectX500Principal} and
* <code>getIssuerX500Principal</code> methods of * {@code getIssuerX500Principal} methods of
* <code>X509Certificate</code> return X500Principals representing the * {@code X509Certificate} return X500Principals representing the
* issuer and subject fields of the certificate. * issuer and subject fields of the certificate.
* *
* @see java.security.cert.X509Certificate * @see java.security.cert.X509Certificate
@ -97,7 +97,7 @@ public final class X500Principal implements Principal, java.io.Serializable {
} }
/** /**
* Creates an <code>X500Principal</code> from a string representation of * Creates an {@code X500Principal} from a string representation of
* an X.500 distinguished name (ex: * an X.500 distinguished name (ex:
* "CN=Duke, OU=JavaSoft, O=Sun Microsystems, C=US"). * "CN=Duke, OU=JavaSoft, O=Sun Microsystems, C=US").
* The distinguished name must be specified using the grammar defined in * The distinguished name must be specified using the grammar defined in
@ -119,9 +119,9 @@ public final class X500Principal implements Principal, java.io.Serializable {
* <p>{@code numericoid = number 1*( DOT number ) } * <p>{@code numericoid = number 1*( DOT number ) }
* *
* @param name an X.500 distinguished name in RFC 1779 or RFC 2253 format * @param name an X.500 distinguished name in RFC 1779 or RFC 2253 format
* @exception NullPointerException if the <code>name</code> * @exception NullPointerException if the {@code name}
* is <code>null</code> * is {@code null}
* @exception IllegalArgumentException if the <code>name</code> * @exception IllegalArgumentException if the {@code name}
* is improperly specified * is improperly specified
*/ */
public X500Principal(String name) { public X500Principal(String name) {
@ -129,7 +129,7 @@ public final class X500Principal implements Principal, java.io.Serializable {
} }
/** /**
* Creates an <code>X500Principal</code> from a string representation of * Creates an {@code X500Principal} from a string representation of
* an X.500 distinguished name (ex: * an X.500 distinguished name (ex:
* "CN=Duke, OU=JavaSoft, O=Sun Microsystems, C=US"). * "CN=Duke, OU=JavaSoft, O=Sun Microsystems, C=US").
* The distinguished name must be specified using the grammar defined in * The distinguished name must be specified using the grammar defined in
@ -137,13 +137,13 @@ public final class X500Principal implements Principal, java.io.Serializable {
* *
* <p> This constructor recognizes the attribute type keywords specified * <p> This constructor recognizes the attribute type keywords specified
* in {@link #X500Principal(String)} and also recognizes additional * in {@link #X500Principal(String)} and also recognizes additional
* keywords that have entries in the <code>keywordMap</code> parameter. * keywords that have entries in the {@code keywordMap} parameter.
* Keyword entries in the keywordMap take precedence over the default * Keyword entries in the keywordMap take precedence over the default
* keywords recognized by <code>X500Principal(String)</code>. Keywords * keywords recognized by {@code X500Principal(String)}. Keywords
* MUST be specified in all upper-case, otherwise they will be ignored. * MUST be specified in all upper-case, otherwise they will be ignored.
* Improperly specified keywords are ignored; however if a keyword in the * Improperly specified keywords are ignored; however if a keyword in the
* name maps to an improperly specified Object Identifier (OID), an * name maps to an improperly specified Object Identifier (OID), an
* <code>IllegalArgumentException</code> is thrown. It is permissible to * {@code IllegalArgumentException} is thrown. It is permissible to
* have 2 different keywords that map to the same OID. * have 2 different keywords that map to the same OID.
* *
* <p>This implementation enforces a more restrictive OID syntax than * <p>This implementation enforces a more restrictive OID syntax than
@ -157,11 +157,11 @@ public final class X500Principal implements Principal, java.io.Serializable {
* @param keywordMap an attribute type keyword map, where each key is a * @param keywordMap an attribute type keyword map, where each key is a
* keyword String that maps to a corresponding object identifier in String * keyword String that maps to a corresponding object identifier in String
* form (a sequence of nonnegative integers separated by periods). The map * form (a sequence of nonnegative integers separated by periods). The map
* may be empty but never <code>null</code>. * may be empty but never {@code null}.
* @exception NullPointerException if <code>name</code> or * @exception NullPointerException if {@code name} or
* <code>keywordMap</code> is <code>null</code> * {@code keywordMap} is {@code null}
* @exception IllegalArgumentException if the <code>name</code> is * @exception IllegalArgumentException if the {@code name} is
* improperly specified or a keyword in the <code>name</code> maps to an * improperly specified or a keyword in the {@code name} maps to an
* OID that is not in the correct form * OID that is not in the correct form
* @since 1.6 * @since 1.6
*/ */
@ -188,10 +188,10 @@ public final class X500Principal implements Principal, java.io.Serializable {
} }
/** /**
* Creates an <code>X500Principal</code> from a distinguished name in * Creates an {@code X500Principal} from a distinguished name in
* ASN.1 DER encoded form. The ASN.1 notation for this structure is as * ASN.1 DER encoded form. The ASN.1 notation for this structure is as
* follows. * follows.
* <pre><code> * <pre>{@code
* Name ::= CHOICE { * Name ::= CHOICE {
* RDNSequence } * RDNSequence }
* *
@ -214,7 +214,7 @@ public final class X500Principal implements Principal, java.io.Serializable {
* universalString UniversalString (SIZE (1..MAX)), * universalString UniversalString (SIZE (1..MAX)),
* utf8String UTF8String (SIZE (1.. MAX)), * utf8String UTF8String (SIZE (1.. MAX)),
* bmpString BMPString (SIZE (1..MAX)) } * bmpString BMPString (SIZE (1..MAX)) }
* </code></pre> * }</pre>
* *
* @param name a byte array containing the distinguished name in ASN.1 * @param name a byte array containing the distinguished name in ASN.1
* DER encoded form * DER encoded form
@ -233,7 +233,7 @@ public final class X500Principal implements Principal, java.io.Serializable {
} }
/** /**
* Creates an <code>X500Principal</code> from an <code>InputStream</code> * Creates an {@code X500Principal} from an {@code InputStream}
* containing the distinguished name in ASN.1 DER encoded form. * containing the distinguished name in ASN.1 DER encoded form.
* The ASN.1 notation for this structure is supplied in the * The ASN.1 notation for this structure is supplied in the
* documentation for * documentation for
@ -242,11 +242,11 @@ public final class X500Principal implements Principal, java.io.Serializable {
* <p> The read position of the input stream is positioned * <p> The read position of the input stream is positioned
* to the next available byte after the encoded distinguished name. * to the next available byte after the encoded distinguished name.
* *
* @param is an <code>InputStream</code> containing the distinguished * @param is an {@code InputStream} containing the distinguished
* name in ASN.1 DER encoded form * name in ASN.1 DER encoded form
* *
* @exception NullPointerException if the <code>InputStream</code> * @exception NullPointerException if the {@code InputStream}
* is <code>null</code> * is {@code null}
* @exception IllegalArgumentException if an encoding error occurs * @exception IllegalArgumentException if an encoding error occurs
* (incorrect form for DN) * (incorrect form for DN)
*/ */
@ -284,9 +284,9 @@ public final class X500Principal implements Principal, java.io.Serializable {
* the format defined in RFC 2253. * the format defined in RFC 2253.
* *
* <p>This method is equivalent to calling * <p>This method is equivalent to calling
* <code>getName(X500Principal.RFC2253)</code>. * {@code getName(X500Principal.RFC2253)}.
* *
* @return the distinguished name of this <code>X500Principal</code> * @return the distinguished name of this {@code X500Principal}
*/ */
public String getName() { public String getName() {
return getName(X500Principal.RFC2253); return getName(X500Principal.RFC2253);
@ -338,9 +338,9 @@ public final class X500Principal implements Principal, java.io.Serializable {
* those which section 2.4 of RFC 2253 states must be escaped * those which section 2.4 of RFC 2253 states must be escaped
* (they are escaped using a preceding backslash character) * (they are escaped using a preceding backslash character)
* <li> The entire name is converted to upper case * <li> The entire name is converted to upper case
* using <code>String.toUpperCase(Locale.US)</code> * using {@code String.toUpperCase(Locale.US)}
* <li> The entire name is converted to lower case * <li> The entire name is converted to lower case
* using <code>String.toLowerCase(Locale.US)</code> * using {@code String.toLowerCase(Locale.US)}
* <li> The name is finally normalized using normalization form KD, * <li> The name is finally normalized using normalization form KD,
* as described in the Unicode Standard and UAX #15 * as described in the Unicode Standard and UAX #15
* </ol> * </ol>
@ -349,7 +349,7 @@ public final class X500Principal implements Principal, java.io.Serializable {
* *
* @param format the format to use * @param format the format to use
* *
* @return a string representation of this <code>X500Principal</code> * @return a string representation of this {@code X500Principal}
* using the specified format * using the specified format
* @throws IllegalArgumentException if the specified format is invalid * @throws IllegalArgumentException if the specified format is invalid
* or null * or null
@ -371,16 +371,16 @@ public final class X500Principal implements Principal, java.io.Serializable {
* Returns a string representation of the X.500 distinguished name * Returns a string representation of the X.500 distinguished name
* using the specified format. Valid values for the format are * using the specified format. Valid values for the format are
* "RFC1779" and "RFC2253" (case insensitive). "CANONICAL" is not * "RFC1779" and "RFC2253" (case insensitive). "CANONICAL" is not
* permitted and an <code>IllegalArgumentException</code> will be thrown. * permitted and an {@code IllegalArgumentException} will be thrown.
* *
* <p>This method returns Strings in the format as specified in * <p>This method returns Strings in the format as specified in
* {@link #getName(String)} and also emits additional attribute type * {@link #getName(String)} and also emits additional attribute type
* keywords for OIDs that have entries in the <code>oidMap</code> * keywords for OIDs that have entries in the {@code oidMap}
* parameter. OID entries in the oidMap take precedence over the default * parameter. OID entries in the oidMap take precedence over the default
* OIDs recognized by <code>getName(String)</code>. * OIDs recognized by {@code getName(String)}.
* Improperly specified OIDs are ignored; however if an OID * Improperly specified OIDs are ignored; however if an OID
* in the name maps to an improperly specified keyword, an * in the name maps to an improperly specified keyword, an
* <code>IllegalArgumentException</code> is thrown. * {@code IllegalArgumentException} is thrown.
* *
* <p> Additional standard formats may be introduced in the future. * <p> Additional standard formats may be introduced in the future.
* *
@ -393,12 +393,12 @@ public final class X500Principal implements Principal, java.io.Serializable {
* @param oidMap an OID map, where each key is an object identifier in * @param oidMap an OID map, where each key is an object identifier in
* String form (a sequence of nonnegative integers separated by periods) * String form (a sequence of nonnegative integers separated by periods)
* that maps to a corresponding attribute type keyword String. * that maps to a corresponding attribute type keyword String.
* The map may be empty but never <code>null</code>. * The map may be empty but never {@code null}.
* @return a string representation of this <code>X500Principal</code> * @return a string representation of this {@code X500Principal}
* using the specified format * using the specified format
* @throws IllegalArgumentException if the specified format is invalid, * @throws IllegalArgumentException if the specified format is invalid,
* null, or an OID in the name maps to an improperly specified keyword * null, or an OID in the name maps to an improperly specified keyword
* @throws NullPointerException if <code>oidMap</code> is <code>null</code> * @throws NullPointerException if {@code oidMap} is {@code null}
* @since 1.6 * @since 1.6
*/ */
public String getName(String format, Map<String, String> oidMap) { public String getName(String format, Map<String, String> oidMap) {
@ -438,31 +438,31 @@ public final class X500Principal implements Principal, java.io.Serializable {
/** /**
* Return a user-friendly string representation of this * Return a user-friendly string representation of this
* <code>X500Principal</code>. * {@code X500Principal}.
* *
* @return a string representation of this <code>X500Principal</code> * @return a string representation of this {@code X500Principal}
*/ */
public String toString() { public String toString() {
return thisX500Name.toString(); return thisX500Name.toString();
} }
/** /**
* Compares the specified <code>Object</code> with this * Compares the specified {@code Object} with this
* <code>X500Principal</code> for equality. * {@code X500Principal} for equality.
* *
* <p> Specifically, this method returns <code>true</code> if * <p> Specifically, this method returns {@code true} if
* the <code>Object</code> <i>o</i> is an <code>X500Principal</code> * the {@code Object} <i>o</i> is an {@code X500Principal}
* and if the respective canonical string representations * and if the respective canonical string representations
* (obtained via the <code>getName(X500Principal.CANONICAL)</code> method) * (obtained via the {@code getName(X500Principal.CANONICAL)} method)
* of this object and <i>o</i> are equal. * of this object and <i>o</i> are equal.
* *
* <p> This implementation is compliant with the requirements of RFC 3280. * <p> This implementation is compliant with the requirements of RFC 3280.
* *
* @param o Object to be compared for equality with this * @param o Object to be compared for equality with this
* <code>X500Principal</code> * {@code X500Principal}
* *
* @return <code>true</code> if the specified <code>Object</code> is equal * @return {@code true} if the specified {@code Object} is equal
* to this <code>X500Principal</code>, <code>false</code> otherwise * to this {@code X500Principal}, {@code false} otherwise
*/ */
public boolean equals(Object o) { public boolean equals(Object o) {
if (this == o) { if (this == o) {
@ -476,12 +476,12 @@ public final class X500Principal implements Principal, java.io.Serializable {
} }
/** /**
* Return a hash code for this <code>X500Principal</code>. * Return a hash code for this {@code X500Principal}.
* *
* <p> The hash code is calculated via: * <p> The hash code is calculated via:
* <code>getName(X500Principal.CANONICAL).hashCode()</code> * {@code getName(X500Principal.CANONICAL).hashCode()}
* *
* @return a hash code for this <code>X500Principal</code> * @return a hash code for this {@code X500Principal}
*/ */
public int hashCode() { public int hashCode() {
return thisX500Name.hashCode(); return thisX500Name.hashCode();
@ -490,9 +490,9 @@ public final class X500Principal implements Principal, java.io.Serializable {
/** /**
* Save the X500Principal object to a stream. * Save the X500Principal object to a stream.
* *
* @serialData this <code>X500Principal</code> is serialized * @serialData this {@code X500Principal} is serialized
* by writing out its DER-encoded form * by writing out its DER-encoded form
* (the value of <code>getEncoded</code> is serialized). * (the value of {@code getEncoded} is serialized).
*/ */
private void writeObject(java.io.ObjectOutputStream s) private void writeObject(java.io.ObjectOutputStream s)
throws IOException { throws IOException {

12
jdk/src/share/classes/javax/security/auth/x500/X500PrivateCredential.java
View file

@ -1,5 +1,5 @@
/* /*
* Copyright (c) 2000, 2001, Oracle and/or its affiliates. All rights reserved. * Copyright (c) 2000, 2013, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
* *
* This code is free software; you can redistribute it and/or modify it * This code is free software; you can redistribute it and/or modify it
@ -30,7 +30,7 @@ import java.security.cert.X509Certificate;
import javax.security.auth.Destroyable; import javax.security.auth.Destroyable;
/** /**
* <p> This class represents an <code>X500PrivateCredential</code>. * <p> This class represents an {@code X500PrivateCredential}.
* It associates an X.509 certificate, corresponding private key and the * It associates an X.509 certificate, corresponding private key and the
* KeyStore alias used to reference that exact key pair in the KeyStore. * KeyStore alias used to reference that exact key pair in the KeyStore.
* This enables looking up the private credentials for an X.500 principal * This enables looking up the private credentials for an X.500 principal
@ -48,8 +48,8 @@ public final class X500PrivateCredential implements Destroyable {
* <p> * <p>
* @param cert X509Certificate * @param cert X509Certificate
* @param key PrivateKey for the certificate * @param key PrivateKey for the certificate
* @exception IllegalArgumentException if either <code>cert</code> or * @exception IllegalArgumentException if either {@code cert} or
* <code>key</code> is null * {@code key} is null
* *
*/ */
@ -68,8 +68,8 @@ public final class X500PrivateCredential implements Destroyable {
* @param cert X509Certificate * @param cert X509Certificate
* @param key PrivateKey for the certificate * @param key PrivateKey for the certificate
* @param alias KeyStore alias * @param alias KeyStore alias
* @exception IllegalArgumentException if either <code>cert</code>, * @exception IllegalArgumentException if either {@code cert},
* <code>key</code> or <code>alias</code> is null * {@code key} or {@code alias} is null
* *
*/ */
public X500PrivateCredential(X509Certificate cert, PrivateKey key, public X500PrivateCredential(X509Certificate cert, PrivateKey key,

49
jdk/src/share/classes/javax/security/auth/x500/package-info.java Normal file
View file

@ -0,0 +1,49 @@
/*
* Copyright (c) 2000, 2013, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
* under the terms of the GNU General Public License version 2 only, as
* published by the Free Software Foundation. Oracle designates this
* particular file as subject to the "Classpath" exception as provided
* by Oracle in the LICENSE file that accompanied this code.
*
* This code is distributed in the hope that it will be useful, but WITHOUT
* ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
* FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
* version 2 for more details (a copy is included in the LICENSE file that
* accompanied this code).
*
* You should have received a copy of the GNU General Public License version
* 2 along with this work; if not, write to the Free Software Foundation,
* Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
*
* Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
* or visit www.oracle.com if you need additional information or have any
* questions.
*/
/**
* This package contains the classes that should be used to store
* X500 Principal and X500 Private Credentials in a
* <i>Subject</i>.
*
* <h2>Package Specification</h2>
*
* <ul>
* <li><a href="http://www.ietf.org/rfc/rfc1779.txt">
* RFC 1779: A String Representation of Distinguished Names</a></li>
* <li><a href="http://www.ietf.org/rfc/rfc2253.txt">
* RFC 2253: Lightweight Directory Access Protocol (v3):
* UTF-8 String Representation of Distinguished Names</a></li>
* <li><a href="http://www.ietf.org/rfc/rfc3280.txt">
* RFC 3280: Internet X.509 Public Key Infrastructure
* Certificate and Certificate Revocation List (CRL) Profile</a></li>
* <li><a href="http://www.ietf.org/rfc/rfc4512.txt">
* RFC 4512: Lightweight Directory Access Protocol (LDAP):
* Directory Information Models</a></li>
* </ul>
*
* @since JDK1.4
*/
package javax.security.auth.x500;

64
jdk/src/share/classes/javax/security/auth/x500/package.html
View file

@ -1,64 +0,0 @@
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 3.2 Final//EN">
<html>
<head>
<!--
Copyright (c) 2000, 2012, Oracle and/or its affiliates. All rights reserved.
DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
This code is free software; you can redistribute it and/or modify it
under the terms of the GNU General Public License version 2 only, as
published by the Free Software Foundation. Oracle designates this
particular file as subject to the "Classpath" exception as provided
by Oracle in the LICENSE file that accompanied this code.
This code is distributed in the hope that it will be useful, but WITHOUT
ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
version 2 for more details (a copy is included in the LICENSE file that
accompanied this code).
You should have received a copy of the GNU General Public License version
2 along with this work; if not, write to the Free Software Foundation,
Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
or visit www.oracle.com if you need additional information or have any
questions.
-->
</head>
<body bgcolor="white">
This package contains the classes that should be used to store
X500 Principal and X500 Private Credentials in a
<i>Subject</i>.
<h2>Package Specification</h2>
<ul>
<li><a href="http://www.ietf.org/rfc/rfc1779.txt">
RFC 1779: A String Representation of Distinguished Names</a></li>
<li><a href="http://www.ietf.org/rfc/rfc2253.txt">
RFC 2253: Lightweight Directory Access Protocol (v3):
UTF-8 String Representation of Distinguished Names</a></li>
<li><a href="http://www.ietf.org/rfc/rfc3280.txt">
RFC 3280: Internet X.509 Public Key Infrastructure
Certificate and Certificate Revocation List (CRL) Profile</a></li>
<li><a href="http://www.ietf.org/rfc/rfc4512.txt">
RFC 4512: Lightweight Directory Access Protocol (LDAP):
Directory Information Models</a></li>
</ul>
<!--
<h2>Related Documentation</h2>
For overviews, tutorials, examples, guides, and tool documentation, please see:
<ul>
<li><a href="">##### REFER TO NON-SPEC DOCUMENTATION HERE #####</a>
</ul>
-->
@since JDK1.4
</body>
</html>

10
jdk/src/share/classes/javax/security/cert/Certificate.java
View file

@ -1,5 +1,5 @@
/* /*
* Copyright (c) 1997, 2006, Oracle and/or its affiliates. All rights reserved. * Copyright (c) 1997, 2013, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
* *
* This code is free software; you can redistribute it and/or modify it * This code is free software; you can redistribute it and/or modify it
@ -49,11 +49,11 @@ import java.security.SignatureException;
* sets of information, and they store and retrieve the information in * sets of information, and they store and retrieve the information in
* different ways. * different ways.
* *
* <p><em>Note: The classes in the package <code>javax.security.cert</code> * <p><em>Note: The classes in the package {@code javax.security.cert}
* exist for compatibility with earlier versions of the * exist for compatibility with earlier versions of the
* Java Secure Sockets Extension (JSSE). New applications should instead * Java Secure Sockets Extension (JSSE). New applications should instead
* use the standard Java SE certificate classes located in * use the standard Java SE certificate classes located in
* <code>java.security.cert</code>.</em></p> * {@code java.security.cert}.</em></p>
* *
* @since 1.4 * @since 1.4
* @see X509Certificate * @see X509Certificate
@ -64,8 +64,8 @@ public abstract class Certificate {
/** /**
* Compares this certificate for equality with the specified * Compares this certificate for equality with the specified
* object. If the <code>other</code> object is an * object. If the {@code other} object is an
* <code>instanceof</code> <code>Certificate</code>, then * {@code instanceof} {@code Certificate}, then
* its encoded form is retrieved and compared with the * its encoded form is retrieved and compared with the
* encoded form of this certificate. * encoded form of this certificate.
* *

6
jdk/src/share/classes/javax/security/cert/CertificateEncodingException.java
View file

@ -1,5 +1,5 @@
/* /*
* Copyright (c) 1997, 2011, Oracle and/or its affiliates. All rights reserved. * Copyright (c) 1997, 2013, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
* *
* This code is free software; you can redistribute it and/or modify it * This code is free software; you can redistribute it and/or modify it
@ -30,11 +30,11 @@ package javax.security.cert;
* Certificate Encoding Exception. This is thrown whenever an error * Certificate Encoding Exception. This is thrown whenever an error
* occurs whilst attempting to encode a certificate. * occurs whilst attempting to encode a certificate.
* *
* <p><em>Note: The classes in the package <code>javax.security.cert</code> * <p><em>Note: The classes in the package {@code javax.security.cert}
* exist for compatibility with earlier versions of the * exist for compatibility with earlier versions of the
* Java Secure Sockets Extension (JSSE). New applications should instead * Java Secure Sockets Extension (JSSE). New applications should instead
* use the standard Java SE certificate classes located in * use the standard Java SE certificate classes located in
* <code>java.security.cert</code>.</em></p> * {@code java.security.cert}.</em></p>
* *
* @since 1.4 * @since 1.4
* @author Hemma Prafullchandra * @author Hemma Prafullchandra

6
jdk/src/share/classes/javax/security/cert/CertificateException.java
View file

@ -1,5 +1,5 @@
/* /*
* Copyright (c) 1996, 2011, Oracle and/or its affiliates. All rights reserved. * Copyright (c) 1996, 2013, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
* *
* This code is free software; you can redistribute it and/or modify it * This code is free software; you can redistribute it and/or modify it
@ -29,11 +29,11 @@ package javax.security.cert;
/** /**
* This exception indicates one of a variety of certificate problems. * This exception indicates one of a variety of certificate problems.
* *
* <p><em>Note: The classes in the package <code>javax.security.cert</code> * <p><em>Note: The classes in the package {@code javax.security.cert}
* exist for compatibility with earlier versions of the * exist for compatibility with earlier versions of the
* Java Secure Sockets Extension (JSSE). New applications should instead * Java Secure Sockets Extension (JSSE). New applications should instead
* use the standard Java SE certificate classes located in * use the standard Java SE certificate classes located in
* <code>java.security.cert</code>.</em></p> * {@code java.security.cert}.</em></p>
* *
* @author Hemma Prafullchandra * @author Hemma Prafullchandra
* @since 1.4 * @since 1.4

10
jdk/src/share/classes/javax/security/cert/CertificateExpiredException.java
View file

@ -1,5 +1,5 @@
/* /*
* Copyright (c) 1997, 2011, Oracle and/or its affiliates. All rights reserved. * Copyright (c) 1997, 2013, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
* *
* This code is free software; you can redistribute it and/or modify it * This code is free software; you can redistribute it and/or modify it
@ -28,15 +28,15 @@ package javax.security.cert;
/** /**
* Certificate Expired Exception. This is thrown whenever the current * Certificate Expired Exception. This is thrown whenever the current
* <code>Date</code> or the specified <code>Date</code> is after the * {@code Date} or the specified {@code Date} is after the
* <code>notAfter</code> date/time specified in the validity period * {@code notAfter} date/time specified in the validity period
* of the certificate. * of the certificate.
* *
* <p><em>Note: The classes in the package <code>javax.security.cert</code> * <p><em>Note: The classes in the package {@code javax.security.cert}
* exist for compatibility with earlier versions of the * exist for compatibility with earlier versions of the
* Java Secure Sockets Extension (JSSE). New applications should instead * Java Secure Sockets Extension (JSSE). New applications should instead
* use the standard Java SE certificate classes located in * use the standard Java SE certificate classes located in
* <code>java.security.cert</code>.</em></p> * {@code java.security.cert}.</em></p>
* *
* @since 1.4 * @since 1.4
* @author Hemma Prafullchandra * @author Hemma Prafullchandra

10
jdk/src/share/classes/javax/security/cert/CertificateNotYetValidException.java
View file

@ -1,5 +1,5 @@
/* /*
* Copyright (c) 1997, 2011, Oracle and/or its affiliates. All rights reserved. * Copyright (c) 1997, 2013, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
* *
* This code is free software; you can redistribute it and/or modify it * This code is free software; you can redistribute it and/or modify it
@ -28,15 +28,15 @@ package javax.security.cert;
/** /**
* Certificate is not yet valid exception. This is thrown whenever * Certificate is not yet valid exception. This is thrown whenever
* the current <code>Date</code> or the specified <code>Date</code> * the current {@code Date} or the specified {@code Date}
* is before the <code>notBefore</code> date/time in the Certificate * is before the {@code notBefore} date/time in the Certificate
* validity period. * validity period.
* *
* <p><em>Note: The classes in the package <code>javax.security.cert</code> * <p><em>Note: The classes in the package {@code javax.security.cert}
* exist for compatibility with earlier versions of the * exist for compatibility with earlier versions of the
* Java Secure Sockets Extension (JSSE). New applications should instead * Java Secure Sockets Extension (JSSE). New applications should instead
* use the standard Java SE certificate classes located in * use the standard Java SE certificate classes located in
* <code>java.security.cert</code>.</em></p> * {@code java.security.cert}.</em></p>
* *
* @since 1.4 * @since 1.4
* @author Hemma Prafullchandra * @author Hemma Prafullchandra

6
jdk/src/share/classes/javax/security/cert/CertificateParsingException.java
View file

@ -1,5 +1,5 @@
/* /*
* Copyright (c) 1997, 2011, Oracle and/or its affiliates. All rights reserved. * Copyright (c) 1997, 2013, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
* *
* This code is free software; you can redistribute it and/or modify it * This code is free software; you can redistribute it and/or modify it
@ -31,11 +31,11 @@ package javax.security.cert;
* invalid DER encoded certificate is parsed or unsupported DER features * invalid DER encoded certificate is parsed or unsupported DER features
* are found in the Certificate. * are found in the Certificate.
* *
* <p><em>Note: The classes in the package <code>javax.security.cert</code> * <p><em>Note: The classes in the package {@code javax.security.cert}
* exist for compatibility with earlier versions of the * exist for compatibility with earlier versions of the
* Java Secure Sockets Extension (JSSE). New applications should instead * Java Secure Sockets Extension (JSSE). New applications should instead
* use the standard Java SE certificate classes located in * use the standard Java SE certificate classes located in
* <code>java.security.cert</code>.</em></p> * {@code java.security.cert}.</em></p>
* *
* @since 1.4 * @since 1.4
* @author Hemma Prafullchandra * @author Hemma Prafullchandra

42
jdk/src/share/classes/javax/security/cert/X509Certificate.java
View file

@ -70,7 +70,7 @@ import java.util.Date;
* CA certificates are either signed by themselves, or by some other * CA certificates are either signed by themselves, or by some other
* CA such as a "root" CA. * CA such as a "root" CA.
* <p> * <p>
* The ASN.1 definition of <code>tbsCertificate</code> is: * The ASN.1 definition of {@code tbsCertificate} is:
* <pre> * <pre>
* TBSCertificate ::= SEQUENCE { * TBSCertificate ::= SEQUENCE {
* version [0] EXPLICIT Version DEFAULT v1, * version [0] EXPLICIT Version DEFAULT v1,
@ -113,11 +113,11 @@ import java.util.Date;
* initialization time and will fallback on a default implementation if * initialization time and will fallback on a default implementation if
* the Security property is not accessible. * the Security property is not accessible.
* *
* <p><em>Note: The classes in the package <code>javax.security.cert</code> * <p><em>Note: The classes in the package {@code javax.security.cert}
* exist for compatibility with earlier versions of the * exist for compatibility with earlier versions of the
* Java Secure Sockets Extension (JSSE). New applications should instead * Java Secure Sockets Extension (JSSE). New applications should instead
* use the standard Java SE certificate classes located in * use the standard Java SE certificate classes located in
* <code>java.security.cert</code>.</em></p> * {@code java.security.cert}.</em></p>
* *
* @author Hemma Prafullchandra * @author Hemma Prafullchandra
* @since 1.4 * @since 1.4
@ -150,7 +150,7 @@ public abstract class X509Certificate extends Certificate {
/** /**
* Instantiates an X509Certificate object, and initializes it with * Instantiates an X509Certificate object, and initializes it with
* the data read from the input stream <code>inStream</code>. * the data read from the input stream {@code inStream}.
* The implementation (X509Certificate is an abstract class) is * The implementation (X509Certificate is an abstract class) is
* provided by the class specified as the value of the * provided by the class specified as the value of the
* {@code cert.provider.x509v1} security property. * {@code cert.provider.x509v1} security property.
@ -191,7 +191,7 @@ public abstract class X509Certificate extends Certificate {
* @param certData a byte array containing the DER-encoded * @param certData a byte array containing the DER-encoded
* certificate. * certificate.
* @return an X509Certificate object initialized with the data * @return an X509Certificate object initialized with the data
* from <code>certData</code>. * from {@code certData}.
* @exception CertificateException if a class initialization * @exception CertificateException if a class initialization
* or certificate parsing error occurs. * or certificate parsing error occurs.
*/ */
@ -281,16 +281,16 @@ public abstract class X509Certificate extends Certificate {
* @param date the Date to check against to see if this certificate * @param date the Date to check against to see if this certificate
* is valid at that date/time. * is valid at that date/time.
* @exception CertificateExpiredException if the certificate has expired * @exception CertificateExpiredException if the certificate has expired
* with respect to the <code>date</code> supplied. * with respect to the {@code date} supplied.
* @exception CertificateNotYetValidException if the certificate is not * @exception CertificateNotYetValidException if the certificate is not
* yet valid with respect to the <code>date</code> supplied. * yet valid with respect to the {@code date} supplied.
* @see #checkValidity() * @see #checkValidity()
*/ */
public abstract void checkValidity(Date date) public abstract void checkValidity(Date date)
throws CertificateExpiredException, CertificateNotYetValidException; throws CertificateExpiredException, CertificateNotYetValidException;
/** /**
* Gets the <code>version</code> (version number) value from the * Gets the {@code version} (version number) value from the
* certificate. The ASN.1 definition for this is: * certificate. The ASN.1 definition for this is:
* <pre> * <pre>
* version [0] EXPLICIT Version DEFAULT v1 * version [0] EXPLICIT Version DEFAULT v1
@ -303,7 +303,7 @@ public abstract class X509Certificate extends Certificate {
public abstract int getVersion(); public abstract int getVersion();
/** /**
* Gets the <code>serialNumber</code> value from the certificate. * Gets the {@code serialNumber} value from the certificate.
* The serial number is an integer assigned by the certification * The serial number is an integer assigned by the certification
* authority to each certificate. It must be unique for each * authority to each certificate. It must be unique for each
* certificate issued by a given CA (i.e., the issuer name and * certificate issued by a given CA (i.e., the issuer name and
@ -320,7 +320,7 @@ public abstract class X509Certificate extends Certificate {
public abstract BigInteger getSerialNumber(); public abstract BigInteger getSerialNumber();
/** /**
* Gets the <code>issuer</code> (issuer distinguished name) value from * Gets the {@code issuer} (issuer distinguished name) value from
* the certificate. The issuer name identifies the entity that signed (and * the certificate. The issuer name identifies the entity that signed (and
* issued) the certificate. * issued) the certificate.
* *
@ -341,27 +341,27 @@ public abstract class X509Certificate extends Certificate {
* AttributeType ::= OBJECT IDENTIFIER * AttributeType ::= OBJECT IDENTIFIER
* AttributeValue ::= ANY * AttributeValue ::= ANY
* </pre> * </pre>
* The <code>Name</code> describes a hierarchical name composed of * The {@code Name} describes a hierarchical name composed of
* attributes, such as country name, and corresponding values, such as US. * attributes, such as country name, and corresponding values, such as US.
* The type of the <code>AttributeValue</code> component is determined by * The type of the {@code AttributeValue} component is determined by
* the <code>AttributeType</code>; in general it will be a * the {@code AttributeType}; in general it will be a
* <code>directoryString</code>. A <code>directoryString</code> is usually * {@code directoryString}. A {@code directoryString} is usually
* one of <code>PrintableString</code>, * one of {@code PrintableString},
* <code>TeletexString</code> or <code>UniversalString</code>. * {@code TeletexString} or {@code UniversalString}.
* *
* @return a Principal whose name is the issuer distinguished name. * @return a Principal whose name is the issuer distinguished name.
*/ */
public abstract Principal getIssuerDN(); public abstract Principal getIssuerDN();
/** /**
* Gets the <code>subject</code> (subject distinguished name) value * Gets the {@code subject} (subject distinguished name) value
* from the certificate. * from the certificate.
* The ASN.1 definition for this is: * The ASN.1 definition for this is:
* <pre> * <pre>
* subject Name * subject Name
* </pre> * </pre>
* *
* <p>See {@link #getIssuerDN() getIssuerDN} for <code>Name</code> * <p>See {@link #getIssuerDN() getIssuerDN} for {@code Name}
* and other relevant definitions. * and other relevant definitions.
* *
* @return a Principal whose name is the subject name. * @return a Principal whose name is the subject name.
@ -370,7 +370,7 @@ public abstract class X509Certificate extends Certificate {
public abstract Principal getSubjectDN(); public abstract Principal getSubjectDN();
/** /**
* Gets the <code>notBefore</code> date from the validity period of * Gets the {@code notBefore} date from the validity period of
* the certificate. * the certificate.
* The relevant ASN.1 definitions are: * The relevant ASN.1 definitions are:
* <pre> * <pre>
@ -391,7 +391,7 @@ public abstract class X509Certificate extends Certificate {
public abstract Date getNotBefore(); public abstract Date getNotBefore();
/** /**
* Gets the <code>notAfter</code> date from the validity period of * Gets the {@code notAfter} date from the validity period of
* the certificate. See {@link #getNotBefore() getNotBefore} * the certificate. See {@link #getNotBefore() getNotBefore}
* for relevant ASN.1 definitions. * for relevant ASN.1 definitions.
* *
@ -415,7 +415,7 @@ public abstract class X509Certificate extends Certificate {
* -- algorithm object identifier value * -- algorithm object identifier value
* </pre> * </pre>
* *
* <p>The algorithm name is determined from the <code>algorithm</code> * <p>The algorithm name is determined from the {@code algorithm}
* OID string. * OID string.
* *
* @return the signature algorithm name. * @return the signature algorithm name.

40
jdk/src/share/classes/javax/security/cert/package-info.java Normal file
View file

@ -0,0 +1,40 @@
/*
* Copyright (c) 1999, 2013, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
* under the terms of the GNU General Public License version 2 only, as
* published by the Free Software Foundation. Oracle designates this
* particular file as subject to the "Classpath" exception as provided
* by Oracle in the LICENSE file that accompanied this code.
*
* This code is distributed in the hope that it will be useful, but WITHOUT
* ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
* FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
* version 2 for more details (a copy is included in the LICENSE file that
* accompanied this code).
*
* You should have received a copy of the GNU General Public License version
* 2 along with this work; if not, write to the Free Software Foundation,
* Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
*
* Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
* or visit www.oracle.com if you need additional information or have any
* questions.
*/
/**
* Provides classes for public key certificates.
*
* These classes include a simplified version of the
* java.security.cert package. These classes were developed
* as part of the Java Secure Socket
* Extension (JSSE). When JSSE was added to the J2SE version 1.4, this
* package was added for backward-compatibility reasons only.
*
* New applications should not use this package, but rather
* java.security.cert.
*
* @since 1.4
*/
package javax.security.cert;

65
jdk/src/share/classes/javax/security/cert/package.html
View file

@ -1,65 +0,0 @@
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 3.2 Final//EN">
<html>
<head>
<!--
Copyright (c) 1999, 2006, Oracle and/or its affiliates. All rights reserved.
DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
This code is free software; you can redistribute it and/or modify it
under the terms of the GNU General Public License version 2 only, as
published by the Free Software Foundation. Oracle designates this
particular file as subject to the "Classpath" exception as provided
by Oracle in the LICENSE file that accompanied this code.
This code is distributed in the hope that it will be useful, but WITHOUT
ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
version 2 for more details (a copy is included in the LICENSE file that
accompanied this code).
You should have received a copy of the GNU General Public License version
2 along with this work; if not, write to the Free Software Foundation,
Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
or visit www.oracle.com if you need additional information or have any
questions.
-->
</head>
<body bgcolor="white">
Provides classes for public key certificates.
<P>
These classes include a simplified version of the
java.security.cert package. These classes were developed
as part of the Java Secure Socket
Extension (JSSE). When JSSE was added to the J2SE version 1.4, this
package was added for backward-compatibility reasons only.
<P>
New applications should not use this package, but rather
java.security.cert.
<!--
<h2>Package Specification</h2>
##### FILL IN ANY SPECS NEEDED BY JAVA COMPATIBILITY KIT #####
<ul>
<li><a href="">##### REFER TO ANY FRAMEMAKER SPECIFICATION HERE #####</a>
</ul>
<h2>Related Documentation</h2>
For overviews, tutorials, examples, guides, and tool documentation, please see:
<ul>
<li><a href="">##### REFER TO NON-SPEC DOCUMENTATION HERE #####</a>
</ul>
-->
@since 1.4
</body>
</html>

8
jdk/src/share/classes/javax/security/sasl/AuthenticationException.java
View file

@ -1,5 +1,5 @@
/* /*
* Copyright (c) 2003, Oracle and/or its affiliates. All rights reserved. * Copyright (c) 2003, 2013, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
* *
* This code is free software; you can redistribute it and/or modify it * This code is free software; you can redistribute it and/or modify it
@ -45,7 +45,7 @@ package javax.security.sasl;
*/ */
public class AuthenticationException extends SaslException { public class AuthenticationException extends SaslException {
/** /**
* Constructs a new instance of <tt>AuthenticationException</tt>. * Constructs a new instance of {@code AuthenticationException}.
* The root exception and the detailed message are null. * The root exception and the detailed message are null.
*/ */
public AuthenticationException () { public AuthenticationException () {
@ -53,7 +53,7 @@ public class AuthenticationException extends SaslException {
} }
/** /**
* Constructs a new instance of <tt>AuthenticationException</tt> * Constructs a new instance of {@code AuthenticationException}
* with a detailed message. * with a detailed message.
* The root exception is null. * The root exception is null.
* @param detail A possibly null string containing details of the exception. * @param detail A possibly null string containing details of the exception.
@ -65,7 +65,7 @@ public class AuthenticationException extends SaslException {
} }
/** /**
* Constructs a new instance of <tt>AuthenticationException</tt> with a detailed message * Constructs a new instance of {@code AuthenticationException} with a detailed message
* and a root exception. * and a root exception.
* *
* @param detail A possibly null string containing details of the exception. * @param detail A possibly null string containing details of the exception.

12
jdk/src/share/classes/javax/security/sasl/AuthorizeCallback.java
View file

@ -1,5 +1,5 @@
/* /*
* Copyright (c) 2000, 2004, Oracle and/or its affiliates. All rights reserved. * Copyright (c) 2000, 2013, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
* *
* This code is free software; you can redistribute it and/or modify it * This code is free software; you can redistribute it and/or modify it
@ -28,7 +28,7 @@ package javax.security.sasl;
import javax.security.auth.callback.Callback; import javax.security.auth.callback.Callback;
/** /**
* This callback is used by <tt>SaslServer</tt> to determine whether * This callback is used by {@code SaslServer} to determine whether
* one entity (identified by an authenticated authentication id) * one entity (identified by an authenticated authentication id)
* can act on * can act on
* behalf of another entity (identified by an authorization id). * behalf of another entity (identified by an authorization id).
@ -66,7 +66,7 @@ public class AuthorizeCallback implements Callback, java.io.Serializable {
private boolean authorized; private boolean authorized;
/** /**
* Constructs an instance of <tt>AuthorizeCallback</tt>. * Constructs an instance of {@code AuthorizeCallback}.
* *
* @param authnID The (authenticated) authentication id. * @param authnID The (authenticated) authentication id.
* @param authzID The authorization id. * @param authzID The authorization id.
@ -96,7 +96,7 @@ public class AuthorizeCallback implements Callback, java.io.Serializable {
* Determines whether the authentication id is allowed to * Determines whether the authentication id is allowed to
* act on behalf of the authorization id. * act on behalf of the authorization id.
* *
* @return <tt>true</tt> if authorization is allowed; <tt>false</tt> otherwise * @return {@code true} if authorization is allowed; {@code false} otherwise
* @see #setAuthorized(boolean) * @see #setAuthorized(boolean)
* @see #getAuthorizedID() * @see #getAuthorizedID()
*/ */
@ -106,7 +106,7 @@ public class AuthorizeCallback implements Callback, java.io.Serializable {
/** /**
* Sets whether the authorization is allowed. * Sets whether the authorization is allowed.
* @param ok <tt>true</tt> if authorization is allowed; <tt>false</tt> otherwise * @param ok {@code true} if authorization is allowed; {@code false} otherwise
* @see #isAuthorized * @see #isAuthorized
* @see #setAuthorizedID(java.lang.String) * @see #setAuthorizedID(java.lang.String)
*/ */
@ -116,7 +116,7 @@ public class AuthorizeCallback implements Callback, java.io.Serializable {
/** /**
* Returns the id of the authorized user. * Returns the id of the authorized user.
* @return The id of the authorized user. <tt>null</tt> means the * @return The id of the authorized user. {@code null} means the
* authorization failed. * authorization failed.
* @see #setAuthorized(boolean) * @see #setAuthorized(boolean)
* @see #setAuthorizedID(java.lang.String) * @see #setAuthorizedID(java.lang.String)

14
jdk/src/share/classes/javax/security/sasl/RealmCallback.java
View file

@ -1,5 +1,5 @@
/* /*
* Copyright (c) 2000, 2003, Oracle and/or its affiliates. All rights reserved. * Copyright (c) 2000, 2013, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
* *
* This code is free software; you can redistribute it and/or modify it * This code is free software; you can redistribute it and/or modify it
@ -28,7 +28,7 @@ package javax.security.sasl;
import javax.security.auth.callback.TextInputCallback; import javax.security.auth.callback.TextInputCallback;
/** /**
* This callback is used by <tt>SaslClient</tt> and <tt>SaslServer</tt> * This callback is used by {@code SaslClient} and {@code SaslServer}
* to retrieve realm information. * to retrieve realm information.
* *
* @since 1.5 * @since 1.5
@ -39,10 +39,10 @@ import javax.security.auth.callback.TextInputCallback;
public class RealmCallback extends TextInputCallback { public class RealmCallback extends TextInputCallback {
/** /**
* Constructs a <tt>RealmCallback</tt> with a prompt. * Constructs a {@code RealmCallback} with a prompt.
* *
* @param prompt The non-null prompt to use to request the realm information. * @param prompt The non-null prompt to use to request the realm information.
* @throws IllegalArgumentException If <tt>prompt</tt> is null or * @throws IllegalArgumentException If {@code prompt} is null or
* the empty string. * the empty string.
*/ */
public RealmCallback(String prompt) { public RealmCallback(String prompt) {
@ -50,14 +50,14 @@ public class RealmCallback extends TextInputCallback {
} }
/** /**
* Constructs a <tt>RealmCallback</tt> with a prompt and default * Constructs a {@code RealmCallback} with a prompt and default
* realm information. * realm information.
* *
* @param prompt The non-null prompt to use to request the realm information. * @param prompt The non-null prompt to use to request the realm information.
* @param defaultRealmInfo The non-null default realm information to use. * @param defaultRealmInfo The non-null default realm information to use.
* @throws IllegalArgumentException If <tt>prompt</tt> is null or * @throws IllegalArgumentException If {@code prompt} is null or
* the empty string, * the empty string,
* or if <tt>defaultRealm</tt> is empty or null. * or if {@code defaultRealm} is empty or null.
*/ */
public RealmCallback(String prompt, String defaultRealmInfo) { public RealmCallback(String prompt, String defaultRealmInfo) {
super(prompt, defaultRealmInfo); super(prompt, defaultRealmInfo);

16
jdk/src/share/classes/javax/security/sasl/RealmChoiceCallback.java
View file

@ -1,5 +1,5 @@
/* /*
* Copyright (c) 2000, 2003, Oracle and/or its affiliates. All rights reserved. * Copyright (c) 2000, 2013, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
* *
* This code is free software; you can redistribute it and/or modify it * This code is free software; you can redistribute it and/or modify it
@ -28,7 +28,7 @@ package javax.security.sasl;
import javax.security.auth.callback.ChoiceCallback; import javax.security.auth.callback.ChoiceCallback;
/** /**
* This callback is used by <tt>SaslClient</tt> and <tt>SaslServer</tt> * This callback is used by {@code SaslClient} and {@code SaslServer}
* to obtain a realm given a list of realm choices. * to obtain a realm given a list of realm choices.
* *
* @since 1.5 * @since 1.5
@ -39,19 +39,19 @@ import javax.security.auth.callback.ChoiceCallback;
public class RealmChoiceCallback extends ChoiceCallback { public class RealmChoiceCallback extends ChoiceCallback {
/** /**
* Constructs a <tt>RealmChoiceCallback</tt> with a prompt, a list of * Constructs a {@code RealmChoiceCallback} with a prompt, a list of
* choices and a default choice. * choices and a default choice.
* *
* @param prompt the non-null prompt to use to request the realm. * @param prompt the non-null prompt to use to request the realm.
* @param choices the non-null list of realms to choose from. * @param choices the non-null list of realms to choose from.
* @param defaultChoice the choice to be used as the default choice * @param defaultChoice the choice to be used as the default choice
* when the list of choices is displayed. It is an index into * when the list of choices is displayed. It is an index into
* the <tt>choices</tt> arary. * the {@code choices} arary.
* @param multiple true if multiple choices allowed; false otherwise * @param multiple true if multiple choices allowed; false otherwise
* @throws IllegalArgumentException If <tt>prompt</tt> is null or the empty string, * @throws IllegalArgumentException If {@code prompt} is null or the empty string,
* if <tt>choices</tt> has a length of 0, if any element from * if {@code choices} has a length of 0, if any element from
* <tt>choices</tt> is null or empty, or if <tt>defaultChoice</tt> * {@code choices} is null or empty, or if {@code defaultChoice}
* does not fall within the array boundary of <tt>choices</tt> * does not fall within the array boundary of {@code choices}
*/ */
public RealmChoiceCallback(String prompt, String[]choices, public RealmChoiceCallback(String prompt, String[]choices,
int defaultChoice, boolean multiple) { int defaultChoice, boolean multiple) {

188
jdk/src/share/classes/javax/security/sasl/Sasl.java
View file

@ -1,5 +1,5 @@
/* /*
* Copyright (c) 1999, 2012, Oracle and/or its affiliates. All rights reserved. * Copyright (c) 1999, 2013, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
* *
* This code is free software; you can redistribute it and/or modify it * This code is free software; you can redistribute it and/or modify it
@ -72,15 +72,15 @@ public class Sasl {
* of quality-of-protection values that the * of quality-of-protection values that the
* client or server is willing to support. A qop value is one of * client or server is willing to support. A qop value is one of
* <ul> * <ul>
* <li><tt>"auth"</tt> - authentication only</li> * <li>{@code "auth"} - authentication only</li>
* <li><tt>"auth-int"</tt> - authentication plus integrity protection</li> * <li>{@code "auth-int"} - authentication plus integrity protection</li>
* <li><tt>"auth-conf"</tt> - authentication plus integrity and confidentiality * <li>{@code "auth-conf"} - authentication plus integrity and confidentiality
* protection</li> * protection</li>
* </ul> * </ul>
* *
* The order of the list specifies the preference order of the client or * The order of the list specifies the preference order of the client or
* server. If this property is absent, the default qop is <tt>"auth"</tt>. * server. If this property is absent, the default qop is {@code "auth"}.
* The value of this constant is <tt>"javax.security.sasl.qop"</tt>. * The value of this constant is {@code "javax.security.sasl.qop"}.
*/ */
public static final String QOP = "javax.security.sasl.qop"; public static final String QOP = "javax.security.sasl.qop";
@ -90,9 +90,9 @@ public class Sasl {
* of cipher strength values that * of cipher strength values that
* the client or server is willing to support. A strength value is one of * the client or server is willing to support. A strength value is one of
* <ul> * <ul>
* <li><tt>"low"</tt></li> * <li>{@code "low"}</li>
* <li><tt>"medium"</tt></li> * <li>{@code "medium"}</li>
* <li><tt>"high"</tt></li> * <li>{@code "high"}</li>
* </ul> * </ul>
* The order of the list specifies the preference order of the client or * The order of the list specifies the preference order of the client or
* server. An implementation should allow configuration of the meaning * server. An implementation should allow configuration of the meaning
@ -101,19 +101,19 @@ public class Sasl {
* cipher suites that match the strength values. * cipher suites that match the strength values.
* <BR> * <BR>
* If this property is absent, the default strength is * If this property is absent, the default strength is
* <tt>"high,medium,low"</tt>. * {@code "high,medium,low"}.
* The value of this constant is <tt>"javax.security.sasl.strength"</tt>. * The value of this constant is {@code "javax.security.sasl.strength"}.
*/ */
public static final String STRENGTH = "javax.security.sasl.strength"; public static final String STRENGTH = "javax.security.sasl.strength";
/** /**
* The name of a property that specifies whether the * The name of a property that specifies whether the
* server must authenticate to the client. The property contains * server must authenticate to the client. The property contains
* <tt>"true"</tt> if the server must * {@code "true"} if the server must
* authenticate the to client; <tt>"false"</tt> otherwise. * authenticate the to client; {@code "false"} otherwise.
* The default is <tt>"false"</tt>. * The default is {@code "false"}.
* <br>The value of this constant is * <br>The value of this constant is
* <tt>"javax.security.sasl.server.authentication"</tt>. * {@code "javax.security.sasl.server.authentication"}.
*/ */
public static final String SERVER_AUTH = public static final String SERVER_AUTH =
"javax.security.sasl.server.authentication"; "javax.security.sasl.server.authentication";
@ -125,28 +125,28 @@ public class Sasl {
* The property contains the bound host name after the authentication * The property contains the bound host name after the authentication
* exchange has completed. It is only available on the server side. * exchange has completed. It is only available on the server side.
* <br>The value of this constant is * <br>The value of this constant is
* <tt>"javax.security.sasl.bound.server.name"</tt>. * {@code "javax.security.sasl.bound.server.name"}.
*/ */
public static final String BOUND_SERVER_NAME = public static final String BOUND_SERVER_NAME =
"javax.security.sasl.bound.server.name"; "javax.security.sasl.bound.server.name";
/** /**
* The name of a property that specifies the maximum size of the receive * The name of a property that specifies the maximum size of the receive
* buffer in bytes of <tt>SaslClient</tt>/<tt>SaslServer</tt>. * buffer in bytes of {@code SaslClient}/{@code SaslServer}.
* The property contains the string representation of an integer. * The property contains the string representation of an integer.
* <br>If this property is absent, the default size * <br>If this property is absent, the default size
* is defined by the mechanism. * is defined by the mechanism.
* <br>The value of this constant is <tt>"javax.security.sasl.maxbuffer"</tt>. * <br>The value of this constant is {@code "javax.security.sasl.maxbuffer"}.
*/ */
public static final String MAX_BUFFER = "javax.security.sasl.maxbuffer"; public static final String MAX_BUFFER = "javax.security.sasl.maxbuffer";
/** /**
* The name of a property that specifies the maximum size of the raw send * The name of a property that specifies the maximum size of the raw send
* buffer in bytes of <tt>SaslClient</tt>/<tt>SaslServer</tt>. * buffer in bytes of {@code SaslClient}/{@code SaslServer}.
* The property contains the string representation of an integer. * The property contains the string representation of an integer.
* The value of this property is negotiated between the client and server * The value of this property is negotiated between the client and server
* during the authentication exchange. * during the authentication exchange.
* <br>The value of this constant is <tt>"javax.security.sasl.rawsendsize"</tt>. * <br>The value of this constant is {@code "javax.security.sasl.rawsendsize"}.
*/ */
public static final String RAW_SEND_SIZE = "javax.security.sasl.rawsendsize"; public static final String RAW_SEND_SIZE = "javax.security.sasl.rawsendsize";
@ -181,11 +181,11 @@ public class Sasl {
* The name of a property that specifies * The name of a property that specifies
* whether mechanisms susceptible to simple plain passive attacks (e.g., * whether mechanisms susceptible to simple plain passive attacks (e.g.,
* "PLAIN") are not permitted. The property * "PLAIN") are not permitted. The property
* contains <tt>"true"</tt> if such mechanisms are not permitted; * contains {@code "true"} if such mechanisms are not permitted;
* <tt>"false"</tt> if such mechanisms are permitted. * {@code "false"} if such mechanisms are permitted.
* The default is <tt>"false"</tt>. * The default is {@code "false"}.
* <br>The value of this constant is * <br>The value of this constant is
* <tt>"javax.security.sasl.policy.noplaintext"</tt>. * {@code "javax.security.sasl.policy.noplaintext"}.
*/ */
public static final String POLICY_NOPLAINTEXT = public static final String POLICY_NOPLAINTEXT =
"javax.security.sasl.policy.noplaintext"; "javax.security.sasl.policy.noplaintext";
@ -194,12 +194,12 @@ public class Sasl {
* The name of a property that specifies whether * The name of a property that specifies whether
* mechanisms susceptible to active (non-dictionary) attacks * mechanisms susceptible to active (non-dictionary) attacks
* are not permitted. * are not permitted.
* The property contains <tt>"true"</tt> * The property contains {@code "true"}
* if mechanisms susceptible to active attacks * if mechanisms susceptible to active attacks
* are not permitted; <tt>"false"</tt> if such mechanisms are permitted. * are not permitted; {@code "false"} if such mechanisms are permitted.
* The default is <tt>"false"</tt>. * The default is {@code "false"}.
* <br>The value of this constant is * <br>The value of this constant is
* <tt>"javax.security.sasl.policy.noactive"</tt>. * {@code "javax.security.sasl.policy.noactive"}.
*/ */
public static final String POLICY_NOACTIVE = public static final String POLICY_NOACTIVE =
"javax.security.sasl.policy.noactive"; "javax.security.sasl.policy.noactive";
@ -207,26 +207,26 @@ public class Sasl {
/** /**
* The name of a property that specifies whether * The name of a property that specifies whether
* mechanisms susceptible to passive dictionary attacks are not permitted. * mechanisms susceptible to passive dictionary attacks are not permitted.
* The property contains <tt>"true"</tt> * The property contains {@code "true"}
* if mechanisms susceptible to dictionary attacks are not permitted; * if mechanisms susceptible to dictionary attacks are not permitted;
* <tt>"false"</tt> if such mechanisms are permitted. * {@code "false"} if such mechanisms are permitted.
* The default is <tt>"false"</tt>. * The default is {@code "false"}.
*<br> *<br>
* The value of this constant is * The value of this constant is
* <tt>"javax.security.sasl.policy.nodictionary"</tt>. * {@code "javax.security.sasl.policy.nodictionary"}.
*/ */
public static final String POLICY_NODICTIONARY = public static final String POLICY_NODICTIONARY =
"javax.security.sasl.policy.nodictionary"; "javax.security.sasl.policy.nodictionary";
/** /**
* The name of a property that specifies whether mechanisms that accept * The name of a property that specifies whether mechanisms that accept
* anonymous login are not permitted. The property contains <tt>"true"</tt> * anonymous login are not permitted. The property contains {@code "true"}
* if mechanisms that accept anonymous login are not permitted; * if mechanisms that accept anonymous login are not permitted;
* <tt>"false"</tt> * {@code "false"}
* if such mechanisms are permitted. The default is <tt>"false"</tt>. * if such mechanisms are permitted. The default is {@code "false"}.
*<br> *<br>
* The value of this constant is * The value of this constant is
* <tt>"javax.security.sasl.policy.noanonymous"</tt>. * {@code "javax.security.sasl.policy.noanonymous"}.
*/ */
public static final String POLICY_NOANONYMOUS = public static final String POLICY_NOANONYMOUS =
"javax.security.sasl.policy.noanonymous"; "javax.security.sasl.policy.noanonymous";
@ -237,12 +237,12 @@ public class Sasl {
* means that breaking into one session will not automatically * means that breaking into one session will not automatically
* provide information for breaking into future sessions. * provide information for breaking into future sessions.
* The property * The property
* contains <tt>"true"</tt> if mechanisms that implement forward secrecy * contains {@code "true"} if mechanisms that implement forward secrecy
* between sessions are required; <tt>"false"</tt> if such mechanisms * between sessions are required; {@code "false"} if such mechanisms
* are not required. The default is <tt>"false"</tt>. * are not required. The default is {@code "false"}.
*<br> *<br>
* The value of this constant is * The value of this constant is
* <tt>"javax.security.sasl.policy.forward"</tt>. * {@code "javax.security.sasl.policy.forward"}.
*/ */
public static final String POLICY_FORWARD_SECRECY = public static final String POLICY_FORWARD_SECRECY =
"javax.security.sasl.policy.forward"; "javax.security.sasl.policy.forward";
@ -250,12 +250,12 @@ public class Sasl {
/** /**
* The name of a property that specifies whether * The name of a property that specifies whether
* mechanisms that pass client credentials are required. The property * mechanisms that pass client credentials are required. The property
* contains <tt>"true"</tt> if mechanisms that pass * contains {@code "true"} if mechanisms that pass
* client credentials are required; <tt>"false"</tt> * client credentials are required; {@code "false"}
* if such mechanisms are not required. The default is <tt>"false"</tt>. * if such mechanisms are not required. The default is {@code "false"}.
*<br> *<br>
* The value of this constant is * The value of this constant is
* <tt>"javax.security.sasl.policy.credentials"</tt>. * {@code "javax.security.sasl.policy.credentials"}.
*/ */
public static final String POLICY_PASS_CREDENTIALS = public static final String POLICY_PASS_CREDENTIALS =
"javax.security.sasl.policy.credentials"; "javax.security.sasl.policy.credentials";
@ -269,38 +269,38 @@ public class Sasl {
* supports delegated authentication. * supports delegated authentication.
*<br> *<br>
* The value of this constant is * The value of this constant is
* <tt>"javax.security.sasl.credentials"</tt>. * {@code "javax.security.sasl.credentials"}.
*/ */
public static final String CREDENTIALS = "javax.security.sasl.credentials"; public static final String CREDENTIALS = "javax.security.sasl.credentials";
/** /**
* Creates a <tt>SaslClient</tt> using the parameters supplied. * Creates a {@code SaslClient} using the parameters supplied.
* *
* This method uses the * This method uses the
<a href="{@docRoot}/../technotes/guides/security/crypto/CryptoSpec.html#Provider">JCA Security Provider Framework</a>, described in the <a href="{@docRoot}/../technotes/guides/security/crypto/CryptoSpec.html#Provider">JCA Security Provider Framework</a>, described in the
* "Java Cryptography Architecture API Specification &amp; Reference", for * "Java Cryptography Architecture API Specification &amp; Reference", for
* locating and selecting a <tt>SaslClient</tt> implementation. * locating and selecting a {@code SaslClient} implementation.
* *
* First, it * First, it
* obtains an ordered list of <tt>SaslClientFactory</tt> instances from * obtains an ordered list of {@code SaslClientFactory} instances from
* the registered security providers for the "SaslClientFactory" service * the registered security providers for the "SaslClientFactory" service
* and the specified SASL mechanism(s). It then invokes * and the specified SASL mechanism(s). It then invokes
* <tt>createSaslClient()</tt> on each factory instance on the list * {@code createSaslClient()} on each factory instance on the list
* until one produces a non-null <tt>SaslClient</tt> instance. It returns * until one produces a non-null {@code SaslClient} instance. It returns
* the non-null <tt>SaslClient</tt> instance, or null if the search fails * the non-null {@code SaslClient} instance, or null if the search fails
* to produce a non-null <tt>SaslClient</tt> instance. * to produce a non-null {@code SaslClient} instance.
*<p> *<p>
* A security provider for SaslClientFactory registers with the * A security provider for SaslClientFactory registers with the
* JCA Security Provider Framework keys of the form <br> * JCA Security Provider Framework keys of the form <br>
* <tt>SaslClientFactory.<em>mechanism_name</em></tt> * {@code SaslClientFactory.}<em>{@code mechanism_name}</em>
* <br> * <br>
* and values that are class names of implementations of * and values that are class names of implementations of
* <tt>javax.security.sasl.SaslClientFactory</tt>. * {@code javax.security.sasl.SaslClientFactory}.
* *
* For example, a provider that contains a factory class, * For example, a provider that contains a factory class,
* <tt>com.wiz.sasl.digest.ClientFactory</tt>, that supports the * {@code com.wiz.sasl.digest.ClientFactory}, that supports the
* "DIGEST-MD5" mechanism would register the following entry with the JCA: * "DIGEST-MD5" mechanism would register the following entry with the JCA:
* <tt>SaslClientFactory.DIGEST-MD5 com.wiz.sasl.digest.ClientFactory</tt> * {@code SaslClientFactory.DIGEST-MD5 com.wiz.sasl.digest.ClientFactory}
*<p> *<p>
* See the * See the
* "Java Cryptography Architecture API Specification &amp; Reference" * "Java Cryptography Architecture API Specification &amp; Reference"
@ -325,9 +325,9 @@ public class Sasl {
* @param props The possibly null set of properties used to * @param props The possibly null set of properties used to
* select the SASL mechanism and to configure the authentication * select the SASL mechanism and to configure the authentication
* exchange of the selected mechanism. * exchange of the selected mechanism.
* For example, if <tt>props</tt> contains the * For example, if {@code props} contains the
* <code>Sasl.POLICY_NOPLAINTEXT</code> property with the value * {@code Sasl.POLICY_NOPLAINTEXT} property with the value
* <tt>"true"</tt>, then the selected * {@code "true"}, then the selected
* SASL mechanism must not be susceptible to simple plain passive attacks. * SASL mechanism must not be susceptible to simple plain passive attacks.
* In addition to the standard properties declared in this class, * In addition to the standard properties declared in this class,
* other, possibly mechanism-specific, properties can be included. * other, possibly mechanism-specific, properties can be included.
@ -338,16 +338,16 @@ public class Sasl {
* mechanisms to get further information from the application/library * mechanisms to get further information from the application/library
* to complete the authentication. For example, a SASL mechanism might * to complete the authentication. For example, a SASL mechanism might
* require the authentication ID, password and realm from the caller. * require the authentication ID, password and realm from the caller.
* The authentication ID is requested by using a <tt>NameCallback</tt>. * The authentication ID is requested by using a {@code NameCallback}.
* The password is requested by using a <tt>PasswordCallback</tt>. * The password is requested by using a {@code PasswordCallback}.
* The realm is requested by using a <tt>RealmChoiceCallback</tt> if there is a list * The realm is requested by using a {@code RealmChoiceCallback} if there is a list
* of realms to choose from, and by using a <tt>RealmCallback</tt> if * of realms to choose from, and by using a {@code RealmCallback} if
* the realm must be entered. * the realm must be entered.
* *
*@return A possibly null <tt>SaslClient</tt> created using the parameters *@return A possibly null {@code SaslClient} created using the parameters
* supplied. If null, cannot find a <tt>SaslClientFactory</tt> * supplied. If null, cannot find a {@code SaslClientFactory}
* that will produce one. * that will produce one.
*@exception SaslException If cannot create a <tt>SaslClient</tt> because *@exception SaslException If cannot create a {@code SaslClient} because
* of an error. * of an error.
*/ */
public static SaslClient createSaslClient( public static SaslClient createSaslClient(
@ -423,34 +423,34 @@ public class Sasl {
/** /**
* Creates a <tt>SaslServer</tt> for the specified mechanism. * Creates a {@code SaslServer} for the specified mechanism.
* *
* This method uses the * This method uses the
<a href="{@docRoot}/../technotes/guides/security/crypto/CryptoSpec.html#Provider">JCA Security Provider Framework</a>, <a href="{@docRoot}/../technotes/guides/security/crypto/CryptoSpec.html#Provider">JCA Security Provider Framework</a>,
* described in the * described in the
* "Java Cryptography Architecture API Specification &amp; Reference", for * "Java Cryptography Architecture API Specification &amp; Reference", for
* locating and selecting a <tt>SaslServer</tt> implementation. * locating and selecting a {@code SaslServer} implementation.
* *
* First, it * First, it
* obtains an ordered list of <tt>SaslServerFactory</tt> instances from * obtains an ordered list of {@code SaslServerFactory} instances from
* the registered security providers for the "SaslServerFactory" service * the registered security providers for the "SaslServerFactory" service
* and the specified mechanism. It then invokes * and the specified mechanism. It then invokes
* <tt>createSaslServer()</tt> on each factory instance on the list * {@code createSaslServer()} on each factory instance on the list
* until one produces a non-null <tt>SaslServer</tt> instance. It returns * until one produces a non-null {@code SaslServer} instance. It returns
* the non-null <tt>SaslServer</tt> instance, or null if the search fails * the non-null {@code SaslServer} instance, or null if the search fails
* to produce a non-null <tt>SaslServer</tt> instance. * to produce a non-null {@code SaslServer} instance.
*<p> *<p>
* A security provider for SaslServerFactory registers with the * A security provider for SaslServerFactory registers with the
* JCA Security Provider Framework keys of the form <br> * JCA Security Provider Framework keys of the form <br>
* <tt>SaslServerFactory.<em>mechanism_name</em></tt> * {@code SaslServerFactory.}<em>{@code mechanism_name}</em>
* <br> * <br>
* and values that are class names of implementations of * and values that are class names of implementations of
* <tt>javax.security.sasl.SaslServerFactory</tt>. * {@code javax.security.sasl.SaslServerFactory}.
* *
* For example, a provider that contains a factory class, * For example, a provider that contains a factory class,
* <tt>com.wiz.sasl.digest.ServerFactory</tt>, that supports the * {@code com.wiz.sasl.digest.ServerFactory}, that supports the
* "DIGEST-MD5" mechanism would register the following entry with the JCA: * "DIGEST-MD5" mechanism would register the following entry with the JCA:
* <tt>SaslServerFactory.DIGEST-MD5 com.wiz.sasl.digest.ServerFactory</tt> * {@code SaslServerFactory.DIGEST-MD5 com.wiz.sasl.digest.ServerFactory}
*<p> *<p>
* See the * See the
* "Java Cryptography Architecture API Specification &amp; Reference" * "Java Cryptography Architecture API Specification &amp; Reference"
@ -463,14 +463,14 @@ public class Sasl {
* the authentication is being performed (e.g., "ldap"). * the authentication is being performed (e.g., "ldap").
* @param serverName The fully qualified host name of the server, or null * @param serverName The fully qualified host name of the server, or null
* if the server is not bound to any specific host name. If the mechanism * if the server is not bound to any specific host name. If the mechanism
* does not allow an unbound server, a <code>SaslException</code> will * does not allow an unbound server, a {@code SaslException} will
* be thrown. * be thrown.
* @param props The possibly null set of properties used to * @param props The possibly null set of properties used to
* select the SASL mechanism and to configure the authentication * select the SASL mechanism and to configure the authentication
* exchange of the selected mechanism. * exchange of the selected mechanism.
* For example, if <tt>props</tt> contains the * For example, if {@code props} contains the
* <code>Sasl.POLICY_NOPLAINTEXT</code> property with the value * {@code Sasl.POLICY_NOPLAINTEXT} property with the value
* <tt>"true"</tt>, then the selected * {@code "true"}, then the selected
* SASL mechanism must not be susceptible to simple plain passive attacks. * SASL mechanism must not be susceptible to simple plain passive attacks.
* In addition to the standard properties declared in this class, * In addition to the standard properties declared in this class,
* other, possibly mechanism-specific, properties can be included. * other, possibly mechanism-specific, properties can be included.
@ -481,16 +481,16 @@ public class Sasl {
* mechanisms to get further information from the application/library * mechanisms to get further information from the application/library
* to complete the authentication. For example, a SASL mechanism might * to complete the authentication. For example, a SASL mechanism might
* require the authentication ID, password and realm from the caller. * require the authentication ID, password and realm from the caller.
* The authentication ID is requested by using a <tt>NameCallback</tt>. * The authentication ID is requested by using a {@code NameCallback}.
* The password is requested by using a <tt>PasswordCallback</tt>. * The password is requested by using a {@code PasswordCallback}.
* The realm is requested by using a <tt>RealmChoiceCallback</tt> if there is a list * The realm is requested by using a {@code RealmChoiceCallback} if there is a list
* of realms to choose from, and by using a <tt>RealmCallback</tt> if * of realms to choose from, and by using a {@code RealmCallback} if
* the realm must be entered. * the realm must be entered.
* *
*@return A possibly null <tt>SaslServer</tt> created using the parameters *@return A possibly null {@code SaslServer} created using the parameters
* supplied. If null, cannot find a <tt>SaslServerFactory</tt> * supplied. If null, cannot find a {@code SaslServerFactory}
* that will produce one. * that will produce one.
*@exception SaslException If cannot create a <tt>SaslServer</tt> because *@exception SaslException If cannot create a {@code SaslServer} because
* of an error. * of an error.
**/ **/
public static SaslServer public static SaslServer
@ -533,11 +533,11 @@ public class Sasl {
} }
/** /**
* Gets an enumeration of known factories for producing <tt>SaslClient</tt>. * Gets an enumeration of known factories for producing {@code SaslClient}.
* This method uses the same algorithm for locating factories as * This method uses the same algorithm for locating factories as
* <tt>createSaslClient()</tt>. * {@code createSaslClient()}.
* @return A non-null enumeration of known factories for producing * @return A non-null enumeration of known factories for producing
* <tt>SaslClient</tt>. * {@code SaslClient}.
* @see #createSaslClient * @see #createSaslClient
*/ */
public static Enumeration<SaslClientFactory> getSaslClientFactories() { public static Enumeration<SaslClientFactory> getSaslClientFactories() {
@ -554,11 +554,11 @@ public class Sasl {
} }
/** /**
* Gets an enumeration of known factories for producing <tt>SaslServer</tt>. * Gets an enumeration of known factories for producing {@code SaslServer}.
* This method uses the same algorithm for locating factories as * This method uses the same algorithm for locating factories as
* <tt>createSaslServer()</tt>. * {@code createSaslServer()}.
* @return A non-null enumeration of known factories for producing * @return A non-null enumeration of known factories for producing
* <tt>SaslServer</tt>. * {@code SaslServer}.
* @see #createSaslServer * @see #createSaslServer
*/ */
public static Enumeration<SaslServerFactory> getSaslServerFactories() { public static Enumeration<SaslServerFactory> getSaslServerFactories() {

50
jdk/src/share/classes/javax/security/sasl/SaslClient.java
View file

@ -1,5 +1,5 @@
/* /*
* Copyright (c) 1999, 2003, Oracle and/or its affiliates. All rights reserved. * Copyright (c) 1999, 2013, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
* *
* This code is free software; you can redistribute it and/or modify it * This code is free software; you can redistribute it and/or modify it
@ -30,14 +30,14 @@ package javax.security.sasl;
*<p> *<p>
* A protocol library such as one for LDAP gets an instance of this * A protocol library such as one for LDAP gets an instance of this
* class in order to perform authentication defined by a specific SASL * class in order to perform authentication defined by a specific SASL
* mechanism. Invoking methods on the <tt>SaslClient</tt> instance * mechanism. Invoking methods on the {@code SaslClient} instance
* process challenges and create responses according to the SASL * process challenges and create responses according to the SASL
* mechanism implemented by the <tt>SaslClient</tt>. * mechanism implemented by the {@code SaslClient}.
* As the authentication proceeds, the instance * As the authentication proceeds, the instance
* encapsulates the state of a SASL client's authentication exchange. * encapsulates the state of a SASL client's authentication exchange.
*<p> *<p>
* Here's an example of how an LDAP library might use a <tt>SaslClient</tt>. * Here's an example of how an LDAP library might use a {@code SaslClient}.
* It first gets an instance of a <tt>SaslClient</tt>: * It first gets an instance of a {@code SaslClient}:
*<blockquote><pre>{@code *<blockquote><pre>{@code
* SaslClient sc = Sasl.createSaslClient(mechanisms, * SaslClient sc = Sasl.createSaslClient(mechanisms,
* authorizationId, protocol, serverName, props, callbackHandler); * authorizationId, protocol, serverName, props, callbackHandler);
@ -77,16 +77,16 @@ package javax.security.sasl;
*}</pre></blockquote> *}</pre></blockquote>
* *
* If the mechanism has an initial response, the library invokes * If the mechanism has an initial response, the library invokes
* <tt>evaluateChallenge()</tt> with an empty * {@code evaluateChallenge()} with an empty
* challenge and to get initial response. * challenge and to get initial response.
* Protocols such as IMAP4, which do not include an initial response with * Protocols such as IMAP4, which do not include an initial response with
* their first authentication command to the server, initiates the * their first authentication command to the server, initiates the
* authentication without first calling <tt>hasInitialResponse()</tt> * authentication without first calling {@code hasInitialResponse()}
* or <tt>evaluateChallenge()</tt>. * or {@code evaluateChallenge()}.
* When the server responds to the command, it sends an initial challenge. * When the server responds to the command, it sends an initial challenge.
* For a SASL mechanism in which the client sends data first, the server should * For a SASL mechanism in which the client sends data first, the server should
* have issued a challenge with no data. This will then result in a call * have issued a challenge with no data. This will then result in a call
* (on the client) to <tt>evaluateChallenge()</tt> with an empty challenge. * (on the client) to {@code evaluateChallenge()} with an empty challenge.
* *
* @since 1.5 * @since 1.5
* *
@ -107,7 +107,7 @@ public abstract interface SaslClient {
/** /**
* Determines whether this mechanism has an optional initial response. * Determines whether this mechanism has an optional initial response.
* If true, caller should call <tt>evaluateChallenge()</tt> with an * If true, caller should call {@code evaluateChallenge()} with an
* empty array to get the initial response. * empty array to get the initial response.
* *
* @return true if this mechanism has an initial response. * @return true if this mechanism has an initial response.
@ -148,22 +148,22 @@ public abstract interface SaslClient {
/** /**
* Unwraps a byte array received from the server. * Unwraps a byte array received from the server.
* This method can be called only after the authentication exchange has * This method can be called only after the authentication exchange has
* completed (i.e., when <tt>isComplete()</tt> returns true) and only if * completed (i.e., when {@code isComplete()} returns true) and only if
* the authentication exchange has negotiated integrity and/or privacy * the authentication exchange has negotiated integrity and/or privacy
* as the quality of protection; otherwise, an * as the quality of protection; otherwise, an
* <tt>IllegalStateException</tt> is thrown. * {@code IllegalStateException} is thrown.
*<p> *<p>
* <tt>incoming</tt> is the contents of the SASL buffer as defined in RFC 2222 * {@code incoming} is the contents of the SASL buffer as defined in RFC 2222
* without the leading four octet field that represents the length. * without the leading four octet field that represents the length.
* <tt>offset</tt> and <tt>len</tt> specify the portion of <tt>incoming</tt> * {@code offset} and {@code len} specify the portion of {@code incoming}
* to use. * to use.
* *
* @param incoming A non-null byte array containing the encoded bytes * @param incoming A non-null byte array containing the encoded bytes
* from the server. * from the server.
* @param offset The starting position at <tt>incoming</tt> of the bytes to use. * @param offset The starting position at {@code incoming} of the bytes to use.
* @param len The number of bytes from <tt>incoming</tt> to use. * @param len The number of bytes from {@code incoming} to use.
* @return A non-null byte array containing the decoded bytes. * @return A non-null byte array containing the decoded bytes.
* @exception SaslException if <tt>incoming</tt> cannot be successfully * @exception SaslException if {@code incoming} cannot be successfully
* unwrapped. * unwrapped.
* @exception IllegalStateException if the authentication exchange has * @exception IllegalStateException if the authentication exchange has
* not completed, or if the negotiated quality of protection * not completed, or if the negotiated quality of protection
@ -175,22 +175,22 @@ public abstract interface SaslClient {
/** /**
* Wraps a byte array to be sent to the server. * Wraps a byte array to be sent to the server.
* This method can be called only after the authentication exchange has * This method can be called only after the authentication exchange has
* completed (i.e., when <tt>isComplete()</tt> returns true) and only if * completed (i.e., when {@code isComplete()} returns true) and only if
* the authentication exchange has negotiated integrity and/or privacy * the authentication exchange has negotiated integrity and/or privacy
* as the quality of protection; otherwise, an * as the quality of protection; otherwise, an
* <tt>IllegalStateException</tt> is thrown. * {@code IllegalStateException} is thrown.
*<p> *<p>
* The result of this method will make up the contents of the SASL buffer * The result of this method will make up the contents of the SASL buffer
* as defined in RFC 2222 without the leading four octet field that * as defined in RFC 2222 without the leading four octet field that
* represents the length. * represents the length.
* <tt>offset</tt> and <tt>len</tt> specify the portion of <tt>outgoing</tt> * {@code offset} and {@code len} specify the portion of {@code outgoing}
* to use. * to use.
* *
* @param outgoing A non-null byte array containing the bytes to encode. * @param outgoing A non-null byte array containing the bytes to encode.
* @param offset The starting position at <tt>outgoing</tt> of the bytes to use. * @param offset The starting position at {@code outgoing} of the bytes to use.
* @param len The number of bytes from <tt>outgoing</tt> to use. * @param len The number of bytes from {@code outgoing} to use.
* @return A non-null byte array containing the encoded bytes. * @return A non-null byte array containing the encoded bytes.
* @exception SaslException if <tt>outgoing</tt> cannot be successfully * @exception SaslException if {@code outgoing} cannot be successfully
* wrapped. * wrapped.
* @exception IllegalStateException if the authentication exchange has * @exception IllegalStateException if the authentication exchange has
* not completed, or if the negotiated quality of protection * not completed, or if the negotiated quality of protection
@ -202,8 +202,8 @@ public abstract interface SaslClient {
/** /**
* Retrieves the negotiated property. * Retrieves the negotiated property.
* This method can be called only after the authentication exchange has * This method can be called only after the authentication exchange has
* completed (i.e., when <tt>isComplete()</tt> returns true); otherwise, an * completed (i.e., when {@code isComplete()} returns true); otherwise, an
* <tt>IllegalStateException</tt> is thrown. * {@code IllegalStateException} is thrown.
* *
* @param propName The non-null property name. * @param propName The non-null property name.
* @return The value of the negotiated property. If null, the property was * @return The value of the negotiated property. If null, the property was

34
jdk/src/share/classes/javax/security/sasl/SaslClientFactory.java
View file

@ -1,5 +1,5 @@
/* /*
* Copyright (c) 1999, 2006, Oracle and/or its affiliates. All rights reserved. * Copyright (c) 1999, 2013, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
* *
* This code is free software; you can redistribute it and/or modify it * This code is free software; you can redistribute it and/or modify it
@ -29,16 +29,16 @@ import java.util.Map;
import javax.security.auth.callback.CallbackHandler; import javax.security.auth.callback.CallbackHandler;
/** /**
* An interface for creating instances of <tt>SaslClient</tt>. * An interface for creating instances of {@code SaslClient}.
* A class that implements this interface * A class that implements this interface
* must be thread-safe and handle multiple simultaneous * must be thread-safe and handle multiple simultaneous
* requests. It must also have a public constructor that accepts no * requests. It must also have a public constructor that accepts no
* argument. * argument.
*<p> *<p>
* This interface is not normally accessed directly by a client, which will use the * This interface is not normally accessed directly by a client, which will use the
* <tt>Sasl</tt> static methods * {@code Sasl} static methods
* instead. However, a particular environment may provide and install a * instead. However, a particular environment may provide and install a
* new or different <tt>SaslClientFactory</tt>. * new or different {@code SaslClientFactory}.
* *
* @since 1.5 * @since 1.5
* *
@ -66,7 +66,7 @@ public abstract interface SaslClientFactory {
* of the server to authenticate to. * of the server to authenticate to.
* @param props The possibly null set of properties used to select the SASL * @param props The possibly null set of properties used to select the SASL
* mechanism and to configure the authentication exchange of the selected * mechanism and to configure the authentication exchange of the selected
* mechanism. See the <tt>Sasl</tt> class for a list of standard properties. * mechanism. See the {@code Sasl} class for a list of standard properties.
* Other, possibly mechanism-specific, properties can be included. * Other, possibly mechanism-specific, properties can be included.
* Properties not relevant to the selected mechanism are ignored, * Properties not relevant to the selected mechanism are ignored,
* including any map entries with non-String keys. * including any map entries with non-String keys.
@ -75,16 +75,16 @@ public abstract interface SaslClientFactory {
* mechanisms to get further information from the application/library * mechanisms to get further information from the application/library
* to complete the authentication. For example, a SASL mechanism might * to complete the authentication. For example, a SASL mechanism might
* require the authentication ID, password and realm from the caller. * require the authentication ID, password and realm from the caller.
* The authentication ID is requested by using a <tt>NameCallback</tt>. * The authentication ID is requested by using a {@code NameCallback}.
* The password is requested by using a <tt>PasswordCallback</tt>. * The password is requested by using a {@code PasswordCallback}.
* The realm is requested by using a <tt>RealmChoiceCallback</tt> if there is a list * The realm is requested by using a {@code RealmChoiceCallback} if there is a list
* of realms to choose from, and by using a <tt>RealmCallback</tt> if * of realms to choose from, and by using a {@code RealmCallback} if
* the realm must be entered. * the realm must be entered.
* *
*@return A possibly null <tt>SaslClient</tt> created using the parameters *@return A possibly null {@code SaslClient} created using the parameters
* supplied. If null, this factory cannot produce a <tt>SaslClient</tt> * supplied. If null, this factory cannot produce a {@code SaslClient}
* using the parameters supplied. * using the parameters supplied.
*@exception SaslException If cannot create a <tt>SaslClient</tt> because *@exception SaslException If cannot create a {@code SaslClient} because
* of an error. * of an error.
*/ */
public abstract SaslClient createSaslClient( public abstract SaslClient createSaslClient(
@ -99,12 +99,12 @@ public abstract interface SaslClientFactory {
* Returns an array of names of mechanisms that match the specified * Returns an array of names of mechanisms that match the specified
* mechanism selection policies. * mechanism selection policies.
* @param props The possibly null set of properties used to specify the * @param props The possibly null set of properties used to specify the
* security policy of the SASL mechanisms. For example, if <tt>props</tt> * security policy of the SASL mechanisms. For example, if {@code props}
* contains the <tt>Sasl.POLICY_NOPLAINTEXT</tt> property with the value * contains the {@code Sasl.POLICY_NOPLAINTEXT} property with the value
* <tt>"true"</tt>, then the factory must not return any SASL mechanisms * {@code "true"}, then the factory must not return any SASL mechanisms
* that are susceptible to simple plain passive attacks. * that are susceptible to simple plain passive attacks.
* See the <tt>Sasl</tt> class for a complete list of policy properties. * See the {@code Sasl} class for a complete list of policy properties.
* Non-policy related properties, if present in <tt>props</tt>, are ignored, * Non-policy related properties, if present in {@code props}, are ignored,
* including any map entries with non-String keys. * including any map entries with non-String keys.
* @return A non-null array containing a IANA-registered SASL mechanism names. * @return A non-null array containing a IANA-registered SASL mechanism names.
*/ */

8
jdk/src/share/classes/javax/security/sasl/SaslException.java
View file

@ -1,5 +1,5 @@
/* /*
* Copyright (c) 1999, 2003, Oracle and/or its affiliates. All rights reserved. * Copyright (c) 1999, 2013, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
* *
* This code is free software; you can redistribute it and/or modify it * This code is free software; you can redistribute it and/or modify it
@ -45,7 +45,7 @@ public class SaslException extends IOException {
private Throwable _exception; private Throwable _exception;
/** /**
* Constructs a new instance of <tt>SaslException</tt>. * Constructs a new instance of {@code SaslException}.
* The root exception and the detailed message are null. * The root exception and the detailed message are null.
*/ */
public SaslException () { public SaslException () {
@ -53,7 +53,7 @@ public class SaslException extends IOException {
} }
/** /**
* Constructs a new instance of <tt>SaslException</tt> with a detailed message. * Constructs a new instance of {@code SaslException} with a detailed message.
* The root exception is null. * The root exception is null.
* @param detail A possibly null string containing details of the exception. * @param detail A possibly null string containing details of the exception.
* *
@ -64,7 +64,7 @@ public class SaslException extends IOException {
} }
/** /**
* Constructs a new instance of <tt>SaslException</tt> with a detailed message * Constructs a new instance of {@code SaslException} with a detailed message
* and a root exception. * and a root exception.
* For example, a SaslException might result from a problem with * For example, a SaslException might result from a problem with
* the callback handler, which might throw a NoSuchCallbackException if * the callback handler, which might throw a NoSuchCallbackException if

46
jdk/src/share/classes/javax/security/sasl/SaslServer.java
View file

@ -1,5 +1,5 @@
/* /*
* Copyright (c) 2000, 2004, Oracle and/or its affiliates. All rights reserved. * Copyright (c) 2000, 2013, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
* *
* This code is free software; you can redistribute it and/or modify it * This code is free software; you can redistribute it and/or modify it
@ -30,14 +30,14 @@ package javax.security.sasl;
*<p> *<p>
* A server such an LDAP server gets an instance of this * A server such an LDAP server gets an instance of this
* class in order to perform authentication defined by a specific SASL * class in order to perform authentication defined by a specific SASL
* mechanism. Invoking methods on the <tt>SaslServer</tt> instance * mechanism. Invoking methods on the {@code SaslServer} instance
* generates challenges according to the SASL * generates challenges according to the SASL
* mechanism implemented by the <tt>SaslServer</tt>. * mechanism implemented by the {@code SaslServer}.
* As the authentication proceeds, the instance * As the authentication proceeds, the instance
* encapsulates the state of a SASL server's authentication exchange. * encapsulates the state of a SASL server's authentication exchange.
*<p> *<p>
* Here's an example of how an LDAP server might use a <tt>SaslServer</tt>. * Here's an example of how an LDAP server might use a {@code SaslServer}.
* It first gets an instance of a <tt>SaslServer</tt> for the SASL mechanism * It first gets an instance of a {@code SaslServer} for the SASL mechanism
* requested by the client: * requested by the client:
*<blockquote><pre> *<blockquote><pre>
* SaslServer ss = Sasl.createSaslServer(mechanism, * SaslServer ss = Sasl.createSaslServer(mechanism,
@ -104,8 +104,8 @@ public abstract interface SaslServer {
* to the client. It is non-null if the authentication must be continued * to the client. It is non-null if the authentication must be continued
* by sending a challenge to the client, or if the authentication has * by sending a challenge to the client, or if the authentication has
* succeeded but challenge data needs to be processed by the client. * succeeded but challenge data needs to be processed by the client.
* <tt>isComplete()</tt> should be called * {@code isComplete()} should be called
* after each call to <tt>evaluateResponse()</tt>,to determine if any further * after each call to {@code evaluateResponse()},to determine if any further
* response is needed from the client. * response is needed from the client.
* *
* @param response The non-null (but possibly empty) response sent * @param response The non-null (but possibly empty) response sent
@ -123,7 +123,7 @@ public abstract interface SaslServer {
/** /**
* Determines whether the authentication exchange has completed. * Determines whether the authentication exchange has completed.
* This method is typically called after each invocation of * This method is typically called after each invocation of
* <tt>evaluateResponse()</tt> to determine whether the * {@code evaluateResponse()} to determine whether the
* authentication has completed successfully or should be continued. * authentication has completed successfully or should be continued.
* @return true if the authentication exchange has completed; false otherwise. * @return true if the authentication exchange has completed; false otherwise.
*/ */
@ -141,22 +141,22 @@ public abstract interface SaslServer {
/** /**
* Unwraps a byte array received from the client. * Unwraps a byte array received from the client.
* This method can be called only after the authentication exchange has * This method can be called only after the authentication exchange has
* completed (i.e., when <tt>isComplete()</tt> returns true) and only if * completed (i.e., when {@code isComplete()} returns true) and only if
* the authentication exchange has negotiated integrity and/or privacy * the authentication exchange has negotiated integrity and/or privacy
* as the quality of protection; otherwise, * as the quality of protection; otherwise,
* an <tt>IllegalStateException</tt> is thrown. * an {@code IllegalStateException} is thrown.
*<p> *<p>
* <tt>incoming</tt> is the contents of the SASL buffer as defined in RFC 2222 * {@code incoming} is the contents of the SASL buffer as defined in RFC 2222
* without the leading four octet field that represents the length. * without the leading four octet field that represents the length.
* <tt>offset</tt> and <tt>len</tt> specify the portion of <tt>incoming</tt> * {@code offset} and {@code len} specify the portion of {@code incoming}
* to use. * to use.
* *
* @param incoming A non-null byte array containing the encoded bytes * @param incoming A non-null byte array containing the encoded bytes
* from the client. * from the client.
* @param offset The starting position at <tt>incoming</tt> of the bytes to use. * @param offset The starting position at {@code incoming} of the bytes to use.
* @param len The number of bytes from <tt>incoming</tt> to use. * @param len The number of bytes from {@code incoming} to use.
* @return A non-null byte array containing the decoded bytes. * @return A non-null byte array containing the decoded bytes.
* @exception SaslException if <tt>incoming</tt> cannot be successfully * @exception SaslException if {@code incoming} cannot be successfully
* unwrapped. * unwrapped.
* @exception IllegalStateException if the authentication exchange has * @exception IllegalStateException if the authentication exchange has
* not completed, or if the negotiated quality of protection * not completed, or if the negotiated quality of protection
@ -168,21 +168,21 @@ public abstract interface SaslServer {
/** /**
* Wraps a byte array to be sent to the client. * Wraps a byte array to be sent to the client.
* This method can be called only after the authentication exchange has * This method can be called only after the authentication exchange has
* completed (i.e., when <tt>isComplete()</tt> returns true) and only if * completed (i.e., when {@code isComplete()} returns true) and only if
* the authentication exchange has negotiated integrity and/or privacy * the authentication exchange has negotiated integrity and/or privacy
* as the quality of protection; otherwise, a <tt>SaslException</tt> is thrown. * as the quality of protection; otherwise, a {@code SaslException} is thrown.
*<p> *<p>
* The result of this method * The result of this method
* will make up the contents of the SASL buffer as defined in RFC 2222 * will make up the contents of the SASL buffer as defined in RFC 2222
* without the leading four octet field that represents the length. * without the leading four octet field that represents the length.
* <tt>offset</tt> and <tt>len</tt> specify the portion of <tt>outgoing</tt> * {@code offset} and {@code len} specify the portion of {@code outgoing}
* to use. * to use.
* *
* @param outgoing A non-null byte array containing the bytes to encode. * @param outgoing A non-null byte array containing the bytes to encode.
* @param offset The starting position at <tt>outgoing</tt> of the bytes to use. * @param offset The starting position at {@code outgoing} of the bytes to use.
* @param len The number of bytes from <tt>outgoing</tt> to use. * @param len The number of bytes from {@code outgoing} to use.
* @return A non-null byte array containing the encoded bytes. * @return A non-null byte array containing the encoded bytes.
* @exception SaslException if <tt>outgoing</tt> cannot be successfully * @exception SaslException if {@code outgoing} cannot be successfully
* wrapped. * wrapped.
* @exception IllegalStateException if the authentication exchange has * @exception IllegalStateException if the authentication exchange has
* not completed, or if the negotiated quality of protection has * not completed, or if the negotiated quality of protection has
@ -194,8 +194,8 @@ public abstract interface SaslServer {
/** /**
* Retrieves the negotiated property. * Retrieves the negotiated property.
* This method can be called only after the authentication exchange has * This method can be called only after the authentication exchange has
* completed (i.e., when <tt>isComplete()</tt> returns true); otherwise, an * completed (i.e., when {@code isComplete()} returns true); otherwise, an
* <tt>IllegalStateException</tt> is thrown. * {@code IllegalStateException} is thrown.
* *
* @param propName the property * @param propName the property
* @return The value of the negotiated property. If null, the property was * @return The value of the negotiated property. If null, the property was

42
jdk/src/share/classes/javax/security/sasl/SaslServerFactory.java
View file

@ -1,5 +1,5 @@
/* /*
* Copyright (c) 2000, 2012, Oracle and/or its affiliates. All rights reserved. * Copyright (c) 2000, 2013, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
* *
* This code is free software; you can redistribute it and/or modify it * This code is free software; you can redistribute it and/or modify it
@ -29,16 +29,16 @@ import java.util.Map;
import javax.security.auth.callback.CallbackHandler; import javax.security.auth.callback.CallbackHandler;
/** /**
* An interface for creating instances of <tt>SaslServer</tt>. * An interface for creating instances of {@code SaslServer}.
* A class that implements this interface * A class that implements this interface
* must be thread-safe and handle multiple simultaneous * must be thread-safe and handle multiple simultaneous
* requests. It must also have a public constructor that accepts no * requests. It must also have a public constructor that accepts no
* argument. * argument.
*<p> *<p>
* This interface is not normally accessed directly by a server, which will use the * This interface is not normally accessed directly by a server, which will use the
* <tt>Sasl</tt> static methods * {@code Sasl} static methods
* instead. However, a particular environment may provide and install a * instead. However, a particular environment may provide and install a
* new or different <tt>SaslServerFactory</tt>. * new or different {@code SaslServerFactory}.
* *
* @since 1.5 * @since 1.5
* *
@ -50,10 +50,10 @@ import javax.security.auth.callback.CallbackHandler;
*/ */
public abstract interface SaslServerFactory { public abstract interface SaslServerFactory {
/** /**
* Creates a <tt>SaslServer</tt> using the parameters supplied. * Creates a {@code SaslServer} using the parameters supplied.
* It returns null * It returns null
* if no <tt>SaslServer</tt> can be created using the parameters supplied. * if no {@code SaslServer} can be created using the parameters supplied.
* Throws <tt>SaslException</tt> if it cannot create a <tt>SaslServer</tt> * Throws {@code SaslException} if it cannot create a {@code SaslServer}
* because of an error. * because of an error.
* *
* @param mechanism The non-null * @param mechanism The non-null
@ -63,10 +63,10 @@ public abstract interface SaslServerFactory {
* @param serverName The fully qualified host name of the server to * @param serverName The fully qualified host name of the server to
* authenticate to, or null if the server is not bound to any specific host * authenticate to, or null if the server is not bound to any specific host
* name. If the mechanism does not allow an unbound server, a * name. If the mechanism does not allow an unbound server, a
* <code>SaslException</code> will be thrown. * {@code SaslException} will be thrown.
* @param props The possibly null set of properties used to select the SASL * @param props The possibly null set of properties used to select the SASL
* mechanism and to configure the authentication exchange of the selected * mechanism and to configure the authentication exchange of the selected
* mechanism. See the <tt>Sasl</tt> class for a list of standard properties. * mechanism. See the {@code Sasl} class for a list of standard properties.
* Other, possibly mechanism-specific, properties can be included. * Other, possibly mechanism-specific, properties can be included.
* Properties not relevant to the selected mechanism are ignored, * Properties not relevant to the selected mechanism are ignored,
* including any map entries with non-String keys. * including any map entries with non-String keys.
@ -75,16 +75,16 @@ public abstract interface SaslServerFactory {
* mechanisms to get further information from the application/library * mechanisms to get further information from the application/library
* to complete the authentication. For example, a SASL mechanism might * to complete the authentication. For example, a SASL mechanism might
* require the authentication ID, password and realm from the caller. * require the authentication ID, password and realm from the caller.
* The authentication ID is requested by using a <tt>NameCallback</tt>. * The authentication ID is requested by using a {@code NameCallback}.
* The password is requested by using a <tt>PasswordCallback</tt>. * The password is requested by using a {@code PasswordCallback}.
* The realm is requested by using a <tt>RealmChoiceCallback</tt> if there is a list * The realm is requested by using a {@code RealmChoiceCallback} if there is a list
* of realms to choose from, and by using a <tt>RealmCallback</tt> if * of realms to choose from, and by using a {@code RealmCallback} if
* the realm must be entered. * the realm must be entered.
* *
*@return A possibly null <tt>SaslServer</tt> created using the parameters *@return A possibly null {@code SaslServer} created using the parameters
* supplied. If null, this factory cannot produce a <tt>SaslServer</tt> * supplied. If null, this factory cannot produce a {@code SaslServer}
* using the parameters supplied. * using the parameters supplied.
*@exception SaslException If cannot create a <tt>SaslServer</tt> because *@exception SaslException If cannot create a {@code SaslServer} because
* of an error. * of an error.
*/ */
public abstract SaslServer createSaslServer( public abstract SaslServer createSaslServer(
@ -98,12 +98,12 @@ public abstract interface SaslServerFactory {
* Returns an array of names of mechanisms that match the specified * Returns an array of names of mechanisms that match the specified
* mechanism selection policies. * mechanism selection policies.
* @param props The possibly null set of properties used to specify the * @param props The possibly null set of properties used to specify the
* security policy of the SASL mechanisms. For example, if <tt>props</tt> * security policy of the SASL mechanisms. For example, if {@code props}
* contains the <tt>Sasl.POLICY_NOPLAINTEXT</tt> property with the value * contains the {@code Sasl.POLICY_NOPLAINTEXT} property with the value
* <tt>"true"</tt>, then the factory must not return any SASL mechanisms * {@code "true"}, then the factory must not return any SASL mechanisms
* that are susceptible to simple plain passive attacks. * that are susceptible to simple plain passive attacks.
* See the <tt>Sasl</tt> class for a complete list of policy properties. * See the {@code Sasl} class for a complete list of policy properties.
* Non-policy related properties, if present in <tt>props</tt>, are ignored, * Non-policy related properties, if present in {@code props}, are ignored,
* including any map entries with non-String keys. * including any map entries with non-String keys.
* @return A non-null array containing a IANA-registered SASL mechanism names. * @return A non-null array containing a IANA-registered SASL mechanism names.
*/ */

103
jdk/src/share/classes/javax/security/sasl/package-info.java Normal file
View file

@ -0,0 +1,103 @@
/*
* Copyright (c) 1999, 2013, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
* under the terms of the GNU General Public License version 2 only, as
* published by the Free Software Foundation. Oracle designates this
* particular file as subject to the "Classpath" exception as provided
* by Oracle in the LICENSE file that accompanied this code.
*
* This code is distributed in the hope that it will be useful, but WITHOUT
* ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
* FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
* version 2 for more details (a copy is included in the LICENSE file that
* accompanied this code).
*
* You should have received a copy of the GNU General Public License version
* 2 along with this work; if not, write to the Free Software Foundation,
* Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
*
* Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
* or visit www.oracle.com if you need additional information or have any
* questions.
*/
/**
* Contains class and interfaces for supporting SASL.
*
* This package defines classes and interfaces for SASL mechanisms.
* It is used by developers to add authentication support for
* connection-based protocols that use SASL.
*
* <h3>SASL Overview</h3>
*
* Simple Authentication and Security Layer (SASL) specifies a
* challenge-response protocol in which data is exchanged between the
* client and the server for the purposes of
* authentication and (optional) establishment of a security layer on
* which to carry on subsequent communications. It is used with
* connection-based protocols such as LDAPv3 or IMAPv4. SASL is
* described in
* <A HREF="http://www.ietf.org/rfc/rfc2222.txt">RFC 2222</A>.
*
*
* There are various <em>mechanisms</em> defined for SASL.
* Each mechanism defines the data that must be exchanged between the
* client and server in order for the authentication to succeed.
* This data exchange required for a particular mechanism is referred to
* to as its <em>protocol profile</em>.
* The following are some examples of mechanisms that have been defined by
* the Internet standards community.
* <ul>
* <li>DIGEST-MD5 (<A HREF="http://www.ietf.org/rfc/rfc2831.txt">RFC 2831</a>).
* This mechanism defines how HTTP Digest Authentication can be used as a SASL
* mechanism.
* <li>Anonymous (<A HREF="http://www.ietf.org/rfc/rfc2245.txt">RFC 2245</a>).
* This mechanism is anonymous authentication in which no credentials are
* necessary.
* <li>External (<A HREF="http://www.ietf.org/rfc/rfc2222.txt">RFC 2222</A>).
* This mechanism obtains authentication information
* from an external source (such as TLS or IPsec).
* <li>S/Key (<A HREF="http://www.ietf.org/rfc/rfc2222.txt">RFC 2222</A>).
* This mechanism uses the MD4 digest algorithm to exchange data based on
* a shared secret.
* <li>GSSAPI (<A HREF="http://www.ietf.org/rfc/rfc2222.txt">RFC 2222</A>).
* This mechanism uses the
* <A HREF="http://www.ietf.org/rfc/rfc2078.txt">GSSAPI</A>
* for obtaining authentication information.
* </ul>
*
* Some of these mechanisms provide both authentication and establishment
* of a security layer, others only authentication. Anonymous and
* S/Key do not provide for any security layers. GSSAPI and DIGEST-MD5
* allow negotiation of the security layer. For External, the
* security layer is determined by the external protocol.
*
* <h3>Usage</h3>
*
* Users of this API are typically developers who produce
* client library implementations for connection-based protocols,
* such as LDAPv3 and IMAPv4,
* and developers who write servers (such as LDAP servers and IMAP servers).
* Developers who write client libraries use the
* {@code SaslClient} and {@code SaslClientFactory} interfaces.
* Developers who write servers use the
* {@code SaslServer} and {@code SaslServerFactory} interfaces.
*
* Among these two groups of users, each can be further divided into two groups:
* those who <em>produce</em> the SASL mechanisms and those
* who <em>use</em> the SASL mechanisms.
* The producers of SASL mechanisms need to provide implementations
* for these interfaces, while users of the SASL mechanisms use
* the APIs in this package to access those implementations.
*
* <h2>Related Documentation</h2>
*
* Please refer to the
* <a href="../../../../technotes/guides/security/sasl/sasl-refguide.html">Java
* SASL Programming Guide</a> for information on how to use this API.
*
* @since 1.5
*/
package javax.security.sasl;

114
jdk/src/share/classes/javax/security/sasl/package.html
View file

@ -1,114 +0,0 @@
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 3.2 Final//EN">
<html>
<head>
<!--
Copyright (c) 1999, 2006, Oracle and/or its affiliates. All rights reserved.
DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
This code is free software; you can redistribute it and/or modify it
under the terms of the GNU General Public License version 2 only, as
published by the Free Software Foundation. Oracle designates this
particular file as subject to the "Classpath" exception as provided
by Oracle in the LICENSE file that accompanied this code.
This code is distributed in the hope that it will be useful, but WITHOUT
ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
version 2 for more details (a copy is included in the LICENSE file that
accompanied this code).
You should have received a copy of the GNU General Public License version
2 along with this work; if not, write to the Free Software Foundation,
Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
or visit www.oracle.com if you need additional information or have any
questions.
-->
</head>
<body bgcolor="white">
Contains class and interfaces for supporting SASL.
This package defines classes and interfaces for SASL mechanisms.
It is used by developers to add authentication support for
connection-based protocols that use SASL.
<h4>SASL Overview</h4>
<p>
Simple Authentication and Security Layer (SASL) specifies a
challenge-response protocol in which data is exchanged between the
client and the server for the purposes of
authentication and (optional) establishment of a security layer on
which to carry on subsequent communications. It is used with
connection-based protocols such as LDAPv3 or IMAPv4. SASL is
described in
<A HREF="http://www.ietf.org/rfc/rfc2222.txt">RFC 2222</A>.
<p>
There are various <em>mechanisms</em> defined for SASL.
Each mechanism defines the data that must be exchanged between the
client and server in order for the authentication to succeed.
This data exchange required for a particular mechanism is referred to
to as its <em>protocol profile</em>.
The following are some examples of mechanims that have been defined by
the Internet standards community.
<ul>
<li>DIGEST-MD5 (<A HREF="http://www.ietf.org/rfc/rfc2831.txt">RFC 2831</a>).
This mechanism defines how HTTP Digest Authentication can be used as a SASL
mechanism.
<li>Anonymous (<A HREF="http://www.ietf.org/rfc/rfc2245.txt">RFC 2245</a>).
This mechamism is anonymous authentication in which no credentials are
necessary.
<li>External (<A HREF="http://www.ietf.org/rfc/rfc2222.txt">RFC 2222</A>).
This mechanism obtains authentication information
from an external source (such as TLS or IPsec).
<li>S/Key (<A HREF="http://www.ietf.org/rfc/rfc2222.txt">RFC 2222</A>).
This mechanism uses the MD4 digest algorithm to exchange data based on
a shared secret.
<li>GSSAPI (<A HREF="http://www.ietf.org/rfc/rfc2222.txt">RFC 2222</A>).
This mechanism uses the
<A HREF="http://www.ietf.org/rfc/rfc2078.txt">GSSAPI</A>
for obtaining authentication information.
</ul>
<p>
Some of these mechanisms provide both authentication and establishment
of a security layer, others only authentication. Anonymous and
S/Key do not provide for any security layers. GSSAPI and DIGEST-MD5
allow negotiation of the security layer. For External, the
security layer is determined by the external protocol.
<h4>Usage</h4>
<p>
Users of this API are typically developers who produce
client library implementations for connection-based protocols,
such as LDAPv3 and IMAPv4,
and developers who write servers (such as LDAP servers and IMAP servers).
Developers who write client libraries use the
<tt>SaslClient</tt> and <tt>SaslClientFactory</tt> interfaces.
Developers who write servers use the
<tt>SaslServer</tt> and <tt>SaslServerFactory</tt> interfaces.
<p>
Among these two groups of users, each can be further divided into two groups:
those who <em>produce</em> the SASL mechanisms and those
who <em>use</em> the SASL mechanisms.
The producers of SASL mechanisms need to provide implementations
for these interfaces, while users of the SASL mechanisms use
the APIs in this package to access those implementations.
<h2>Related Documentation</h2>
Please refer to the
<a href="../../../../technotes/guides/security/sasl/sasl-refguide.html">Java
SASL Programming Guide</a> for information on how to use this API.
@since 1.5
</body>
</html>