Blame - jdk/src/share/classes/sun/security/krb5/internal/ccache/Credentials.java - platform/libcore

blob: 4665d9f63dcc32ca5efa413e7336dec123975d9b [file] [log] [blame]

J. Duke	319a3b9	2007-12-01 00:00:00 +0000	[diff] [blame^]	1	/*
				2	* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
				3	*
				4	* This code is free software; you can redistribute it and/or modify it
				5	* under the terms of the GNU General Public License version 2 only, as
				6	* published by the Free Software Foundation. Sun designates this
				7	* particular file as subject to the "Classpath" exception as provided
				8	* by Sun in the LICENSE file that accompanied this code.
				9	*
				10	* This code is distributed in the hope that it will be useful, but WITHOUT
				11	* ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
				12	* FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
				13	* version 2 for more details (a copy is included in the LICENSE file that
				14	* accompanied this code).
				15	*
				16	* You should have received a copy of the GNU General Public License version
				17	* 2 along with this work; if not, write to the Free Software Foundation,
				18	* Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
				19	*
				20	* Please contact Sun Microsystems, Inc., 4150 Network Circle, Santa Clara,
				21	* CA 95054 USA or visit www.sun.com if you need additional information or
				22	* have any questions.
				23	*/
				24
				25	/*
				26	*
				27	* (C) Copyright IBM Corp. 1999 All Rights Reserved.
				28	* Copyright 1997 The Open Group Research Institute. All rights reserved.
				29	*/
				30
				31	package sun.security.krb5.internal.ccache;
				32
				33	import sun.security.krb5.*;
				34	import sun.security.krb5.internal.*;
				35
				36	public class Credentials {
				37	PrincipalName cname;
				38	Realm crealm;
				39	PrincipalName sname;
				40	Realm srealm;
				41	EncryptionKey key;
				42	KerberosTime authtime;
				43	KerberosTime starttime;//optional
				44	KerberosTime endtime;
				45	KerberosTime renewTill; //optional
				46	HostAddresses caddr; //optional; for proxied tickets only
				47	AuthorizationData authorizationData; //optional, not being actually used
				48	public boolean isEncInSKey; // true if ticket is encrypted in another ticket's skey
				49	TicketFlags flags;
				50	Ticket ticket;
				51	Ticket secondTicket; //optional
				52	private boolean DEBUG = Krb5.DEBUG;
				53
				54	public Credentials(
				55	PrincipalName new_cname,
				56	PrincipalName new_sname,
				57	EncryptionKey new_key,
				58	KerberosTime new_authtime,
				59	KerberosTime new_starttime,
				60	KerberosTime new_endtime,
				61	KerberosTime new_renewTill,
				62	boolean new_isEncInSKey,
				63	TicketFlags new_flags,
				64	HostAddresses new_caddr,
				65	AuthorizationData new_authData,
				66	Ticket new_ticket,
				67	Ticket new_secondTicket) {
				68	cname = (PrincipalName)new_cname.clone();
				69	if (new_cname.getRealm() != null)
				70	crealm = (Realm)new_cname.getRealm().clone();
				71
				72	sname = (PrincipalName)new_sname.clone();
				73	if (new_sname.getRealm() != null)
				74	srealm = (Realm)new_sname.getRealm().clone();
				75
				76	key = (EncryptionKey)new_key.clone();
				77
				78	authtime = (KerberosTime)new_authtime.clone();
				79	starttime = (KerberosTime)new_starttime.clone();
				80	endtime = (KerberosTime)new_endtime.clone();
				81	renewTill = (KerberosTime)new_renewTill.clone();
				82	if (new_caddr != null)
				83	caddr = (HostAddresses)new_caddr.clone();
				84	if (new_authData != null) {
				85	authorizationData
				86	= (AuthorizationData)new_authData.clone();
				87	}
				88
				89	isEncInSKey = new_isEncInSKey;
				90	flags = (TicketFlags)new_flags.clone();
				91	ticket = (Ticket)(new_ticket.clone());
				92	if (new_secondTicket != null)
				93	secondTicket = (Ticket)new_secondTicket.clone();
				94	}
				95
				96
				97
				98	public Credentials(
				99	KDCRep kdcRep,
				100	Ticket new_secondTicket,
				101	AuthorizationData new_authorizationData,
				102	boolean new_isEncInSKey
				103	) {
				104	if (kdcRep.encKDCRepPart == null) //can't store while encrypted
				105	return;
				106	crealm = (Realm)kdcRep.crealm.clone();
				107	cname = (PrincipalName)kdcRep.cname.clone();
				108	ticket = (Ticket)kdcRep.ticket.clone();
				109	key = (EncryptionKey)kdcRep.encKDCRepPart.key.clone();
				110	flags = (TicketFlags)kdcRep.encKDCRepPart.flags.clone();
				111	authtime = (KerberosTime)kdcRep.encKDCRepPart.authtime.clone();
				112	starttime = (KerberosTime)kdcRep.encKDCRepPart.starttime.clone();
				113	endtime = (KerberosTime)kdcRep.encKDCRepPart.endtime.clone();
				114	renewTill = (KerberosTime)kdcRep.encKDCRepPart.renewTill.clone();
				115	srealm = (Realm)kdcRep.encKDCRepPart.srealm.clone();
				116	sname = (PrincipalName)kdcRep.encKDCRepPart.sname.clone();
				117	caddr = (HostAddresses)kdcRep.encKDCRepPart.caddr.clone();
				118	secondTicket = (Ticket)new_secondTicket.clone();
				119	authorizationData =
				120	(AuthorizationData)new_authorizationData.clone();
				121	isEncInSKey = new_isEncInSKey;
				122	}
				123
				124	public Credentials(KDCRep kdcRep) {
				125	this(kdcRep, null);
				126	}
				127
				128	public Credentials(KDCRep kdcRep, Ticket new_ticket) {
				129	sname = (PrincipalName)kdcRep.encKDCRepPart.sname.clone();
				130	srealm = (Realm)kdcRep.encKDCRepPart.srealm.clone();
				131	try {
				132	sname.setRealm(srealm);
				133	}
				134	catch (RealmException e) {
				135	}
				136	cname = (PrincipalName)kdcRep.cname.clone();
				137	crealm = (Realm)kdcRep.crealm.clone();
				138	try {
				139	cname.setRealm(crealm);
				140	}
				141	catch (RealmException e) {
				142	}
				143	key = (EncryptionKey)kdcRep.encKDCRepPart.key.clone();
				144	authtime = (KerberosTime)kdcRep.encKDCRepPart.authtime.clone();
				145	if (kdcRep.encKDCRepPart.starttime != null) {
				146	starttime = (KerberosTime)kdcRep.encKDCRepPart.starttime.clone();
				147	}
				148	else starttime = null;
				149	endtime = (KerberosTime)kdcRep.encKDCRepPart.endtime.clone();
				150	if (kdcRep.encKDCRepPart.renewTill != null) {
				151	renewTill = (KerberosTime)kdcRep.encKDCRepPart.renewTill.clone();
				152	}
				153	else renewTill = null;
				154	// if (kdcRep.msgType == Krb5.KRB_AS_REP) {
				155	// isEncInSKey = false;
				156	// secondTicket = null;
				157	// }
				158	flags = kdcRep.encKDCRepPart.flags;
				159	if (kdcRep.encKDCRepPart.caddr != null)
				160	caddr = (HostAddresses)kdcRep.encKDCRepPart.caddr.clone();
				161	else caddr = null;
				162	ticket = (Ticket)kdcRep.ticket.clone();
				163	if (new_ticket != null) {
				164	secondTicket = (Ticket)new_ticket.clone();
				165	isEncInSKey = true;
				166	} else {
				167	secondTicket = null;
				168	isEncInSKey = false;
				169	}
				170	}
				171
				172	/**
				173	* Checks if this credential is expired
				174	*/
				175	public boolean isValid() {
				176	boolean valid = true;
				177	if (endtime.getTime() < System.currentTimeMillis()) {
				178	valid = false;
				179	}
				180	else if ((starttime.getTime() > System.currentTimeMillis())
				181	\|\| ((starttime == null) && (authtime.getTime() > System.currentTimeMillis())))
				182	{
				183	valid = false;
				184	}
				185	return valid;
				186	}
				187
				188	public PrincipalName getServicePrincipal() throws RealmException{
				189	if (sname.getRealm() == null) {
				190	sname.setRealm(srealm);
				191	}
				192	return sname;
				193	}
				194
				195	public sun.security.krb5.Credentials setKrbCreds() {
				196	return new sun.security.krb5.Credentials(ticket,
				197	cname, sname, key, flags, authtime, starttime, endtime, renewTill, caddr);
				198	}
				199
				200	public KerberosTime getAuthTime() {
				201	return authtime;
				202	}
				203
				204	public KerberosTime getEndTime() {
				205	return endtime;
				206	}
				207
				208	public TicketFlags getTicketFlags() {
				209	return flags;
				210	}
				211
				212	public int getEType() {
				213	return key.getEType();
				214	}
				215	}