Mercurial > hg > release > icedtea6-1.3
changeset 59:e2e07e628fbb
2007-06-26 Lillian Angel <langel@redhat.com>
* rt/java/util/Timer.java
rt/javax/security/auth/callback/ChoiceCallback.java
rt/javax/security/auth/callback/ConfirmationCallback.java
rt/javax/security/auth/callback/LanguageCallback.java
rt/javax/security/auth/callback/NameCallback.java
rt/javax/security/auth/callback/TextInputCallback.java
rt/javax/security/auth/callback/TextOutputCallback.java
rt/javax/security/sasl/AuthenticationException.java
rt/javax/security/sasl/Sasl.java
rt/javax/security/sasl/SaslClient.java
rt/javax/security/sasl/SaslClientFactory.java
rt/javax/security/sasl/SaslException.java
rt/javax/security/sasl/SaslServer.java
rt/javax/security/sasl/SaslServerFactory.java: Removed from repo. They
are being copied from the openjdk src anyways.
author | Lillian Angel <langel@redhat.com> |
---|---|
date | Wed, 27 Jun 2007 11:40:56 -0400 |
parents | c433e45fc1c1 |
children | 89ccb8a867c5 |
files | rt/java/util/Timer.java rt/javax/security/auth/callback/ChoiceCallback.java rt/javax/security/auth/callback/ConfirmationCallback.java rt/javax/security/auth/callback/LanguageCallback.java rt/javax/security/auth/callback/NameCallback.java rt/javax/security/auth/callback/TextInputCallback.java rt/javax/security/auth/callback/TextOutputCallback.java rt/javax/security/sasl/AuthenticationException.java rt/javax/security/sasl/Sasl.java rt/javax/security/sasl/SaslClient.java rt/javax/security/sasl/SaslClientFactory.java rt/javax/security/sasl/SaslException.java rt/javax/security/sasl/SaslServer.java rt/javax/security/sasl/SaslServerFactory.java |
diffstat | 14 files changed, 0 insertions(+), 3373 deletions(-) [+] |
line wrap: on
line diff
--- a/rt/java/util/Timer.java Tue Jun 26 14:12:55 2007 -0400 +++ /dev/null Thu Jan 01 00:00:00 1970 +0000 @@ -1,700 +0,0 @@ -/* - * Copyright 1999-2007 Sun Microsystems, Inc. All Rights Reserved. - * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. - * - * This code is free software; you can redistribute it and/or modify it - * under the terms of the GNU General Public License version 2 only, as - * published by the Free Software Foundation. Sun designates this - * particular file as subject to the "Classpath" exception as provided - * by Sun in the LICENSE file that accompanied this code. - * - * This code is distributed in the hope that it will be useful, but WITHOUT - * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or - * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License - * version 2 for more details (a copy is included in the LICENSE file that - * accompanied this code). - * - * You should have received a copy of the GNU General Public License version - * 2 along with this work; if not, write to the Free Software Foundation, - * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. - * - * Please contact Sun Microsystems, Inc., 4150 Network Circle, Santa Clara, - * CA 95054 USA or visit www.sun.com if you need additional information or - * have any questions. - */ - -package java.util; -import java.util.Date; - -/** - * A facility for threads to schedule tasks for future execution in a - * background thread. Tasks may be scheduled for one-time execution, or for - * repeated execution at regular intervals. - * - * <p>Corresponding to each <tt>Timer</tt> object is a single background - * thread that is used to execute all of the timer's tasks, sequentially. - * Timer tasks should complete quickly. If a timer task takes excessive time - * to complete, it "hogs" the timer's task execution thread. This can, in - * turn, delay the execution of subsequent tasks, which may "bunch up" and - * execute in rapid succession when (and if) the offending task finally - * completes. - * - * <p>After the last live reference to a <tt>Timer</tt> object goes away - * <i>and</i> all outstanding tasks have completed execution, the timer's task - * execution thread terminates gracefully (and becomes subject to garbage - * collection). However, this can take arbitrarily long to occur. By - * default, the task execution thread does not run as a <i>daemon thread</i>, - * so it is capable of keeping an application from terminating. If a caller - * wants to terminate a timer's task execution thread rapidly, the caller - * should invoke the timer's <tt>cancel</tt> method. - * - * <p>If the timer's task execution thread terminates unexpectedly, for - * example, because its <tt>stop</tt> method is invoked, any further - * attempt to schedule a task on the timer will result in an - * <tt>IllegalStateException</tt>, as if the timer's <tt>cancel</tt> - * method had been invoked. - * - * <p>This class is thread-safe: multiple threads can share a single - * <tt>Timer</tt> object without the need for external synchronization. - * - * <p>This class does <i>not</i> offer real-time guarantees: it schedules - * tasks using the <tt>Object.wait(long)</tt> method. - * - * <p>Java 5.0 introduced the {@code java.util.concurrent} package and - * one of the concurrency utilities therein is the {@link - * java.util.concurrent.ScheduledThreadPoolExecutor - * ScheduledThreadPoolExecutor} which is a thread pool for repeatedly - * executing tasks at a given rate or delay. It is effectively a more - * versatile replacement for the {@code Timer}/{@code TimerTask} - * combination, as it allows multiple service threads, accepts various - * time units, and doesn't require subclassing {@code TimerTask} (just - * implement {@code Runnable}). Configuring {@code - * ScheduledThreadPoolExecutor} with one thread makes it equivalent to - * {@code Timer}. - * - * <p>Implementation note: This class scales to large numbers of concurrently - * scheduled tasks (thousands should present no problem). Internally, - * it uses a binary heap to represent its task queue, so the cost to schedule - * a task is O(log n), where n is the number of concurrently scheduled tasks. - * - * <p>Implementation note: All constructors start a timer thread. - * - * @author Josh Bloch - * @version 1.27, 05/05/07 - * @see TimerTask - * @see Object#wait(long) - * @since 1.3 - */ - -public class Timer { - /** - * The timer task queue. This data structure is shared with the timer - * thread. The timer produces tasks, via its various schedule calls, - * and the timer thread consumes, executing timer tasks as appropriate, - * and removing them from the queue when they're obsolete. - */ - private TaskQueue queue = new TaskQueue(); - - /** - * The timer thread. - */ - private TimerThread thread = new TimerThread(queue); - - /** - * This object causes the timer's task execution thread to exit - * gracefully when there are no live references to the Timer object and no - * tasks in the timer queue. It is used in preference to a finalizer on - * Timer as such a finalizer would be susceptible to a subclass's - * finalizer forgetting to call it. - */ - private Object threadReaper = new Object() { - protected void finalize() throws Throwable { - synchronized(queue) { - thread.newTasksMayBeScheduled = false; - queue.notify(); // In case queue is empty. - } - } - }; - - /** - * This ID is used to generate thread names. (It could be replaced - * by an AtomicInteger as soon as they become available.) - */ - private static int nextSerialNumber = 0; - private static synchronized int serialNumber() { - return nextSerialNumber++; - } - - /** - * Creates a new timer. The associated thread does <i>not</i> - * {@linkplain Thread#setDaemon run as a daemon}. - */ - public Timer() { - this("Timer-" + serialNumber()); - } - - /** - * Creates a new timer whose associated thread may be specified to - * {@linkplain Thread#setDaemon run as a daemon}. - * A daemon thread is called for if the timer will be used to - * schedule repeating "maintenance activities", which must be - * performed as long as the application is running, but should not - * prolong the lifetime of the application. - * - * @param isDaemon true if the associated thread should run as a daemon. - */ - public Timer(boolean isDaemon) { - this("Timer-" + serialNumber(), isDaemon); - } - - /** - * Creates a new timer whose associated thread has the specified name. - * The associated thread does <i>not</i> - * {@linkplain Thread#setDaemon run as a daemon}. - * - * @param name the name of the associated thread - * @throws NullPointerException if name is null - * @since 1.5 - */ - public Timer(String name) { - thread.setName(name); - thread.start(); - } - - /** - * Creates a new timer whose associated thread has the specified name, - * and may be specified to - * {@linkplain Thread#setDaemon run as a daemon}. - * - * @param name the name of the associated thread - * @param isDaemon true if the associated thread should run as a daemon - * @throws NullPointerException if name is null - * @since 1.5 - */ - public Timer(String name, boolean isDaemon) { - thread.setName(name); - thread.setDaemon(isDaemon); - thread.start(); - } - - /** - * Schedules the specified task for execution after the specified delay. - * - * @param task task to be scheduled. - * @param delay delay in milliseconds before task is to be executed. - * @throws IllegalArgumentException if <tt>delay</tt> is negative, or - * <tt>delay + System.currentTimeMillis()</tt> is negative. - * @throws IllegalStateException if task was already scheduled or - * cancelled, or timer was cancelled. - */ - public void schedule(TimerTask task, long delay) { - if (delay < 0) - throw new IllegalArgumentException("Negative delay."); - sched(task, System.currentTimeMillis()+delay, 0); - } - - /** - * Schedules the specified task for execution at the specified time. If - * the time is in the past, the task is scheduled for immediate execution. - * - * @param task task to be scheduled. - * @param time time at which task is to be executed. - * @throws IllegalArgumentException if <tt>time.getTime()</tt> is negative. - * @throws IllegalStateException if task was already scheduled or - * cancelled, timer was cancelled, or timer thread terminated. - */ - public void schedule(TimerTask task, Date time) { - sched(task, time.getTime(), 0); - } - - /** - * Schedules the specified task for repeated <i>fixed-delay execution</i>, - * beginning after the specified delay. Subsequent executions take place - * at approximately regular intervals separated by the specified period. - * - * <p>In fixed-delay execution, each execution is scheduled relative to - * the actual execution time of the previous execution. If an execution - * is delayed for any reason (such as garbage collection or other - * background activity), subsequent executions will be delayed as well. - * In the long run, the frequency of execution will generally be slightly - * lower than the reciprocal of the specified period (assuming the system - * clock underlying <tt>Object.wait(long)</tt> is accurate). - * - * <p>Fixed-delay execution is appropriate for recurring activities - * that require "smoothness." In other words, it is appropriate for - * activities where it is more important to keep the frequency accurate - * in the short run than in the long run. This includes most animation - * tasks, such as blinking a cursor at regular intervals. It also includes - * tasks wherein regular activity is performed in response to human - * input, such as automatically repeating a character as long as a key - * is held down. - * - * @param task task to be scheduled. - * @param delay delay in milliseconds before task is to be executed. - * @param period time in milliseconds between successive task executions. - * @throws IllegalArgumentException if <tt>delay</tt> is negative, or - * <tt>delay + System.currentTimeMillis()</tt> is negative. - * @throws IllegalStateException if task was already scheduled or - * cancelled, timer was cancelled, or timer thread terminated. - */ - public void schedule(TimerTask task, long delay, long period) { - if (delay < 0) - throw new IllegalArgumentException("Negative delay."); - if (period <= 0) - throw new IllegalArgumentException("Non-positive period."); - sched(task, System.currentTimeMillis()+delay, -period); - } - - /** - * Schedules the specified task for repeated <i>fixed-delay execution</i>, - * beginning at the specified time. Subsequent executions take place at - * approximately regular intervals, separated by the specified period. - * - * <p>In fixed-delay execution, each execution is scheduled relative to - * the actual execution time of the previous execution. If an execution - * is delayed for any reason (such as garbage collection or other - * background activity), subsequent executions will be delayed as well. - * In the long run, the frequency of execution will generally be slightly - * lower than the reciprocal of the specified period (assuming the system - * clock underlying <tt>Object.wait(long)</tt> is accurate). - * - * <p>Fixed-delay execution is appropriate for recurring activities - * that require "smoothness." In other words, it is appropriate for - * activities where it is more important to keep the frequency accurate - * in the short run than in the long run. This includes most animation - * tasks, such as blinking a cursor at regular intervals. It also includes - * tasks wherein regular activity is performed in response to human - * input, such as automatically repeating a character as long as a key - * is held down. - * - * @param task task to be scheduled. - * @param firstTime First time at which task is to be executed. - * @param period time in milliseconds between successive task executions. - * @throws IllegalArgumentException if <tt>time.getTime()</tt> is negative. - * @throws IllegalStateException if task was already scheduled or - * cancelled, timer was cancelled, or timer thread terminated. - */ - public void schedule(TimerTask task, Date firstTime, long period) { - if (period <= 0) - throw new IllegalArgumentException("Non-positive period."); - sched(task, firstTime.getTime(), -period); - } - - /** - * Schedules the specified task for repeated <i>fixed-rate execution</i>, - * beginning after the specified delay. Subsequent executions take place - * at approximately regular intervals, separated by the specified period. - * - * <p>In fixed-rate execution, each execution is scheduled relative to the - * scheduled execution time of the initial execution. If an execution is - * delayed for any reason (such as garbage collection or other background - * activity), two or more executions will occur in rapid succession to - * "catch up." In the long run, the frequency of execution will be - * exactly the reciprocal of the specified period (assuming the system - * clock underlying <tt>Object.wait(long)</tt> is accurate). - * - * <p>Fixed-rate execution is appropriate for recurring activities that - * are sensitive to <i>absolute</i> time, such as ringing a chime every - * hour on the hour, or running scheduled maintenance every day at a - * particular time. It is also appropriate for recurring activities - * where the total time to perform a fixed number of executions is - * important, such as a countdown timer that ticks once every second for - * ten seconds. Finally, fixed-rate execution is appropriate for - * scheduling multiple repeating timer tasks that must remain synchronized - * with respect to one another. - * - * @param task task to be scheduled. - * @param delay delay in milliseconds before task is to be executed. - * @param period time in milliseconds between successive task executions. - * @throws IllegalArgumentException if <tt>delay</tt> is negative, or - * <tt>delay + System.currentTimeMillis()</tt> is negative. - * @throws IllegalStateException if task was already scheduled or - * cancelled, timer was cancelled, or timer thread terminated. - */ - public void scheduleAtFixedRate(TimerTask task, long delay, long period) { - if (delay < 0) - throw new IllegalArgumentException("Negative delay."); - if (period <= 0) - throw new IllegalArgumentException("Non-positive period."); - sched(task, System.currentTimeMillis()+delay, period); - } - - /** - * Schedules the specified task for repeated <i>fixed-rate execution</i>, - * beginning at the specified time. Subsequent executions take place at - * approximately regular intervals, separated by the specified period. - * - * <p>In fixed-rate execution, each execution is scheduled relative to the - * scheduled execution time of the initial execution. If an execution is - * delayed for any reason (such as garbage collection or other background - * activity), two or more executions will occur in rapid succession to - * "catch up." In the long run, the frequency of execution will be - * exactly the reciprocal of the specified period (assuming the system - * clock underlying <tt>Object.wait(long)</tt> is accurate). - * - * <p>Fixed-rate execution is appropriate for recurring activities that - * are sensitive to <i>absolute</i> time, such as ringing a chime every - * hour on the hour, or running scheduled maintenance every day at a - * particular time. It is also appropriate for recurring activities - * where the total time to perform a fixed number of executions is - * important, such as a countdown timer that ticks once every second for - * ten seconds. Finally, fixed-rate execution is appropriate for - * scheduling multiple repeating timer tasks that must remain synchronized - * with respect to one another. - * - * @param task task to be scheduled. - * @param firstTime First time at which task is to be executed. - * @param period time in milliseconds between successive task executions. - * @throws IllegalArgumentException if <tt>time.getTime()</tt> is negative. - * @throws IllegalStateException if task was already scheduled or - * cancelled, timer was cancelled, or timer thread terminated. - */ - public void scheduleAtFixedRate(TimerTask task, Date firstTime, - long period) { - if (period <= 0) - throw new IllegalArgumentException("Non-positive period."); - sched(task, firstTime.getTime(), period); - } - - /** - * Schedule the specified timer task for execution at the specified - * time with the specified period, in milliseconds. If period is - * positive, the task is scheduled for repeated execution; if period is - * zero, the task is scheduled for one-time execution. Time is specified - * in Date.getTime() format. This method checks timer state, task state, - * and initial execution time, but not period. - * - * @throws IllegalArgumentException if <tt>time()</tt> is negative. - * @throws IllegalStateException if task was already scheduled or - * cancelled, timer was cancelled, or timer thread terminated. - */ - private void sched(TimerTask task, long time, long period) { - if (time < 0) - throw new IllegalArgumentException("Illegal execution time."); - - synchronized(queue) { - if (!thread.newTasksMayBeScheduled) - throw new IllegalStateException("Timer already cancelled."); - - synchronized(task.lock) { - if (task.state != TimerTask.VIRGIN) - throw new IllegalStateException( - "Task already scheduled or cancelled"); - task.nextExecutionTime = time; - task.period = period; - task.state = TimerTask.SCHEDULED; - } - - queue.add(task); - if (queue.getMin() == task) - queue.notify(); - } - } - - /** - * Terminates this timer, discarding any currently scheduled tasks. - * Does not interfere with a currently executing task (if it exists). - * Once a timer has been terminated, its execution thread terminates - * gracefully, and no more tasks may be scheduled on it. - * - * <p>Note that calling this method from within the run method of a - * timer task that was invoked by this timer absolutely guarantees that - * the ongoing task execution is the last task execution that will ever - * be performed by this timer. - * - * <p>This method may be called repeatedly; the second and subsequent - * calls have no effect. - */ - public void cancel() { - synchronized(queue) { - thread.newTasksMayBeScheduled = false; - queue.clear(); - queue.notify(); // In case queue was already empty. - } - } - - /** - * Removes all cancelled tasks from this timer's task queue. <i>Calling - * this method has no effect on the behavior of the timer</i>, but - * eliminates the references to the cancelled tasks from the queue. - * If there are no external references to these tasks, they become - * eligible for garbage collection. - * - * <p>Most programs will have no need to call this method. - * It is designed for use by the rare application that cancels a large - * number of tasks. Calling this method trades time for space: the - * runtime of the method may be proportional to n + c log n, where n - * is the number of tasks in the queue and c is the number of cancelled - * tasks. - * - * <p>Note that it is permissible to call this method from within a - * a task scheduled on this timer. - * - * @return the number of tasks removed from the queue. - * @since 1.5 - */ - public int purge() { - int result = 0; - - synchronized(queue) { - for (int i = queue.size(); i > 0; i--) { - if (queue.get(i).state == TimerTask.CANCELLED) { - queue.quickRemove(i); - result++; - } - } - - if (result != 0) - queue.heapify(); - } - - return result; - } -} - -/** - * This "helper class" implements the timer's task execution thread, which - * waits for tasks on the timer queue, executions them when they fire, - * reschedules repeating tasks, and removes cancelled tasks and spent - * non-repeating tasks from the queue. - */ -class TimerThread extends Thread { - /** - * This flag is set to false by the reaper to inform us that there - * are no more live references to our Timer object. Once this flag - * is true and there are no more tasks in our queue, there is no - * work left for us to do, so we terminate gracefully. Note that - * this field is protected by queue's monitor! - */ - boolean newTasksMayBeScheduled = true; - - /** - * Our Timer's queue. We store this reference in preference to - * a reference to the Timer so the reference graph remains acyclic. - * Otherwise, the Timer would never be garbage-collected and this - * thread would never go away. - */ - private TaskQueue queue; - - TimerThread(TaskQueue queue) { - this.queue = queue; - } - - public void run() { - try { - mainLoop(); - } finally { - // Someone killed this Thread, behave as if Timer cancelled - synchronized(queue) { - newTasksMayBeScheduled = false; - queue.clear(); // Eliminate obsolete references - } - } - } - - /** - * The main timer loop. (See class comment.) - */ - private void mainLoop() { - while (true) { - try { - TimerTask task; - boolean taskFired; - synchronized(queue) { - // Wait for queue to become non-empty - while (queue.isEmpty() && newTasksMayBeScheduled) - queue.wait(); - if (queue.isEmpty()) - break; // Queue is empty and will forever remain; die - - // Queue nonempty; look at first evt and do the right thing - long currentTime, executionTime; - task = queue.getMin(); - synchronized(task.lock) { - if (task.state == TimerTask.CANCELLED) { - queue.removeMin(); - continue; // No action required, poll queue again - } - currentTime = System.currentTimeMillis(); - executionTime = task.nextExecutionTime; - if (taskFired = (executionTime<=currentTime)) { - if (task.period == 0) { // Non-repeating, remove - queue.removeMin(); - task.state = TimerTask.EXECUTED; - } else { // Repeating task, reschedule - queue.rescheduleMin( - task.period<0 ? currentTime - task.period - : executionTime + task.period); - } - } - } - if (!taskFired) // Task hasn't yet fired; wait - queue.wait(executionTime - currentTime); - } - if (taskFired) // Task fired; run it, holding no locks - task.run(); - } catch(InterruptedException e) { - } - } - } -} - -/** - * This class represents a timer task queue: a priority queue of TimerTasks, - * ordered on nextExecutionTime. Each Timer object has one of these, which it - * shares with its TimerThread. Internally this class uses a heap, which - * offers log(n) performance for the add, removeMin and rescheduleMin - * operations, and constant time performance for the getMin operation. - */ -class TaskQueue { - /** - * Priority queue represented as a balanced binary heap: the two children - * of queue[n] are queue[2*n] and queue[2*n+1]. The priority queue is - * ordered on the nextExecutionTime field: The TimerTask with the lowest - * nextExecutionTime is in queue[1] (assuming the queue is nonempty). For - * each node n in the heap, and each descendant of n, d, - * n.nextExecutionTime <= d.nextExecutionTime. - */ - private TimerTask[] queue = new TimerTask[128]; - - /** - * The number of tasks in the priority queue. (The tasks are stored in - * queue[1] up to queue[size]). - */ - private int size = 0; - - /** - * Returns the number of tasks currently on the queue. - */ - int size() { - return size; - } - - /** - * Adds a new task to the priority queue. - */ - void add(TimerTask task) { - // Grow backing store if necessary - if (size + 1 == queue.length) - queue = Arrays.copyOf(queue, 2*queue.length); - - queue[++size] = task; - fixUp(size); - } - - /** - * Return the "head task" of the priority queue. (The head task is an - * task with the lowest nextExecutionTime.) - */ - TimerTask getMin() { - return queue[1]; - } - - /** - * Return the ith task in the priority queue, where i ranges from 1 (the - * head task, which is returned by getMin) to the number of tasks on the - * queue, inclusive. - */ - TimerTask get(int i) { - return queue[i]; - } - - /** - * Remove the head task from the priority queue. - */ - void removeMin() { - queue[1] = queue[size]; - queue[size--] = null; // Drop extra reference to prevent memory leak - fixDown(1); - } - - /** - * Removes the ith element from queue without regard for maintaining - * the heap invariant. Recall that queue is one-based, so - * 1 <= i <= size. - */ - void quickRemove(int i) { - assert i <= size; - - queue[i] = queue[size]; - queue[size--] = null; // Drop extra ref to prevent memory leak - } - - /** - * Sets the nextExecutionTime associated with the head task to the - * specified value, and adjusts priority queue accordingly. - */ - void rescheduleMin(long newTime) { - queue[1].nextExecutionTime = newTime; - fixDown(1); - } - - /** - * Returns true if the priority queue contains no elements. - */ - boolean isEmpty() { - return size==0; - } - - /** - * Removes all elements from the priority queue. - */ - void clear() { - // Null out task references to prevent memory leak - for (int i=1; i<=size; i++) - queue[i] = null; - - size = 0; - } - - /** - * Establishes the heap invariant (described above) assuming the heap - * satisfies the invariant except possibly for the leaf-node indexed by k - * (which may have a nextExecutionTime less than its parent's). - * - * This method functions by "promoting" queue[k] up the hierarchy - * (by swapping it with its parent) repeatedly until queue[k]'s - * nextExecutionTime is greater than or equal to that of its parent. - */ - private void fixUp(int k) { - while (k > 1) { - int j = k >> 1; - if (queue[j].nextExecutionTime <= queue[k].nextExecutionTime) - break; - TimerTask tmp = queue[j]; queue[j] = queue[k]; queue[k] = tmp; - k = j; - } - } - - /** - * Establishes the heap invariant (described above) in the subtree - * rooted at k, which is assumed to satisfy the heap invariant except - * possibly for node k itself (which may have a nextExecutionTime greater - * than its children's). - * - * This method functions by "demoting" queue[k] down the hierarchy - * (by swapping it with its smaller child) repeatedly until queue[k]'s - * nextExecutionTime is less than or equal to those of its children. - */ - private void fixDown(int k) { - int j; - while ((j = k << 1) <= size && j > 0) { - if (j < size && - queue[j].nextExecutionTime > queue[j+1].nextExecutionTime) - j++; // j indexes smallest kid - if (queue[k].nextExecutionTime <= queue[j].nextExecutionTime) - break; - TimerTask tmp = queue[j]; queue[j] = queue[k]; queue[k] = tmp; - k = j; - } - } - - /** - * Establishes the heap invariant (described above) in the entire tree, - * assuming nothing about the order of the elements prior to the call. - */ - void heapify() { - for (int i = size/2; i >= 1; i--) - fixDown(i); - } -}
--- a/rt/javax/security/auth/callback/ChoiceCallback.java Tue Jun 26 14:12:55 2007 -0400 +++ /dev/null Thu Jan 01 00:00:00 1970 +0000 @@ -1,212 +0,0 @@ -/* - * Copyright 1999-2003 Sun Microsystems, Inc. All Rights Reserved. - * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. - * - * This code is free software; you can redistribute it and/or modify it - * under the terms of the GNU General Public License version 2 only, as - * published by the Free Software Foundation. Sun designates this - * particular file as subject to the "Classpath" exception as provided - * by Sun in the LICENSE file that accompanied this code. - * - * This code is distributed in the hope that it will be useful, but WITHOUT - * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or - * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License - * version 2 for more details (a copy is included in the LICENSE file that - * accompanied this code). - * - * You should have received a copy of the GNU General Public License version - * 2 along with this work; if not, write to the Free Software Foundation, - * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. - * - * Please contact Sun Microsystems, Inc., 4150 Network Circle, Santa Clara, - * CA 95054 USA or visit www.sun.com if you need additional information or - * have any questions. - */ - -package javax.security.auth.callback; - -/** - * <p> Underlying security services instantiate and pass a - * <code>ChoiceCallback</code> to the <code>handle</code> - * method of a <code>CallbackHandler</code> to display a list of choices - * and to retrieve the selected choice(s). - * - * @version 1.24, 05/05/07 - * @see javax.security.auth.callback.CallbackHandler - */ -public class ChoiceCallback implements Callback, java.io.Serializable { - - private static final long serialVersionUID = -3975664071579892167L; - - /** - * @serial - * @since 1.4 - */ - private String prompt; - /** - * @serial the list of choices - * @since 1.4 - */ - private String[] choices; - /** - * @serial the choice to be used as the default choice - * @since 1.4 - */ - private int defaultChoice; - /** - * @serial whether multiple selections are allowed from the list of - * choices - * @since 1.4 - */ - private boolean multipleSelectionsAllowed; - /** - * @serial the selected choices, represented as indexes into the - * <code>choices</code> list. - * @since 1.4 - */ - private int[] selections; - - /** - * Construct a <code>ChoiceCallback</code> with a prompt, - * a list of choices, a default choice, and a boolean specifying - * whether or not multiple selections from the list of choices are allowed. - * - * <p> - * - * @param prompt the prompt used to describe the list of choices. <p> - * - * @param choices the list of choices. <p> - * - * @param defaultChoice the choice to be used as the default choice - * when the list of choices are displayed. This value - * is represented as an index into the - * <code>choices</code> array. <p> - * - * @param multipleSelectionsAllowed boolean specifying whether or - * not multiple selections can be made from the - * list of choices. - * - * @exception IllegalArgumentException if <code>prompt</code> is null, - * if <code>prompt</code> has a length of 0, - * if <code>choices</code> is null, - * if <code>choices</code> has a length of 0, - * if any element from <code>choices</code> is null, - * if any element from <code>choices</code> - * has a length of 0 or if <code>defaultChoice</code> - * does not fall within the array boundaries of - * <code>choices</code>. - */ - public ChoiceCallback(String prompt, String[] choices, - int defaultChoice, boolean multipleSelectionsAllowed) { - - if (prompt == null || prompt.length() == 0 || - choices == null || choices.length == 0 || - defaultChoice < 0 || defaultChoice >= choices.length) - throw new IllegalArgumentException(); - - for (int i = 0; i < choices.length; i++) { - if (choices[i] == null || choices[i].length() == 0) - throw new IllegalArgumentException(); - } - - this.prompt = prompt; - this.choices = choices; - this.defaultChoice = defaultChoice; - this.multipleSelectionsAllowed = multipleSelectionsAllowed; - } - - /** - * Get the prompt. - * - * <p> - * - * @return the prompt. - */ - public String getPrompt() { - return prompt; - } - - /** - * Get the list of choices. - * - * <p> - * - * @return the list of choices. - */ - public String[] getChoices() { - return choices; - } - - /** - * Get the defaultChoice. - * - * <p> - * - * @return the defaultChoice, represented as an index into - * the <code>choices</code> list. - */ - public int getDefaultChoice() { - return defaultChoice; - } - - /** - * Get the boolean determining whether multiple selections from - * the <code>choices</code> list are allowed. - * - * <p> - * - * @return whether multiple selections are allowed. - */ - public boolean allowMultipleSelections() { - return multipleSelectionsAllowed; - } - - /** - * Set the selected choice. - * - * <p> - * - * @param selection the selection represented as an index into the - * <code>choices</code> list. - * - * @see #getSelectedIndexes - */ - public void setSelectedIndex(int selection) { - this.selections = new int[1]; - this.selections[0] = selection; - } - - /** - * Set the selected choices. - * - * <p> - * - * @param selections the selections represented as indexes into the - * <code>choices</code> list. - * - * @exception UnsupportedOperationException if multiple selections are - * not allowed, as determined by - * <code>allowMultipleSelections</code>. - * - * @see #getSelectedIndexes - */ - public void setSelectedIndexes(int[] selections) { - if (!multipleSelectionsAllowed) - throw new UnsupportedOperationException(); - this.selections = selections; - } - - /** - * Get the selected choices. - * - * <p> - * - * @return the selected choices, represented as indexes into the - * <code>choices</code> list. - * - * @see #setSelectedIndexes - */ - public int[] getSelectedIndexes() { - return selections; - } -}
--- a/rt/javax/security/auth/callback/ConfirmationCallback.java Tue Jun 26 14:12:55 2007 -0400 +++ /dev/null Thu Jan 01 00:00:00 1970 +0000 @@ -1,502 +0,0 @@ -/* - * Copyright 1999-2003 Sun Microsystems, Inc. All Rights Reserved. - * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. - * - * This code is free software; you can redistribute it and/or modify it - * under the terms of the GNU General Public License version 2 only, as - * published by the Free Software Foundation. Sun designates this - * particular file as subject to the "Classpath" exception as provided - * by Sun in the LICENSE file that accompanied this code. - * - * This code is distributed in the hope that it will be useful, but WITHOUT - * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or - * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License - * version 2 for more details (a copy is included in the LICENSE file that - * accompanied this code). - * - * You should have received a copy of the GNU General Public License version - * 2 along with this work; if not, write to the Free Software Foundation, - * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. - * - * Please contact Sun Microsystems, Inc., 4150 Network Circle, Santa Clara, - * CA 95054 USA or visit www.sun.com if you need additional information or - * have any questions. - */ - -package javax.security.auth.callback; - -/** - * <p> Underlying security services instantiate and pass a - * <code>ConfirmationCallback</code> to the <code>handle</code> - * method of a <code>CallbackHandler</code> to ask for YES/NO, - * OK/CANCEL, YES/NO/CANCEL or other similar confirmations. - * - * @version 1.23, 05/05/07 - * @see javax.security.auth.callback.CallbackHandler - */ -public class ConfirmationCallback implements Callback, java.io.Serializable { - - private static final long serialVersionUID = -9095656433782481624L; - - /** - * Unspecified option type. - * - * <p> The <code>getOptionType</code> method returns this - * value if this <code>ConfirmationCallback</code> was instantiated - * with <code>options</code> instead of an <code>optionType</code>. - */ - public static final int UNSPECIFIED_OPTION = -1; - - /** - * YES/NO confirmation option. - * - * <p> An underlying security service specifies this as the - * <code>optionType</code> to a <code>ConfirmationCallback</code> - * constructor if it requires a confirmation which can be answered - * with either <code>YES</code> or <code>NO</code>. - */ - public static final int YES_NO_OPTION = 0; - - /** - * YES/NO/CANCEL confirmation confirmation option. - * - * <p> An underlying security service specifies this as the - * <code>optionType</code> to a <code>ConfirmationCallback</code> - * constructor if it requires a confirmation which can be answered - * with either <code>YES</code>, <code>NO</code> or <code>CANCEL</code>. - */ - public static final int YES_NO_CANCEL_OPTION = 1; - - /** - * OK/CANCEL confirmation confirmation option. - * - * <p> An underlying security service specifies this as the - * <code>optionType</code> to a <code>ConfirmationCallback</code> - * constructor if it requires a confirmation which can be answered - * with either <code>OK</code> or <code>CANCEL</code>. - */ - public static final int OK_CANCEL_OPTION = 2; - - /** - * YES option. - * - * <p> If an <code>optionType</code> was specified to this - * <code>ConfirmationCallback</code>, this option may be specified as a - * <code>defaultOption</code> or returned as the selected index. - */ - public static final int YES = 0; - - /** - * NO option. - * - * <p> If an <code>optionType</code> was specified to this - * <code>ConfirmationCallback</code>, this option may be specified as a - * <code>defaultOption</code> or returned as the selected index. - */ - public static final int NO = 1; - - /** - * CANCEL option. - * - * <p> If an <code>optionType</code> was specified to this - * <code>ConfirmationCallback</code>, this option may be specified as a - * <code>defaultOption</code> or returned as the selected index. - */ - public static final int CANCEL = 2; - - /** - * OK option. - * - * <p> If an <code>optionType</code> was specified to this - * <code>ConfirmationCallback</code>, this option may be specified as a - * <code>defaultOption</code> or returned as the selected index. - */ - public static final int OK = 3; - - /** INFORMATION message type. */ - public static final int INFORMATION = 0; - - /** WARNING message type. */ - public static final int WARNING = 1; - - /** ERROR message type. */ - public static final int ERROR = 2; - /** - * @serial - * @since 1.4 - */ - private String prompt; - /** - * @serial - * @since 1.4 - */ - private int messageType; - /** - * @serial - * @since 1.4 - */ - private int optionType = UNSPECIFIED_OPTION; - /** - * @serial - * @since 1.4 - */ - private int defaultOption; - /** - * @serial - * @since 1.4 - */ - private String[] options; - /** - * @serial - * @since 1.4 - */ - private int selection; - - /** - * Construct a <code>ConfirmationCallback</code> with a - * message type, an option type and a default option. - * - * <p> Underlying security services use this constructor if - * they require either a YES/NO, YES/NO/CANCEL or OK/CANCEL - * confirmation. - * - * <p> - * - * @param messageType the message type (<code>INFORMATION</code>, - * <code>WARNING</code> or <code>ERROR</code>). <p> - * - * @param optionType the option type (<code>YES_NO_OPTION</code>, - * <code>YES_NO_CANCEL_OPTION</code> or - * <code>OK_CANCEL_OPTION</code>). <p> - * - * @param defaultOption the default option - * from the provided optionType (<code>YES</code>, - * <code>NO</code>, <code>CANCEL</code> or - * <code>OK</code>). - * - * @exception IllegalArgumentException if messageType is not either - * <code>INFORMATION</code>, <code>WARNING</code>, - * or <code>ERROR</code>, if optionType is not either - * <code>YES_NO_OPTION</code>, - * <code>YES_NO_CANCEL_OPTION</code>, or - * <code>OK_CANCEL_OPTION</code>, - * or if <code>defaultOption</code> - * does not correspond to one of the options in - * <code>optionType</code>. - */ - public ConfirmationCallback(int messageType, - int optionType, int defaultOption) { - - if (messageType < INFORMATION || messageType > ERROR || - optionType < YES_NO_OPTION || optionType > OK_CANCEL_OPTION) - throw new IllegalArgumentException(); - - switch (optionType) { - case YES_NO_OPTION: - if (defaultOption != YES && defaultOption != NO) - throw new IllegalArgumentException(); - break; - case YES_NO_CANCEL_OPTION: - if (defaultOption != YES && defaultOption != NO && - defaultOption != CANCEL) - throw new IllegalArgumentException(); - break; - case OK_CANCEL_OPTION: - if (defaultOption != OK && defaultOption != CANCEL) - throw new IllegalArgumentException(); - break; - } - - this.messageType = messageType; - this.optionType = optionType; - this.defaultOption = defaultOption; - } - - /** - * Construct a <code>ConfirmationCallback</code> with a - * message type, a list of options and a default option. - * - * <p> Underlying security services use this constructor if - * they require a confirmation different from the available preset - * confirmations provided (for example, CONTINUE/ABORT or STOP/GO). - * The confirmation options are listed in the <code>options</code> array, - * and are displayed by the <code>CallbackHandler</code> implementation - * in a manner consistent with the way preset options are displayed. - * - * <p> - * - * @param messageType the message type (<code>INFORMATION</code>, - * <code>WARNING</code> or <code>ERROR</code>). <p> - * - * @param options the list of confirmation options. <p> - * - * @param defaultOption the default option, represented as an index - * into the <code>options</code> array. - * - * @exception IllegalArgumentException if messageType is not either - * <code>INFORMATION</code>, <code>WARNING</code>, - * or <code>ERROR</code>, if <code>options</code> is null, - * if <code>options</code> has a length of 0, - * if any element from <code>options</code> is null, - * if any element from <code>options</code> - * has a length of 0, or if <code>defaultOption</code> - * does not lie within the array boundaries of - * <code>options</code>. - */ - public ConfirmationCallback(int messageType, - String[] options, int defaultOption) { - - if (messageType < INFORMATION || messageType > ERROR || - options == null || options.length == 0 || - defaultOption < 0 || defaultOption >= options.length) - throw new IllegalArgumentException(); - - for (int i = 0; i < options.length; i++) { - if (options[i] == null || options[i].length() == 0) - throw new IllegalArgumentException(); - } - - this.messageType = messageType; - this.options = options; - this.defaultOption = defaultOption; - } - - /** - * Construct a <code>ConfirmationCallback</code> with a prompt, - * message type, an option type and a default option. - * - * <p> Underlying security services use this constructor if - * they require either a YES/NO, YES/NO/CANCEL or OK/CANCEL - * confirmation. - * - * <p> - * - * @param prompt the prompt used to describe the list of options. <p> - * - * @param messageType the message type (<code>INFORMATION</code>, - * <code>WARNING</code> or <code>ERROR</code>). <p> - * - * @param optionType the option type (<code>YES_NO_OPTION</code>, - * <code>YES_NO_CANCEL_OPTION</code> or - * <code>OK_CANCEL_OPTION</code>). <p> - * - * @param defaultOption the default option - * from the provided optionType (<code>YES</code>, - * <code>NO</code>, <code>CANCEL</code> or - * <code>OK</code>). - * - * @exception IllegalArgumentException if <code>prompt</code> is null, - * if <code>prompt</code> has a length of 0, - * if messageType is not either - * <code>INFORMATION</code>, <code>WARNING</code>, - * or <code>ERROR</code>, if optionType is not either - * <code>YES_NO_OPTION</code>, - * <code>YES_NO_CANCEL_OPTION</code>, or - * <code>OK_CANCEL_OPTION</code>, - * or if <code>defaultOption</code> - * does not correspond to one of the options in - * <code>optionType</code>. - */ - public ConfirmationCallback(String prompt, int messageType, - int optionType, int defaultOption) { - - if (prompt == null || prompt.length() == 0 || - messageType < INFORMATION || messageType > ERROR || - optionType < YES_NO_OPTION || optionType > OK_CANCEL_OPTION) - throw new IllegalArgumentException(); - - switch (optionType) { - case YES_NO_OPTION: - if (defaultOption != YES && defaultOption != NO) - throw new IllegalArgumentException(); - break; - case YES_NO_CANCEL_OPTION: - if (defaultOption != YES && defaultOption != NO && - defaultOption != CANCEL) - throw new IllegalArgumentException(); - break; - case OK_CANCEL_OPTION: - if (defaultOption != OK && defaultOption != CANCEL) - throw new IllegalArgumentException(); - break; - } - - this.prompt = prompt; - this.messageType = messageType; - this.optionType = optionType; - this.defaultOption = defaultOption; - } - - /** - * Construct a <code>ConfirmationCallback</code> with a prompt, - * message type, a list of options and a default option. - * - * <p> Underlying security services use this constructor if - * they require a confirmation different from the available preset - * confirmations provided (for example, CONTINUE/ABORT or STOP/GO). - * The confirmation options are listed in the <code>options</code> array, - * and are displayed by the <code>CallbackHandler</code> implementation - * in a manner consistent with the way preset options are displayed. - * - * <p> - * - * @param prompt the prompt used to describe the list of options. <p> - * - * @param messageType the message type (<code>INFORMATION</code>, - * <code>WARNING</code> or <code>ERROR</code>). <p> - * - * @param options the list of confirmation options. <p> - * - * @param defaultOption the default option, represented as an index - * into the <code>options</code> array. - * - * @exception IllegalArgumentException if <code>prompt</code> is null, - * if <code>prompt</code> has a length of 0, - * if messageType is not either - * <code>INFORMATION</code>, <code>WARNING</code>, - * or <code>ERROR</code>, if <code>options</code> is null, - * if <code>options</code> has a length of 0, - * if any element from <code>options</code> is null, - * if any element from <code>options</code> - * has a length of 0, or if <code>defaultOption</code> - * does not lie within the array boundaries of - * <code>options</code>. - */ - public ConfirmationCallback(String prompt, int messageType, - String[] options, int defaultOption) { - - if (prompt == null || prompt.length() == 0 || - messageType < INFORMATION || messageType > ERROR || - options == null || options.length == 0 || - defaultOption < 0 || defaultOption >= options.length) - throw new IllegalArgumentException(); - - for (int i = 0; i < options.length; i++) { - if (options[i] == null || options[i].length() == 0) - throw new IllegalArgumentException(); - } - - this.prompt = prompt; - this.messageType = messageType; - this.options = options; - this.defaultOption = defaultOption; - } - - /** - * Get the prompt. - * - * <p> - * - * @return the prompt, or null if this <code>ConfirmationCallback</code> - * was instantiated without a <code>prompt</code>. - */ - public String getPrompt() { - return prompt; - } - - /** - * Get the message type. - * - * <p> - * - * @return the message type (<code>INFORMATION</code>, - * <code>WARNING</code> or <code>ERROR</code>). - */ - public int getMessageType() { - return messageType; - } - - /** - * Get the option type. - * - * <p> If this method returns <code>UNSPECIFIED_OPTION</code>, then this - * <code>ConfirmationCallback</code> was instantiated with - * <code>options</code> instead of an <code>optionType</code>. - * In this case, invoke the <code>getOptions</code> method - * to determine which confirmation options to display. - * - * <p> - * - * @return the option type (<code>YES_NO_OPTION</code>, - * <code>YES_NO_CANCEL_OPTION</code> or - * <code>OK_CANCEL_OPTION</code>), or - * <code>UNSPECIFIED_OPTION</code> if this - * <code>ConfirmationCallback</code> was instantiated with - * <code>options</code> instead of an <code>optionType</code>. - */ - public int getOptionType() { - return optionType; - } - - /** - * Get the confirmation options. - * - * <p> - * - * @return the list of confirmation options, or null if this - * <code>ConfirmationCallback</code> was instantiated with - * an <code>optionType</code> instead of <code>options</code>. - */ - public String[] getOptions() { - return options; - } - - /** - * Get the default option. - * - * <p> - * - * @return the default option, represented as - * <code>YES</code>, <code>NO</code>, <code>OK</code> or - * <code>CANCEL</code> if an <code>optionType</code> - * was specified to the constructor of this - * <code>ConfirmationCallback</code>. - * Otherwise, this method returns the default option as - * an index into the - * <code>options</code> array specified to the constructor - * of this <code>ConfirmationCallback</code>. - */ - public int getDefaultOption() { - return defaultOption; - } - - /** - * Set the selected confirmation option. - * - * <p> - * - * @param selection the selection represented as <code>YES</code>, - * <code>NO</code>, <code>OK</code> or <code>CANCEL</code> - * if an <code>optionType</code> was specified to the constructor - * of this <code>ConfirmationCallback</code>. - * Otherwise, the selection represents the index into the - * <code>options</code> array specified to the constructor - * of this <code>ConfirmationCallback</code>. - * - * @see #getSelectedIndex - */ - public void setSelectedIndex(int selection) { - this.selection = selection; - } - - /** - * Get the selected confirmation option. - * - * <p> - * - * @return the selected confirmation option represented as - * <code>YES</code>, <code>NO</code>, <code>OK</code> or - * <code>CANCEL</code> if an <code>optionType</code> - * was specified to the constructor of this - * <code>ConfirmationCallback</code>. - * Otherwise, this method returns the selected confirmation - * option as an index into the - * <code>options</code> array specified to the constructor - * of this <code>ConfirmationCallback</code>. - * - * @see #setSelectedIndex - */ - public int getSelectedIndex() { - return selection; - } -}
--- a/rt/javax/security/auth/callback/LanguageCallback.java Tue Jun 26 14:12:55 2007 -0400 +++ /dev/null Thu Jan 01 00:00:00 1970 +0000 @@ -1,80 +0,0 @@ -/* - * Copyright 1999-2003 Sun Microsystems, Inc. All Rights Reserved. - * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. - * - * This code is free software; you can redistribute it and/or modify it - * under the terms of the GNU General Public License version 2 only, as - * published by the Free Software Foundation. Sun designates this - * particular file as subject to the "Classpath" exception as provided - * by Sun in the LICENSE file that accompanied this code. - * - * This code is distributed in the hope that it will be useful, but WITHOUT - * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or - * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License - * version 2 for more details (a copy is included in the LICENSE file that - * accompanied this code). - * - * You should have received a copy of the GNU General Public License version - * 2 along with this work; if not, write to the Free Software Foundation, - * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. - * - * Please contact Sun Microsystems, Inc., 4150 Network Circle, Santa Clara, - * CA 95054 USA or visit www.sun.com if you need additional information or - * have any questions. - */ - -package javax.security.auth.callback; - -import java.util.Locale; - -/** - * <p> Underlying security services instantiate and pass a - * <code>LanguageCallback</code> to the <code>handle</code> - * method of a <code>CallbackHandler</code> to retrieve the <code>Locale</code> - * used for localizing text. - * - * @version 1.21, 05/05/07 - * @see javax.security.auth.callback.CallbackHandler - */ -public class LanguageCallback implements Callback, java.io.Serializable { - - private static final long serialVersionUID = 2019050433478903213L; - - /** - * @serial - * @since 1.4 - */ - private Locale locale; - - /** - * Construct a <code>LanguageCallback</code>. - */ - public LanguageCallback() { } - - /** - * Set the retrieved <code>Locale</code>. - * - * <p> - * - * @param locale the retrieved <code>Locale</code>. - * - * @see #getLocale - */ - public void setLocale(Locale locale) { - this.locale = locale; - } - - /** - * Get the retrieved <code>Locale</code>. - * - * <p> - * - * @return the retrieved <code>Locale</code>, or null - * if no <code>Locale</code> could be retrieved. - * - * @see #setLocale - */ - public Locale getLocale() { - return locale; - } -}
--- a/rt/javax/security/auth/callback/NameCallback.java Tue Jun 26 14:12:55 2007 -0400 +++ /dev/null Thu Jan 01 00:00:00 1970 +0000 @@ -1,145 +0,0 @@ -/* - * Copyright 1999-2003 Sun Microsystems, Inc. All Rights Reserved. - * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. - * - * This code is free software; you can redistribute it and/or modify it - * under the terms of the GNU General Public License version 2 only, as - * published by the Free Software Foundation. Sun designates this - * particular file as subject to the "Classpath" exception as provided - * by Sun in the LICENSE file that accompanied this code. - * - * This code is distributed in the hope that it will be useful, but WITHOUT - * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or - * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License - * version 2 for more details (a copy is included in the LICENSE file that - * accompanied this code). - * - * You should have received a copy of the GNU General Public License version - * 2 along with this work; if not, write to the Free Software Foundation, - * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. - * - * Please contact Sun Microsystems, Inc., 4150 Network Circle, Santa Clara, - * CA 95054 USA or visit www.sun.com if you need additional information or - * have any questions. - */ - -package javax.security.auth.callback; - -/** - * <p> Underlying security services instantiate and pass a - * <code>NameCallback</code> to the <code>handle</code> - * method of a <code>CallbackHandler</code> to retrieve name information. - * - * @version 1.21, 05/05/07 - * @see javax.security.auth.callback.CallbackHandler - */ -public class NameCallback implements Callback, java.io.Serializable { - - private static final long serialVersionUID = 3770938795909392253L; - - /** - * @serial - * @since 1.4 - */ - private String prompt; - /** - * @serial - * @since 1.4 - */ - private String defaultName; - /** - * @serial - * @since 1.4 - */ - private String inputName; - - /** - * Construct a <code>NameCallback</code> with a prompt. - * - * <p> - * - * @param prompt the prompt used to request the name. - * - * @exception IllegalArgumentException if <code>prompt</code> is null - * or if <code>prompt</code> has a length of 0. - */ - public NameCallback(String prompt) { - if (prompt == null || prompt.length() == 0) - throw new IllegalArgumentException(); - this.prompt = prompt; - } - - /** - * Construct a <code>NameCallback</code> with a prompt - * and default name. - * - * <p> - * - * @param prompt the prompt used to request the information. <p> - * - * @param defaultName the name to be used as the default name displayed - * with the prompt. - * - * @exception IllegalArgumentException if <code>prompt</code> is null, - * if <code>prompt</code> has a length of 0, - * if <code>defaultName</code> is null, - * or if <code>defaultName</code> has a length of 0. - */ - public NameCallback(String prompt, String defaultName) { - if (prompt == null || prompt.length() == 0 || - defaultName == null || defaultName.length() == 0) - throw new IllegalArgumentException(); - - this.prompt = prompt; - this.defaultName = defaultName; - } - - /** - * Get the prompt. - * - * <p> - * - * @return the prompt. - */ - public String getPrompt() { - return prompt; - } - - /** - * Get the default name. - * - * <p> - * - * @return the default name, or null if this <code>NameCallback</code> - * was not instantiated with a <code>defaultName</code>. - */ - public String getDefaultName() { - return defaultName; - } - - /** - * Set the retrieved name. - * - * <p> - * - * @param name the retrieved name (which may be null). - * - * @see #getName - */ - public void setName(String name) { - this.inputName = name; - } - - /** - * Get the retrieved name. - * - * <p> - * - * @return the retrieved name (which may be null) - * - * @see #setName - */ - public String getName() { - return inputName; - } -}
--- a/rt/javax/security/auth/callback/TextInputCallback.java Tue Jun 26 14:12:55 2007 -0400 +++ /dev/null Thu Jan 01 00:00:00 1970 +0000 @@ -1,146 +0,0 @@ -/* - * Copyright 1999-2003 Sun Microsystems, Inc. All Rights Reserved. - * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. - * - * This code is free software; you can redistribute it and/or modify it - * under the terms of the GNU General Public License version 2 only, as - * published by the Free Software Foundation. Sun designates this - * particular file as subject to the "Classpath" exception as provided - * by Sun in the LICENSE file that accompanied this code. - * - * This code is distributed in the hope that it will be useful, but WITHOUT - * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or - * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License - * version 2 for more details (a copy is included in the LICENSE file that - * accompanied this code). - * - * You should have received a copy of the GNU General Public License version - * 2 along with this work; if not, write to the Free Software Foundation, - * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. - * - * Please contact Sun Microsystems, Inc., 4150 Network Circle, Santa Clara, - * CA 95054 USA or visit www.sun.com if you need additional information or - * have any questions. - */ - -package javax.security.auth.callback; - -/** - * <p> Underlying security services instantiate and pass a - * <code>TextInputCallback</code> to the <code>handle</code> - * method of a <code>CallbackHandler</code> to retrieve generic text - * information. - * - * @version 1.21, 05/05/07 - * @see javax.security.auth.callback.CallbackHandler - */ -public class TextInputCallback implements Callback, java.io.Serializable { - - private static final long serialVersionUID = -8064222478852811804L; - - /** - * @serial - * @since 1.4 - */ - private String prompt; - /** - * @serial - * @since 1.4 - */ - private String defaultText; - /** - * @serial - * @since 1.4 - */ - private String inputText; - - /** - * Construct a <code>TextInputCallback</code> with a prompt. - * - * <p> - * - * @param prompt the prompt used to request the information. - * - * @exception IllegalArgumentException if <code>prompt</code> is null - * or if <code>prompt</code> has a length of 0. - */ - public TextInputCallback(String prompt) { - if (prompt == null || prompt.length() == 0) - throw new IllegalArgumentException(); - this.prompt = prompt; - } - - /** - * Construct a <code>TextInputCallback</code> with a prompt - * and default input value. - * - * <p> - * - * @param prompt the prompt used to request the information. <p> - * - * @param defaultText the text to be used as the default text displayed - * with the prompt. - * - * @exception IllegalArgumentException if <code>prompt</code> is null, - * if <code>prompt</code> has a length of 0, - * if <code>defaultText</code> is null - * or if <code>defaultText</code> has a length of 0. - */ - public TextInputCallback(String prompt, String defaultText) { - if (prompt == null || prompt.length() == 0 || - defaultText == null || defaultText.length() == 0) - throw new IllegalArgumentException(); - - this.prompt = prompt; - this.defaultText = defaultText; - } - - /** - * Get the prompt. - * - * <p> - * - * @return the prompt. - */ - public String getPrompt() { - return prompt; - } - - /** - * Get the default text. - * - * <p> - * - * @return the default text, or null if this <code>TextInputCallback</code> - * was not instantiated with <code>defaultText</code>. - */ - public String getDefaultText() { - return defaultText; - } - - /** - * Set the retrieved text. - * - * <p> - * - * @param text the retrieved text, which may be null. - * - * @see #getText - */ - public void setText(String text) { - this.inputText = text; - } - - /** - * Get the retrieved text. - * - * <p> - * - * @return the retrieved text, which may be null. - * - * @see #setText - */ - public String getText() { - return inputText; - } -}
--- a/rt/javax/security/auth/callback/TextOutputCallback.java Tue Jun 26 14:12:55 2007 -0400 +++ /dev/null Thu Jan 01 00:00:00 1970 +0000 @@ -1,108 +0,0 @@ -/* - * Copyright 1999-2003 Sun Microsystems, Inc. All Rights Reserved. - * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. - * - * This code is free software; you can redistribute it and/or modify it - * under the terms of the GNU General Public License version 2 only, as - * published by the Free Software Foundation. Sun designates this - * particular file as subject to the "Classpath" exception as provided - * by Sun in the LICENSE file that accompanied this code. - * - * This code is distributed in the hope that it will be useful, but WITHOUT - * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or - * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License - * version 2 for more details (a copy is included in the LICENSE file that - * accompanied this code). - * - * You should have received a copy of the GNU General Public License version - * 2 along with this work; if not, write to the Free Software Foundation, - * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. - * - * Please contact Sun Microsystems, Inc., 4150 Network Circle, Santa Clara, - * CA 95054 USA or visit www.sun.com if you need additional information or - * have any questions. - */ - -package javax.security.auth.callback; - -/** - * <p> Underlying security services instantiate and pass a - * <code>TextOutputCallback</code> to the <code>handle</code> - * method of a <code>CallbackHandler</code> to display information messages, - * warning messages and error messages. - * - * @version 1.22, 05/05/07 - * @see javax.security.auth.callback.CallbackHandler - */ -public class TextOutputCallback implements Callback, java.io.Serializable { - - private static final long serialVersionUID = 1689502495511663102L; - - /** Information message. */ - public static final int INFORMATION = 0; - /** Warning message. */ - public static final int WARNING = 1; - /** Error message. */ - public static final int ERROR = 2; - - /** - * @serial - * @since 1.4 - */ - private int messageType; - /** - * @serial - * @since 1.4 - */ - private String message; - - /** - * Construct a TextOutputCallback with a message type and message - * to be displayed. - * - * <p> - * - * @param messageType the message type (<code>INFORMATION</code>, - * <code>WARNING</code> or <code>ERROR</code>). <p> - * - * @param message the message to be displayed. <p> - * - * @exception IllegalArgumentException if <code>messageType</code> - * is not either <code>INFORMATION</code>, - * <code>WARNING</code> or <code>ERROR</code>, - * if <code>message</code> is null, - * or if <code>message</code> has a length of 0. - */ - public TextOutputCallback(int messageType, String message) { - if ((messageType != INFORMATION && - messageType != WARNING && messageType != ERROR) || - message == null || message.length() == 0) - throw new IllegalArgumentException(); - - this.messageType = messageType; - this.message = message; - } - - /** - * Get the message type. - * - * <p> - * - * @return the message type (<code>INFORMATION</code>, - * <code>WARNING</code> or <code>ERROR</code>). - */ - public int getMessageType() { - return messageType; - } - - /** - * Get the message to be displayed. - * - * <p> - * - * @return the message to be displayed. - */ - public String getMessage() { - return message; - } -}
--- a/rt/javax/security/sasl/AuthenticationException.java Tue Jun 26 14:12:55 2007 -0400 +++ /dev/null Thu Jan 01 00:00:00 1970 +0000 @@ -1,83 +0,0 @@ -/* - * Copyright 2003 Sun Microsystems, Inc. All Rights Reserved. - * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. - * - * This code is free software; you can redistribute it and/or modify it - * under the terms of the GNU General Public License version 2 only, as - * published by the Free Software Foundation. Sun designates this - * particular file as subject to the "Classpath" exception as provided - * by Sun in the LICENSE file that accompanied this code. - * - * This code is distributed in the hope that it will be useful, but WITHOUT - * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or - * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License - * version 2 for more details (a copy is included in the LICENSE file that - * accompanied this code). - * - * You should have received a copy of the GNU General Public License version - * 2 along with this work; if not, write to the Free Software Foundation, - * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. - * - * Please contact Sun Microsystems, Inc., 4150 Network Circle, Santa Clara, - * CA 95054 USA or visit www.sun.com if you need additional information or - * have any questions. - */ - -package javax.security.sasl; - -/** - * This exception is thrown by a SASL mechanism implementation - * to indicate that the SASL - * exchange has failed due to reasons related to authentication, such as - * an invalid identity, passphrase, or key. - * <p> - * Note that the lack of an AuthenticationException does not mean that - * the failure was not due to an authentication error. A SASL mechanism - * implementation might throw the more general SaslException instead of - * AuthenticationException if it is unable to determine the nature - * of the failure, or if does not want to disclose the nature of - * the failure, for example, due to security reasons. - * - * @since 1.5 - * - * @author Rosanna Lee - * @author Rob Weltman - */ -public class AuthenticationException extends SaslException { - /** - * Constructs a new instance of <tt>AuthenticationException</tt>. - * The root exception and the detailed message are null. - */ - public AuthenticationException () { - super(); - } - - /** - * Constructs a new instance of <tt>AuthenticationException</tt> - * with a detailed message. - * The root exception is null. - * @param detail A possibly null string containing details of the exception. - * - * @see java.lang.Throwable#getMessage - */ - public AuthenticationException (String detail) { - super(detail); - } - - /** - * Constructs a new instance of <tt>AuthenticationException</tt> with a detailed message - * and a root exception. - * - * @param detail A possibly null string containing details of the exception. - * @param ex A possibly null root exception that caused this exception. - * - * @see java.lang.Throwable#getMessage - * @see #getCause - */ - public AuthenticationException (String detail, Throwable ex) { - super(detail, ex); - } - - /** Use serialVersionUID from JSR 28 RI for interoperability */ - private static final long serialVersionUID = -3579708765071815007L; -}
--- a/rt/javax/security/sasl/Sasl.java Tue Jun 26 14:12:55 2007 -0400 +++ /dev/null Thu Jan 01 00:00:00 1970 +0000 @@ -1,606 +0,0 @@ -/* - * Copyright 1999-2006 Sun Microsystems, Inc. All Rights Reserved. - * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. - * - * This code is free software; you can redistribute it and/or modify it - * under the terms of the GNU General Public License version 2 only, as - * published by the Free Software Foundation. Sun designates this - * particular file as subject to the "Classpath" exception as provided - * by Sun in the LICENSE file that accompanied this code. - * - * This code is distributed in the hope that it will be useful, but WITHOUT - * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or - * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License - * version 2 for more details (a copy is included in the LICENSE file that - * accompanied this code). - * - * You should have received a copy of the GNU General Public License version - * 2 along with this work; if not, write to the Free Software Foundation, - * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. - * - * Please contact Sun Microsystems, Inc., 4150 Network Circle, Santa Clara, - * CA 95054 USA or visit www.sun.com if you need additional information or - * have any questions. - */ - -package javax.security.sasl; - -import javax.security.auth.callback.CallbackHandler; - -import java.util.Enumeration; -import java.util.Iterator; -import java.util.Map; -import java.util.Set; -import java.util.HashSet; -import java.util.Collections; -import java.security.Provider; -import java.security.Security; - -/** - * A static class for creating SASL clients and servers. - *<p> - * This class defines the policy of how to locate, load, and instantiate - * SASL clients and servers. - *<p> - * For example, an application or library gets a SASL client by doing - * something like: - *<blockquote><pre> - * SaslClient sc = Sasl.createSaslClient(mechanisms, - * authorizationId, protocol, serverName, props, callbackHandler); - *</pre></blockquote> - * It can then proceed to use the instance to create an authentication connection. - *<p> - * Similarly, a server gets a SASL server by using code that looks as follows: - *<blockquote><pre> - * SaslServer ss = Sasl.createSaslServer(mechanism, - * protocol, serverName, props, callbackHandler); - *</pre></blockquote> - * - * @since 1.5 - * - * @author Rosanna Lee - * @author Rob Weltman - */ -public class Sasl { - // Cannot create one of these - private Sasl() { - } - - /** - * The name of a property that specifies the quality-of-protection to use. - * The property contains a comma-separated, ordered list - * of quality-of-protection values that the - * client or server is willing to support. A qop value is one of - * <ul> - * <li><tt>"auth"</tt> - authentication only</li> - * <li><tt>"auth-int"</tt> - authentication plus integrity protection</li> - * <li><tt>"auth-conf"</tt> - authentication plus integrity and confidentiality - * protection</li> - * </ul> - * - * The order of the list specifies the preference order of the client or - * server. If this property is absent, the default qop is <tt>"auth"</tt>. - * The value of this constant is <tt>"javax.security.sasl.qop"</tt>. - */ - public static final String QOP = "javax.security.sasl.qop"; - - /** - * The name of a property that specifies the cipher strength to use. - * The property contains a comma-separated, ordered list - * of cipher strength values that - * the client or server is willing to support. A strength value is one of - * <ul> - * <li><tt>"low"</tt></li> - * <li><tt>"medium"</tt></li> - * <li><tt>"high"</tt></li> - * </ul> - * The order of the list specifies the preference order of the client or - * server. An implementation should allow configuration of the meaning - * of these values. An application may use the Java Cryptography - * Extension (JCE) with JCE-aware mechanisms to control the selection of - * cipher suites that match the strength values. - * <BR> - * If this property is absent, the default strength is - * <tt>"high,medium,low"</tt>. - * The value of this constant is <tt>"javax.security.sasl.strength"</tt>. - */ - public static final String STRENGTH = "javax.security.sasl.strength"; - - /** - * The name of a property that specifies whether the - * server must authenticate to the client. The property contains - * <tt>"true"</tt> if the server must - * authenticate the to client; <tt>"false"</tt> otherwise. - * The default is <tt>"false"</tt>. - * <br>The value of this constant is - * <tt>"javax.security.sasl.server.authentication"</tt>. - */ - public static final String SERVER_AUTH = - "javax.security.sasl.server.authentication"; - - /** - * The name of a property that specifies the maximum size of the receive - * buffer in bytes of <tt>SaslClient</tt>/<tt>SaslServer</tt>. - * The property contains the string representation of an integer. - * <br>If this property is absent, the default size - * is defined by the mechanism. - * <br>The value of this constant is <tt>"javax.security.sasl.maxbuffer"</tt>. - */ - public static final String MAX_BUFFER = "javax.security.sasl.maxbuffer"; - - /** - * The name of a property that specifies the maximum size of the raw send - * buffer in bytes of <tt>SaslClient</tt>/<tt>SaslServer</tt>. - * The property contains the string representation of an integer. - * The value of this property is negotiated between the client and server - * during the authentication exchange. - * <br>The value of this constant is <tt>"javax.security.sasl.rawsendsize"</tt>. - */ - public static final String RAW_SEND_SIZE = "javax.security.sasl.rawsendsize"; - - /** - * The name of a property that specifies whether to reuse previously - * authenticated session information. The property contains "true" if the - * mechanism implementation may attempt to reuse previously authenticated - * session information; it contains "false" if the implementation must - * not reuse previously authenticated session information. A setting of - * "true" serves only as a hint: it does not necessarily entail actual - * reuse because reuse might not be possible due to a number of reasons, - * including, but not limited to, lack of mechanism support for reuse, - * expiration of reusable information, and the peer's refusal to support - * reuse. - * - * The property's default value is "false". The value of this constant - * is "javax.security.sasl.reuse". - * - * Note that all other parameters and properties required to create a - * SASL client/server instance must be provided regardless of whether - * this property has been supplied. That is, you cannot supply any less - * information in anticipation of reuse. - * - * Mechanism implementations that support reuse might allow customization - * of its implementation, for factors such as cache size, timeouts, and - * criteria for reuseability. Such customizations are - * implementation-dependent. - */ - public static final String REUSE = "javax.security.sasl.reuse"; - - /** - * The name of a property that specifies - * whether mechanisms susceptible to simple plain passive attacks (e.g., - * "PLAIN") are not permitted. The property - * contains <tt>"true"</tt> if such mechanisms are not permitted; - * <tt>"false"</tt> if such mechanisms are permitted. - * The default is <tt>"false"</tt>. - * <br>The value of this constant is - * <tt>"javax.security.sasl.policy.noplaintext"</tt>. - */ - public static final String POLICY_NOPLAINTEXT = - "javax.security.sasl.policy.noplaintext"; - - /** - * The name of a property that specifies whether - * mechanisms susceptible to active (non-dictionary) attacks - * are not permitted. - * The property contains <tt>"true"</tt> - * if mechanisms susceptible to active attacks - * are not permitted; <tt>"false"</tt> if such mechanisms are permitted. - * The default is <tt>"false"</tt>. - * <br>The value of this constant is - * <tt>"javax.security.sasl.policy.noactive"</tt>. - */ - public static final String POLICY_NOACTIVE = - "javax.security.sasl.policy.noactive"; - - /** - * The name of a property that specifies whether - * mechanisms susceptible to passive dictionary attacks are not permitted. - * The property contains <tt>"true"</tt> - * if mechanisms susceptible to dictionary attacks are not permitted; - * <tt>"false"</tt> if such mechanisms are permitted. - * The default is <tt>"false"</tt>. - *<br> - * The value of this constant is - * <tt>"javax.security.sasl.policy.nodictionary"</tt>. - */ - public static final String POLICY_NODICTIONARY = - "javax.security.sasl.policy.nodictionary"; - - /** - * The name of a property that specifies whether mechanisms that accept - * anonymous login are not permitted. The property contains <tt>"true"</tt> - * if mechanisms that accept anonymous login are not permitted; - * <tt>"false"</tt> - * if such mechanisms are permitted. The default is <tt>"false"</tt>. - *<br> - * The value of this constant is - * <tt>"javax.security.sasl.policy.noanonymous"</tt>. - */ - public static final String POLICY_NOANONYMOUS = - "javax.security.sasl.policy.noanonymous"; - - /** - * The name of a property that specifies whether mechanisms that implement - * forward secrecy between sessions are required. Forward secrecy - * means that breaking into one session will not automatically - * provide information for breaking into future sessions. - * The property - * contains <tt>"true"</tt> if mechanisms that implement forward secrecy - * between sessions are required; <tt>"false"</tt> if such mechanisms - * are not required. The default is <tt>"false"</tt>. - *<br> - * The value of this constant is - * <tt>"javax.security.sasl.policy.forward"</tt>. - */ - public static final String POLICY_FORWARD_SECRECY = - "javax.security.sasl.policy.forward"; - - /** - * The name of a property that specifies whether - * mechanisms that pass client credentials are required. The property - * contains <tt>"true"</tt> if mechanisms that pass - * client credentials are required; <tt>"false"</tt> - * if such mechanisms are not required. The default is <tt>"false"</tt>. - *<br> - * The value of this constant is - * <tt>"javax.security.sasl.policy.credentials"</tt>. - */ - public static final String POLICY_PASS_CREDENTIALS = - "javax.security.sasl.policy.credentials"; - - /** - * The name of a property that specifies the credentials to use. - * The property contains a mechanism-specific Java credential object. - * Mechanism implementations may examine the value of this property - * to determine whether it is a class that they support. - * The property may be used to supply credentials to a mechanism that - * supports delegated authentication. - *<br> - * The value of this constant is - * <tt>"javax.security.sasl.credentials"</tt>. - */ - public static final String CREDENTIALS = "javax.security.sasl.credentials"; - - /** - * Creates a <tt>SaslClient</tt> using the parameters supplied. - * - * This method uses the -<a href="{@docRoot}/../technotes/guides/security/crypto/CryptoSpec.html#Provider">JCA Security Provider Framework</a>, described in the - * "Java Cryptography Architecture API Specification & Reference", for - * locating and selecting a <tt>SaslClient</tt> implementation. - * - * First, it - * obtains an ordered list of <tt>SaslClientFactory</tt> instances from - * the registered security providers for the "SaslClientFactory" service - * and the specified SASL mechanism(s). It then invokes - * <tt>createSaslClient()</tt> on each factory instance on the list - * until one produces a non-null <tt>SaslClient</tt> instance. It returns - * the non-null <tt>SaslClient</tt> instance, or null if the search fails - * to produce a non-null <tt>SaslClient</tt> instance. - *<p> - * A security provider for SaslClientFactory registers with the - * JCA Security Provider Framework keys of the form <br> - * <tt>SaslClientFactory.<em>mechanism_name</em></tt> - * <br> - * and values that are class names of implementations of - * <tt>javax.security.sasl.SaslClientFactory</tt>. - * - * For example, a provider that contains a factory class, - * <tt>com.wiz.sasl.digest.ClientFactory</tt>, that supports the - * "DIGEST-MD5" mechanism would register the following entry with the JCA: - * <tt>SaslClientFactory.DIGEST-MD5 com.wiz.sasl.digest.ClientFactory</tt> - *<p> - * See the - * "Java Cryptography Architecture API Specification & Reference" - * for information about how to install and configure security service - * providers. - * - * @param mechanisms The non-null list of mechanism names to try. Each is the - * IANA-registered name of a SASL mechanism. (e.g. "GSSAPI", "CRAM-MD5"). - * @param authorizationId The possibly null protocol-dependent - * identification to be used for authorization. - * If null or empty, the server derives an authorization - * ID from the client's authentication credentials. - * When the SASL authentication completes successfully, - * the specified entity is granted access. - * - * @param protocol The non-null string name of the protocol for which - * the authentication is being performed (e.g., "ldap"). - * - * @param serverName The non-null fully-qualified host name of the server - * to authenticate to. - * - * @param props The possibly null set of properties used to - * select the SASL mechanism and to configure the authentication - * exchange of the selected mechanism. - * For example, if <tt>props</tt> contains the - * <code>Sasl.POLICY_NOPLAINTEXT</code> property with the value - * <tt>"true"</tt>, then the selected - * SASL mechanism must not be susceptible to simple plain passive attacks. - * In addition to the standard properties declared in this class, - * other, possibly mechanism-specific, properties can be included. - * Properties not relevant to the selected mechanism are ignored, - * including any map entries with non-String keys. - * - * @param cbh The possibly null callback handler to used by the SASL - * mechanisms to get further information from the application/library - * to complete the authentication. For example, a SASL mechanism might - * require the authentication ID, password and realm from the caller. - * The authentication ID is requested by using a <tt>NameCallback</tt>. - * The password is requested by using a <tt>PasswordCallback</tt>. - * The realm is requested by using a <tt>RealmChoiceCallback</tt> if there is a list - * of realms to choose from, and by using a <tt>RealmCallback</tt> if - * the realm must be entered. - * - *@return A possibly null <tt>SaslClient</tt> created using the parameters - * supplied. If null, cannot find a <tt>SaslClientFactory</tt> - * that will produce one. - *@exception SaslException If cannot create a <tt>SaslClient</tt> because - * of an error. - */ - public static SaslClient createSaslClient( - String[] mechanisms, - String authorizationId, - String protocol, - String serverName, - Map<String,?> props, - CallbackHandler cbh) throws SaslException { - - SaslClient mech = null; - SaslClientFactory fac; - String className; - String mechName; - - for (int i = 0; i < mechanisms.length; i++) { - if ((mechName=mechanisms[i]) == null) { - throw new NullPointerException( - "Mechanism name cannot be null"); - } else if (mechName.length() == 0) { - continue; - } - String mechFilter = "SaslClientFactory." + mechName; - Provider[] provs = Security.getProviders(mechFilter); - for (int j = 0; provs != null && j < provs.length; j++) { - className = provs[j].getProperty(mechFilter); - if (className == null) { - // Case is ignored - continue; - } - - fac = (SaslClientFactory) loadFactory(provs[j], className); - if (fac != null) { - mech = fac.createSaslClient( - new String[]{mechanisms[i]}, authorizationId, - protocol, serverName, props, cbh); - if (mech != null) { - return mech; - } - } - } - } - - return null; - } - - private static Object loadFactory(Provider p, String className) - throws SaslException { - try { - /* - * Load the implementation class with the same class loader - * that was used to load the provider. - * In order to get the class loader of a class, the - * caller's class loader must be the same as or an ancestor of - * the class loader being returned. Otherwise, the caller must - * have "getClassLoader" permission, or a SecurityException - * will be thrown. - */ - ClassLoader cl = p.getClass().getClassLoader(); - Class implClass; - implClass = Class.forName(className, true, cl); - return implClass.newInstance(); - } catch (ClassNotFoundException e) { - throw new SaslException("Cannot load class " + className, e); - } catch (InstantiationException e) { - throw new SaslException("Cannot instantiate class " + className, e); - } catch (IllegalAccessException e) { - throw new SaslException("Cannot access class " + className, e); - } catch (SecurityException e) { - throw new SaslException("Cannot access class " + className, e); - } - } - - - /** - * Creates a <tt>SaslServer</tt> for the specified mechanism. - * - * This method uses the -<a href="{@docRoot}/../technotes/guides/security/crypto/CryptoSpec.html#Provider">JCA Security Provider Framework</a>, - * described in the - * "Java Cryptography Architecture API Specification & Reference", for - * locating and selecting a <tt>SaslServer</tt> implementation. - * - * First, it - * obtains an ordered list of <tt>SaslServerFactory</tt> instances from - * the registered security providers for the "SaslServerFactory" service - * and the specified mechanism. It then invokes - * <tt>createSaslServer()</tt> on each factory instance on the list - * until one produces a non-null <tt>SaslServer</tt> instance. It returns - * the non-null <tt>SaslServer</tt> instance, or null if the search fails - * to produce a non-null <tt>SaslServer</tt> instance. - *<p> - * A security provider for SaslServerFactory registers with the - * JCA Security Provider Framework keys of the form <br> - * <tt>SaslServerFactory.<em>mechanism_name</em></tt> - * <br> - * and values that are class names of implementations of - * <tt>javax.security.sasl.SaslServerFactory</tt>. - * - * For example, a provider that contains a factory class, - * <tt>com.wiz.sasl.digest.ServerFactory</tt>, that supports the - * "DIGEST-MD5" mechanism would register the following entry with the JCA: - * <tt>SaslServerFactory.DIGEST-MD5 com.wiz.sasl.digest.ServerFactory</tt> - *<p> - * See the - * "Java Cryptography Architecture API Specification & Reference" - * for information about how to install and configure security - * service providers. - * - * @param mechanism The non-null mechanism name. It must be an - * IANA-registered name of a SASL mechanism. (e.g. "GSSAPI", "CRAM-MD5"). - * @param protocol The non-null string name of the protocol for which - * the authentication is being performed (e.g., "ldap"). - * @param serverName The non-null fully qualified host name of the server. - * @param props The possibly null set of properties used to - * select the SASL mechanism and to configure the authentication - * exchange of the selected mechanism. - * For example, if <tt>props</tt> contains the - * <code>Sasl.POLICY_NOPLAINTEXT</code> property with the value - * <tt>"true"</tt>, then the selected - * SASL mechanism must not be susceptible to simple plain passive attacks. - * In addition to the standard properties declared in this class, - * other, possibly mechanism-specific, properties can be included. - * Properties not relevant to the selected mechanism are ignored, - * including any map entries with non-String keys. - * - * @param cbh The possibly null callback handler to used by the SASL - * mechanisms to get further information from the application/library - * to complete the authentication. For example, a SASL mechanism might - * require the authentication ID, password and realm from the caller. - * The authentication ID is requested by using a <tt>NameCallback</tt>. - * The password is requested by using a <tt>PasswordCallback</tt>. - * The realm is requested by using a <tt>RealmChoiceCallback</tt> if there is a list - * of realms to choose from, and by using a <tt>RealmCallback</tt> if - * the realm must be entered. - * - *@return A possibly null <tt>SaslServer</tt> created using the parameters - * supplied. If null, cannot find a <tt>SaslServerFactory</tt> - * that will produce one. - *@exception SaslException If cannot create a <tt>SaslServer</tt> because - * of an error. - **/ - public static SaslServer - createSaslServer(String mechanism, - String protocol, - String serverName, - Map<String,?> props, - javax.security.auth.callback.CallbackHandler cbh) - throws SaslException { - - SaslServer mech = null; - SaslServerFactory fac; - String className; - - if (mechanism == null) { - throw new NullPointerException("Mechanism name cannot be null"); - } else if (mechanism.length() == 0) { - return null; - } - - String mechFilter = "SaslServerFactory." + mechanism; - Provider[] provs = Security.getProviders(mechFilter); - for (int j = 0; provs != null && j < provs.length; j++) { - className = provs[j].getProperty(mechFilter); - if (className == null) { - throw new SaslException("Provider does not support " + - mechFilter); - } - fac = (SaslServerFactory) loadFactory(provs[j], className); - if (fac != null) { - mech = fac.createSaslServer( - mechanism, protocol, serverName, props, cbh); - if (mech != null) { - return mech; - } - } - } - - return null; - } - - /** - * Gets an enumeration of known factories for producing <tt>SaslClient</tt>. - * This method uses the same algorithm for locating factories as - * <tt>createSaslClient()</tt>. - * @return A non-null enumeration of known factories for producing - * <tt>SaslClient</tt>. - * @see #createSaslClient - */ - public static Enumeration<SaslClientFactory> getSaslClientFactories() { - Set<Object> facs = getFactories("SaslClientFactory"); - final Iterator<Object> iter = facs.iterator(); - return new Enumeration<SaslClientFactory>() { - public boolean hasMoreElements() { - return iter.hasNext(); - } - public SaslClientFactory nextElement() { - return (SaslClientFactory)iter.next(); - } - }; - } - - /** - * Gets an enumeration of known factories for producing <tt>SaslServer</tt>. - * This method uses the same algorithm for locating factories as - * <tt>createSaslServer()</tt>. - * @return A non-null enumeration of known factories for producing - * <tt>SaslServer</tt>. - * @see #createSaslServer - */ - public static Enumeration<SaslServerFactory> getSaslServerFactories() { - Set<Object> facs = getFactories("SaslServerFactory"); - final Iterator<Object> iter = facs.iterator(); - return new Enumeration<SaslServerFactory>() { - public boolean hasMoreElements() { - return iter.hasNext(); - } - public SaslServerFactory nextElement() { - return (SaslServerFactory)iter.next(); - } - }; - } - - private static Set<Object> getFactories(String serviceName) { - HashSet<Object> result = new HashSet<Object>(); - - if ((serviceName == null) || (serviceName.length() == 0) || - (serviceName.endsWith("."))) { - return result; - } - - - Provider[] providers = Security.getProviders(); - HashSet<String> classes = new HashSet<String>(); - Object fac; - - for (int i = 0; i < providers.length; i++) { - classes.clear(); - - // Check the keys for each provider. - for (Enumeration e = providers[i].keys(); e.hasMoreElements(); ) { - String currentKey = (String)e.nextElement(); - if (currentKey.startsWith(serviceName)) { - // We should skip the currentKey if it contains a - // whitespace. The reason is: such an entry in the - // provider property contains attributes for the - // implementation of an algorithm. We are only interested - // in entries which lead to the implementation - // classes. - if (currentKey.indexOf(" ") < 0) { - String className = providers[i].getProperty(currentKey); - if (!classes.contains(className)) { - classes.add(className); - try { - fac = loadFactory(providers[i], className); - if (fac != null) { - result.add(fac); - } - }catch (Exception ignore) { - } - } - } - } - } - } - return Collections.unmodifiableSet(result); - } -}
--- a/rt/javax/security/sasl/SaslClient.java Tue Jun 26 14:12:55 2007 -0400 +++ /dev/null Thu Jan 01 00:00:00 1970 +0000 @@ -1,225 +0,0 @@ -/* - * Copyright 1999-2003 Sun Microsystems, Inc. All Rights Reserved. - * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. - * - * This code is free software; you can redistribute it and/or modify it - * under the terms of the GNU General Public License version 2 only, as - * published by the Free Software Foundation. Sun designates this - * particular file as subject to the "Classpath" exception as provided - * by Sun in the LICENSE file that accompanied this code. - * - * This code is distributed in the hope that it will be useful, but WITHOUT - * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or - * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License - * version 2 for more details (a copy is included in the LICENSE file that - * accompanied this code). - * - * You should have received a copy of the GNU General Public License version - * 2 along with this work; if not, write to the Free Software Foundation, - * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. - * - * Please contact Sun Microsystems, Inc., 4150 Network Circle, Santa Clara, - * CA 95054 USA or visit www.sun.com if you need additional information or - * have any questions. - */ - -package javax.security.sasl; - -/** - * Performs SASL authentication as a client. - *<p> - * A protocol library such as one for LDAP gets an instance of this - * class in order to perform authentication defined by a specific SASL - * mechanism. Invoking methods on the <tt>SaslClient</tt> instance - * process challenges and create responses according to the SASL - * mechanism implemented by the <tt>SaslClient</tt>. - * As the authentication proceeds, the instance - * encapsulates the state of a SASL client's authentication exchange. - *<p> - * Here's an example of how an LDAP library might use a <tt>SaslClient</tt>. - * It first gets an instance of a <tt>SaslClient</tt>: - *<blockquote><pre> - * SaslClient sc = Sasl.createSaslClient(mechanisms, - * authorizationId, protocol, serverName, props, callbackHandler); - *</pre></blockquote> - * It can then proceed to use the client for authentication. - * For example, an LDAP library might use the client as follows: - *<blockquote><pre> - * // Get initial response and send to server - * byte[] response = (sc.hasInitialResponse() ? sc.evaluateChallenge(new byte[0]) : - * null); - * LdapResult res = ldap.sendBindRequest(dn, sc.getName(), response); - * while (!sc.isComplete() && - * (res.status == SASL_BIND_IN_PROGRESS || res.status == SUCCESS)) { - * response = sc.evaluateChallenge(res.getBytes()); - * if (res.status == SUCCESS) { - * // we're done; don't expect to send another BIND - * if (response != null) { - * throw new SaslException( - * "Protocol error: attempting to send response after completion"); - * } - * break; - * } - * res = ldap.sendBindRequest(dn, sc.getName(), response); - * } - * if (sc.isComplete() && res.status == SUCCESS) { - * String qop = (String) sc.getNegotiatedProperty(Sasl.QOP); - * if (qop != null - * && (qop.equalsIgnoreCase("auth-int") - * || qop.equalsIgnoreCase("auth-conf"))) { - * - * // Use SaslClient.wrap() and SaslClient.unwrap() for future - * // communication with server - * ldap.in = new SecureInputStream(sc, ldap.in); - * ldap.out = new SecureOutputStream(sc, ldap.out); - * } - * } - *</pre></blockquote> - * - * If the mechanism has an initial response, the library invokes - * <tt>evaluateChallenge()</tt> with an empty - * challenge and to get initial response. - * Protocols such as IMAP4, which do not include an initial response with - * their first authentication command to the server, initiates the - * authentication without first calling <tt>hasInitialResponse()</tt> - * or <tt>evaluateChallenge()</tt>. - * When the server responds to the command, it sends an initial challenge. - * For a SASL mechanism in which the client sends data first, the server should - * have issued a challenge with no data. This will then result in a call - * (on the client) to <tt>evaluateChallenge()</tt> with an empty challenge. - * - * @since 1.5 - * - * @see Sasl - * @see SaslClientFactory - * - * @author Rosanna Lee - * @author Rob Weltman - */ -public abstract interface SaslClient { - - /** - * Returns the IANA-registered mechanism name of this SASL client. - * (e.g. "CRAM-MD5", "GSSAPI"). - * @return A non-null string representing the IANA-registered mechanism name. - */ - public abstract String getMechanismName(); - - /** - * Determines whether this mechanism has an optional initial response. - * If true, caller should call <tt>evaluateChallenge()</tt> with an - * empty array to get the initial response. - * - * @return true if this mechanism has an initial response. - */ - public abstract boolean hasInitialResponse(); - - /** - * Evaluates the challenge data and generates a response. - * If a challenge is received from the server during the authentication - * process, this method is called to prepare an appropriate next - * response to submit to the server. - * - * @param challenge The non-null challenge sent from the server. - * The challenge array may have zero length. - * - * @return The possibly null reponse to send to the server. - * It is null if the challenge accompanied a "SUCCESS" status and the challenge - * only contains data for the client to update its state and no response - * needs to be sent to the server. The response is a zero-length byte - * array if the client is to send a response with no data. - * @exception SaslException If an error occurred while processing - * the challenge or generating a response. - */ - public abstract byte[] evaluateChallenge(byte[] challenge) - throws SaslException; - - /** - * Determines whether the authentication exchange has completed. - * This method may be called at any time, but typically, it - * will not be called until the caller has received indication - * from the server - * (in a protocol-specific manner) that the exchange has completed. - * - * @return true if the authentication exchange has completed; false otherwise. - */ - public abstract boolean isComplete(); - - /** - * Unwraps a byte array received from the server. - * This method can be called only after the authentication exchange has - * completed (i.e., when <tt>isComplete()</tt> returns true) and only if - * the authentication exchange has negotiated integrity and/or privacy - * as the quality of protection; otherwise, an - * <tt>IllegalStateException</tt> is thrown. - *<p> - * <tt>incoming</tt> is the contents of the SASL buffer as defined in RFC 2222 - * without the leading four octet field that represents the length. - * <tt>offset</tt> and <tt>len</tt> specify the portion of <tt>incoming</tt> - * to use. - * - * @param incoming A non-null byte array containing the encoded bytes - * from the server. - * @param offset The starting position at <tt>incoming</tt> of the bytes to use. - * @param len The number of bytes from <tt>incoming</tt> to use. - * @return A non-null byte array containing the decoded bytes. - * @exception SaslException if <tt>incoming</tt> cannot be successfully - * unwrapped. - * @exception IllegalStateException if the authentication exchange has - * not completed, or if the negotiated quality of protection - * has neither integrity nor privacy. - */ - public abstract byte[] unwrap(byte[] incoming, int offset, int len) - throws SaslException; - - /** - * Wraps a byte array to be sent to the server. - * This method can be called only after the authentication exchange has - * completed (i.e., when <tt>isComplete()</tt> returns true) and only if - * the authentication exchange has negotiated integrity and/or privacy - * as the quality of protection; otherwise, an - * <tt>IllegalStateException</tt> is thrown. - *<p> - * The result of this method will make up the contents of the SASL buffer - * as defined in RFC 2222 without the leading four octet field that - * represents the length. - * <tt>offset</tt> and <tt>len</tt> specify the portion of <tt>outgoing</tt> - * to use. - * - * @param outgoing A non-null byte array containing the bytes to encode. - * @param offset The starting position at <tt>outgoing</tt> of the bytes to use. - * @param len The number of bytes from <tt>outgoing</tt> to use. - * @return A non-null byte array containing the encoded bytes. - * @exception SaslException if <tt>outgoing</tt> cannot be successfully - * wrapped. - * @exception IllegalStateException if the authentication exchange has - * not completed, or if the negotiated quality of protection - * has neither integrity nor privacy. - */ - public abstract byte[] wrap(byte[] outgoing, int offset, int len) - throws SaslException; - - /** - * Retrieves the negotiated property. - * This method can be called only after the authentication exchange has - * completed (i.e., when <tt>isComplete()</tt> returns true); otherwise, an - * <tt>IllegalStateException</tt> is thrown. - * - * @param propName The non-null property name. - * @return The value of the negotiated property. If null, the property was - * not negotiated or is not applicable to this mechanism. - * @exception IllegalStateException if this authentication exchange - * has not completed - */ - - public abstract Object getNegotiatedProperty(String propName); - - /** - * Disposes of any system resources or security-sensitive information - * the SaslClient might be using. Invoking this method invalidates - * the SaslClient instance. This method is idempotent. - * @throws SaslException If a problem was encountered while disposing - * the resources. - */ - public abstract void dispose() throws SaslException; -}
--- a/rt/javax/security/sasl/SaslClientFactory.java Tue Jun 26 14:12:55 2007 -0400 +++ /dev/null Thu Jan 01 00:00:00 1970 +0000 @@ -1,112 +0,0 @@ -/* - * Copyright 1999-2006 Sun Microsystems, Inc. All Rights Reserved. - * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. - * - * This code is free software; you can redistribute it and/or modify it - * under the terms of the GNU General Public License version 2 only, as - * published by the Free Software Foundation. Sun designates this - * particular file as subject to the "Classpath" exception as provided - * by Sun in the LICENSE file that accompanied this code. - * - * This code is distributed in the hope that it will be useful, but WITHOUT - * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or - * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License - * version 2 for more details (a copy is included in the LICENSE file that - * accompanied this code). - * - * You should have received a copy of the GNU General Public License version - * 2 along with this work; if not, write to the Free Software Foundation, - * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. - * - * Please contact Sun Microsystems, Inc., 4150 Network Circle, Santa Clara, - * CA 95054 USA or visit www.sun.com if you need additional information or - * have any questions. - */ - -package javax.security.sasl; - -import java.util.Map; -import javax.security.auth.callback.CallbackHandler; - -/** - * An interface for creating instances of <tt>SaslClient</tt>. - * A class that implements this interface - * must be thread-safe and handle multiple simultaneous - * requests. It must also have a public constructor that accepts no - * argument. - *<p> - * This interface is not normally accessed directly by a client, which will use the - * <tt>Sasl</tt> static methods - * instead. However, a particular environment may provide and install a - * new or different <tt>SaslClientFactory</tt>. - * - * @since 1.5 - * - * @see SaslClient - * @see Sasl - * - * @author Rosanna Lee - * @author Rob Weltman - */ -public abstract interface SaslClientFactory { - /** - * Creates a SaslClient using the parameters supplied. - * - * @param mechanisms The non-null list of mechanism names to try. Each is the - * IANA-registered name of a SASL mechanism. (e.g. "GSSAPI", "CRAM-MD5"). - * @param authorizationId The possibly null protocol-dependent - * identification to be used for authorization. - * If null or empty, the server derives an authorization - * ID from the client's authentication credentials. - * When the SASL authentication completes successfully, - * the specified entity is granted access. - * @param protocol The non-null string name of the protocol for which - * the authentication is being performed (e.g., "ldap"). - * @param serverName The non-null fully qualified host name - * of the server to authenticate to. - * @param props The possibly null set of properties used to select the SASL - * mechanism and to configure the authentication exchange of the selected - * mechanism. See the <tt>Sasl</tt> class for a list of standard properties. - * Other, possibly mechanism-specific, properties can be included. - * Properties not relevant to the selected mechanism are ignored, - * including any map entries with non-String keys. - * - * @param cbh The possibly null callback handler to used by the SASL - * mechanisms to get further information from the application/library - * to complete the authentication. For example, a SASL mechanism might - * require the authentication ID, password and realm from the caller. - * The authentication ID is requested by using a <tt>NameCallback</tt>. - * The password is requested by using a <tt>PasswordCallback</tt>. - * The realm is requested by using a <tt>RealmChoiceCallback</tt> if there is a list - * of realms to choose from, and by using a <tt>RealmCallback</tt> if - * the realm must be entered. - * - *@return A possibly null <tt>SaslClient</tt> created using the parameters - * supplied. If null, this factory cannot produce a <tt>SaslClient</tt> - * using the parameters supplied. - *@exception SaslException If cannot create a <tt>SaslClient</tt> because - * of an error. - */ - public abstract SaslClient createSaslClient( - String[] mechanisms, - String authorizationId, - String protocol, - String serverName, - Map<String,?> props, - CallbackHandler cbh) throws SaslException; - - /** - * Returns an array of names of mechanisms that match the specified - * mechanism selection policies. - * @param props The possibly null set of properties used to specify the - * security policy of the SASL mechanisms. For example, if <tt>props</tt> - * contains the <tt>Sasl.POLICY_NOPLAINTEXT</tt> property with the value - * <tt>"true"</tt>, then the factory must not return any SASL mechanisms - * that are susceptible to simple plain passive attacks. - * See the <tt>Sasl</tt> class for a complete list of policy properties. - * Non-policy related properties, if present in <tt>props</tt>, are ignored, - * including any map entries with non-String keys. - * @return A non-null array containing a IANA-registered SASL mechanism names. - */ - public abstract String[] getMechanismNames(Map<String,?> props); -}
--- a/rt/javax/security/sasl/SaslException.java Tue Jun 26 14:12:55 2007 -0400 +++ /dev/null Thu Jan 01 00:00:00 1970 +0000 @@ -1,129 +0,0 @@ -/* - * Copyright 1999-2003 Sun Microsystems, Inc. All Rights Reserved. - * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. - * - * This code is free software; you can redistribute it and/or modify it - * under the terms of the GNU General Public License version 2 only, as - * published by the Free Software Foundation. Sun designates this - * particular file as subject to the "Classpath" exception as provided - * by Sun in the LICENSE file that accompanied this code. - * - * This code is distributed in the hope that it will be useful, but WITHOUT - * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or - * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License - * version 2 for more details (a copy is included in the LICENSE file that - * accompanied this code). - * - * You should have received a copy of the GNU General Public License version - * 2 along with this work; if not, write to the Free Software Foundation, - * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. - * - * Please contact Sun Microsystems, Inc., 4150 Network Circle, Santa Clara, - * CA 95054 USA or visit www.sun.com if you need additional information or - * have any questions. - */ - -package javax.security.sasl; - -import java.io.IOException; - -/** - * This class represents an error that has occurred when using SASL. - * - * @since 1.5 - * - * @author Rosanna Lee - * @author Rob Weltman - */ - -public class SaslException extends IOException { - /** - * The possibly null root cause exception. - * @serial - */ - // Required for serialization interoperability with JSR 28 - private Throwable _exception; - - /** - * Constructs a new instance of <tt>SaslException</tt>. - * The root exception and the detailed message are null. - */ - public SaslException () { - super(); - } - - /** - * Constructs a new instance of <tt>SaslException</tt> with a detailed message. - * The root exception is null. - * @param detail A possibly null string containing details of the exception. - * - * @see java.lang.Throwable#getMessage - */ - public SaslException (String detail) { - super(detail); - } - - /** - * Constructs a new instance of <tt>SaslException</tt> with a detailed message - * and a root exception. - * For example, a SaslException might result from a problem with - * the callback handler, which might throw a NoSuchCallbackException if - * it does not support the requested callback, or throw an IOException - * if it had problems obtaining data for the callback. The - * SaslException's root exception would be then be the exception thrown - * by the callback handler. - * - * @param detail A possibly null string containing details of the exception. - * @param ex A possibly null root exception that caused this exception. - * - * @see java.lang.Throwable#getMessage - * @see #getCause - */ - public SaslException (String detail, Throwable ex) { - super(detail); - if (ex != null) { - initCause(ex); - } - } - - /* - * Override Throwable.getCause() to ensure deserialized object from - * JSR 28 would return same value for getCause() (i.e., _exception). - */ - public Throwable getCause() { - return _exception; - } - - /* - * Override Throwable.initCause() to match getCause() by updating - * _exception as well. - */ - public Throwable initCause(Throwable cause) { - super.initCause(cause); - _exception = cause; - return this; - } - - /** - * Returns the string representation of this exception. - * The string representation contains - * this exception's class name, its detailed messsage, and if - * it has a root exception, the string representation of the root - * exception. This string representation - * is meant for debugging and not meant to be interpreted - * programmatically. - * @return The non-null string representation of this exception. - * @see java.lang.Throwable#getMessage - */ - // Override Throwable.toString() to conform to JSR 28 - public String toString() { - String answer = super.toString(); - if (_exception != null && _exception != this) { - answer += " [Caused by " + _exception.toString() + "]"; - } - return answer; - } - - /** Use serialVersionUID from JSR 28 RI for interoperability */ - private static final long serialVersionUID = 4579784287983423626L; -}
--- a/rt/javax/security/sasl/SaslServer.java Tue Jun 26 14:12:55 2007 -0400 +++ /dev/null Thu Jan 01 00:00:00 1970 +0000 @@ -1,216 +0,0 @@ -/* - * Copyright 2000-2004 Sun Microsystems, Inc. All Rights Reserved. - * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. - * - * This code is free software; you can redistribute it and/or modify it - * under the terms of the GNU General Public License version 2 only, as - * published by the Free Software Foundation. Sun designates this - * particular file as subject to the "Classpath" exception as provided - * by Sun in the LICENSE file that accompanied this code. - * - * This code is distributed in the hope that it will be useful, but WITHOUT - * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or - * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License - * version 2 for more details (a copy is included in the LICENSE file that - * accompanied this code). - * - * You should have received a copy of the GNU General Public License version - * 2 along with this work; if not, write to the Free Software Foundation, - * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. - * - * Please contact Sun Microsystems, Inc., 4150 Network Circle, Santa Clara, - * CA 95054 USA or visit www.sun.com if you need additional information or - * have any questions. - */ - -package javax.security.sasl; - -/** - * Performs SASL authentication as a server. - *<p> - * A server such an LDAP server gets an instance of this - * class in order to perform authentication defined by a specific SASL - * mechanism. Invoking methods on the <tt>SaslServer</tt> instance - * generates challenges according to the SASL - * mechanism implemented by the <tt>SaslServer</tt>. - * As the authentication proceeds, the instance - * encapsulates the state of a SASL server's authentication exchange. - *<p> - * Here's an example of how an LDAP server might use a <tt>SaslServer</tt>. - * It first gets an instance of a <tt>SaslServer</tt> for the SASL mechanism - * requested by the client: - *<blockquote><pre> - * SaslServer ss = Sasl.createSaslServer(mechanism, - * "ldap", myFQDN, props, callbackHandler); - *</pre></blockquote> - * It can then proceed to use the server for authentication. - * For example, suppose the LDAP server received an LDAP BIND request - * containing the name of the SASL mechanism and an (optional) initial - * response. It then might use the server as follows: - *<blockquote><pre> - * while (!ss.isComplete()) { - * try { - * byte[] challenge = ss.evaluateResponse(response); - * if (ss.isComplete()) { - * status = ldap.sendBindResponse(mechanism, challenge, SUCCESS); - * } else { - * status = ldap.sendBindResponse(mechanism, challenge, - SASL_BIND_IN_PROGRESS); - * response = ldap.readBindRequest(); - * } - * } catch (SaslException e) { - * status = ldap.sendErrorResponse(e); - * break; - * } - * } - * if (ss.isComplete() && status == SUCCESS) { - * String qop = (String) sc.getNegotiatedProperty(Sasl.QOP); - * if (qop != null - * && (qop.equalsIgnoreCase("auth-int") - * || qop.equalsIgnoreCase("auth-conf"))) { - * - * // Use SaslServer.wrap() and SaslServer.unwrap() for future - * // communication with client - * ldap.in = new SecureInputStream(ss, ldap.in); - * ldap.out = new SecureOutputStream(ss, ldap.out); - * } - * } - *</pre></blockquote> - * - * @since 1.5 - * - * @see Sasl - * @see SaslServerFactory - * - * @author Rosanna Lee - * @author Rob Weltman - */ -public abstract interface SaslServer { - - /** - * Returns the IANA-registered mechanism name of this SASL server. - * (e.g. "CRAM-MD5", "GSSAPI"). - * @return A non-null string representing the IANA-registered mechanism name. - */ - public abstract String getMechanismName(); - - /** - * Evaluates the response data and generates a challenge. - * - * If a response is received from the client during the authentication - * process, this method is called to prepare an appropriate next - * challenge to submit to the client. The challenge is null if the - * authentication has succeeded and no more challenge data is to be sent - * to the client. It is non-null if the authentication must be continued - * by sending a challenge to the client, or if the authentication has - * succeeded but challenge data needs to be processed by the client. - * <tt>isComplete()</tt> should be called - * after each call to <tt>evaluateResponse()</tt>,to determine if any further - * response is needed from the client. - * - * @param response The non-null (but possibly empty) response sent - * by the client. - * - * @return The possibly null challenge to send to the client. - * It is null if the authentication has succeeded and there is - * no more challenge data to be sent to the client. - * @exception SaslException If an error occurred while processing - * the response or generating a challenge. - */ - public abstract byte[] evaluateResponse(byte[] response) - throws SaslException; - - /** - * Determines whether the authentication exchange has completed. - * This method is typically called after each invocation of - * <tt>evaluateResponse()</tt> to determine whether the - * authentication has completed successfully or should be continued. - * @return true if the authentication exchange has completed; false otherwise. - */ - public abstract boolean isComplete(); - - /** - * Reports the authorization ID in effect for the client of this - * session. - * This method can only be called if isComplete() returns true. - * @return The authorization ID of the client. - * @exception IllegalStateException if this authentication session has not completed - */ - public String getAuthorizationID(); - - /** - * Unwraps a byte array received from the client. - * This method can be called only after the authentication exchange has - * completed (i.e., when <tt>isComplete()</tt> returns true) and only if - * the authentication exchange has negotiated integrity and/or privacy - * as the quality of protection; otherwise, - * an <tt>IllegalStateException</tt> is thrown. - *<p> - * <tt>incoming</tt> is the contents of the SASL buffer as defined in RFC 2222 - * without the leading four octet field that represents the length. - * <tt>offset</tt> and <tt>len</tt> specify the portion of <tt>incoming</tt> - * to use. - * - * @param incoming A non-null byte array containing the encoded bytes - * from the client. - * @param offset The starting position at <tt>incoming</tt> of the bytes to use. - * @param len The number of bytes from <tt>incoming</tt> to use. - * @return A non-null byte array containing the decoded bytes. - * @exception SaslException if <tt>incoming</tt> cannot be successfully - * unwrapped. - * @exception IllegalStateException if the authentication exchange has - * not completed, or if the negotiated quality of protection - * has neither integrity nor privacy - */ - public abstract byte[] unwrap(byte[] incoming, int offset, int len) - throws SaslException; - - /** - * Wraps a byte array to be sent to the client. - * This method can be called only after the authentication exchange has - * completed (i.e., when <tt>isComplete()</tt> returns true) and only if - * the authentication exchange has negotiated integrity and/or privacy - * as the quality of protection; otherwise, a <tt>SaslException</tt> is thrown. - *<p> - * The result of this method - * will make up the contents of the SASL buffer as defined in RFC 2222 - * without the leading four octet field that represents the length. - * <tt>offset</tt> and <tt>len</tt> specify the portion of <tt>outgoing</tt> - * to use. - * - * @param outgoing A non-null byte array containing the bytes to encode. - * @param offset The starting position at <tt>outgoing</tt> of the bytes to use. - * @param len The number of bytes from <tt>outgoing</tt> to use. - * @return A non-null byte array containing the encoded bytes. - * @exception SaslException if <tt>outgoing</tt> cannot be successfully - * wrapped. - * @exception IllegalStateException if the authentication exchange has - * not completed, or if the negotiated quality of protection has - * neither integrity nor privacy. - */ - public abstract byte[] wrap(byte[] outgoing, int offset, int len) - throws SaslException; - - /** - * Retrieves the negotiated property. - * This method can be called only after the authentication exchange has - * completed (i.e., when <tt>isComplete()</tt> returns true); otherwise, an - * <tt>IllegalStateException</tt> is thrown. - * - * @param propName the property - * @return The value of the negotiated property. If null, the property was - * not negotiated or is not applicable to this mechanism. - * @exception IllegalStateException if this authentication exchange has not completed - */ - - public abstract Object getNegotiatedProperty(String propName); - - /** - * Disposes of any system resources or security-sensitive information - * the SaslServer might be using. Invoking this method invalidates - * the SaslServer instance. This method is idempotent. - * @throws SaslException If a problem was encountered while disposing - * the resources. - */ - public abstract void dispose() throws SaslException; -}
--- a/rt/javax/security/sasl/SaslServerFactory.java Tue Jun 26 14:12:55 2007 -0400 +++ /dev/null Thu Jan 01 00:00:00 1970 +0000 @@ -1,109 +0,0 @@ -/* - * Copyright 2000-2006 Sun Microsystems, Inc. All Rights Reserved. - * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. - * - * This code is free software; you can redistribute it and/or modify it - * under the terms of the GNU General Public License version 2 only, as - * published by the Free Software Foundation. Sun designates this - * particular file as subject to the "Classpath" exception as provided - * by Sun in the LICENSE file that accompanied this code. - * - * This code is distributed in the hope that it will be useful, but WITHOUT - * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or - * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License - * version 2 for more details (a copy is included in the LICENSE file that - * accompanied this code). - * - * You should have received a copy of the GNU General Public License version - * 2 along with this work; if not, write to the Free Software Foundation, - * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. - * - * Please contact Sun Microsystems, Inc., 4150 Network Circle, Santa Clara, - * CA 95054 USA or visit www.sun.com if you need additional information or - * have any questions. - */ - -package javax.security.sasl; - -import java.util.Map; -import javax.security.auth.callback.CallbackHandler; - -/** - * An interface for creating instances of <tt>SaslServer</tt>. - * A class that implements this interface - * must be thread-safe and handle multiple simultaneous - * requests. It must also have a public constructor that accepts no - * argument. - *<p> - * This interface is not normally accessed directly by a server, which will use the - * <tt>Sasl</tt> static methods - * instead. However, a particular environment may provide and install a - * new or different <tt>SaslServerFactory</tt>. - * - * @since 1.5 - * - * @see SaslServer - * @see Sasl - * - * @author Rosanna Lee - * @author Rob Weltman - */ -public abstract interface SaslServerFactory { - /** - * Creates a <tt>SaslServer</tt> using the parameters supplied. - * It returns null - * if no <tt>SaslServer</tt> can be created using the parameters supplied. - * Throws <tt>SaslException</tt> if it cannot create a <tt>SaslServer</tt> - * because of an error. - * - * @param mechanism The non-null - * IANA-registered name of a SASL mechanism. (e.g. "GSSAPI", "CRAM-MD5"). - * @param protocol The non-null string name of the protocol for which - * the authentication is being performed (e.g., "ldap"). - * @param serverName The non-null fully qualified host name of the server - * to authenticate to. - * @param props The possibly null set of properties used to select the SASL - * mechanism and to configure the authentication exchange of the selected - * mechanism. See the <tt>Sasl</tt> class for a list of standard properties. - * Other, possibly mechanism-specific, properties can be included. - * Properties not relevant to the selected mechanism are ignored, - * including any map entries with non-String keys. - * - * @param cbh The possibly null callback handler to used by the SASL - * mechanisms to get further information from the application/library - * to complete the authentication. For example, a SASL mechanism might - * require the authentication ID, password and realm from the caller. - * The authentication ID is requested by using a <tt>NameCallback</tt>. - * The password is requested by using a <tt>PasswordCallback</tt>. - * The realm is requested by using a <tt>RealmChoiceCallback</tt> if there is a list - * of realms to choose from, and by using a <tt>RealmCallback</tt> if - * the realm must be entered. - * - *@return A possibly null <tt>SaslServer</tt> created using the parameters - * supplied. If null, this factory cannot produce a <tt>SaslServer</tt> - * using the parameters supplied. - *@exception SaslException If cannot create a <tt>SaslServer</tt> because - * of an error. - */ - public abstract SaslServer createSaslServer( - String mechanism, - String protocol, - String serverName, - Map<String,?> props, - CallbackHandler cbh) throws SaslException; - - /** - * Returns an array of names of mechanisms that match the specified - * mechanism selection policies. - * @param props The possibly null set of properties used to specify the - * security policy of the SASL mechanisms. For example, if <tt>props</tt> - * contains the <tt>Sasl.POLICY_NOPLAINTEXT</tt> property with the value - * <tt>"true"</tt>, then the factory must not return any SASL mechanisms - * that are susceptible to simple plain passive attacks. - * See the <tt>Sasl</tt> class for a complete list of policy properties. - * Non-policy related properties, if present in <tt>props</tt>, are ignored, - * including any map entries with non-String keys. - * @return A non-null array containing a IANA-registered SASL mechanism names. - */ - public abstract String[] getMechanismNames(Map<String,?> props); -}