- java.lang.Object
-
- javax.security.auth.kerberos.KerberosPrincipal
-
- All Implemented Interfaces:
Serializable,Principal
public final class KerberosPrincipal extends Object implements Principal, Serializable
This class encapsulates a Kerberos principal.- Since:
- 1.4
- See Also:
- Serialized Form
-
-
Field Summary
Fields Modifier and Type Field Description static intKRB_NT_PRINCIPALuser principal name type.static intKRB_NT_SRV_HSTservice with host name as instance (telnet, rcommands) name type.static intKRB_NT_SRV_INSTservice and other unique instance (krbtgt) name type.static intKRB_NT_SRV_XHSTservice with host as remaining components name type.static intKRB_NT_UIDunique ID name type.static intKRB_NT_UNKNOWNunknown name type.
-
Constructor Summary
Constructors Constructor Description KerberosPrincipal(String name)Constructs aKerberosPrincipalfrom the provided string input.KerberosPrincipal(String name, int nameType)Constructs aKerberosPrincipalfrom the provided string and name type input.
-
Method Summary
All Methods Instance Methods Concrete Methods Modifier and Type Method Description booleanequals(Object other)Compares the specified object with this principal for equality.StringgetName()The returned string corresponds to the single-string representation of a Kerberos Principal name as specified in Section 2.1 of RFC 1964.intgetNameType()Returns the name type of theKerberosPrincipal.StringgetRealm()Returns the realm component of this Kerberos principal.inthashCode()Returns a hash code for thisKerberosPrincipal.StringtoString()Returns an informative textual representation of thisKerberosPrincipal.
-
-
-
Field Detail
-
KRB_NT_UNKNOWN
public static final int KRB_NT_UNKNOWN
unknown name type.- See Also:
- Constant Field Values
-
KRB_NT_PRINCIPAL
public static final int KRB_NT_PRINCIPAL
user principal name type.- See Also:
- Constant Field Values
-
KRB_NT_SRV_INST
public static final int KRB_NT_SRV_INST
service and other unique instance (krbtgt) name type.- See Also:
- Constant Field Values
-
KRB_NT_SRV_HST
public static final int KRB_NT_SRV_HST
service with host name as instance (telnet, rcommands) name type.- See Also:
- Constant Field Values
-
KRB_NT_SRV_XHST
public static final int KRB_NT_SRV_XHST
service with host as remaining components name type.- See Also:
- Constant Field Values
-
KRB_NT_UID
public static final int KRB_NT_UID
unique ID name type.- See Also:
- Constant Field Values
-
-
Constructor Detail
-
KerberosPrincipal
public KerberosPrincipal(String name)
Constructs aKerberosPrincipalfrom the provided string input. The name type for this principal defaults toKRB_NT_PRINCIPALThis string is assumed to contain a name in the format that is specified in Section 2.1.1. (Kerberos Principal Name Form) of RFC 1964 (for example, duke@FOO.COM, where duke represents a principal, and FOO.COM represents a realm).If the input name does not contain a realm, the default realm is used. The default realm can be specified either in a Kerberos configuration file or via the java.security.krb5.realm system property. For more information, see the Kerberos Requirements. Additionally, if a security manager is installed, a
ServicePermissionmust be granted and the service principal of the permission must minimally be inside theKerberosPrincipal's realm. For example, if the result ofnew KerberosPrincipal("user")isuser@EXAMPLE.COM, then aServicePermissionwith service principalhost/www.example.com@EXAMPLE.COM(and any action) must be granted.- Parameters:
name- the principal name- Throws:
IllegalArgumentException- if name is improperly formatted, if name is null, or if name does not contain the realm to use and the default realm is not specified in either a Kerberos configuration file or via the java.security.krb5.realm system property.SecurityException- if a security manager is installed andnamedoes not contain the realm to use, and a properServicePermissionas described above is not granted.
-
KerberosPrincipal
public KerberosPrincipal(String name, int nameType)
Constructs aKerberosPrincipalfrom the provided string and name type input. The string is assumed to contain a name in the format that is specified in Section 2.1 (Mandatory Name Forms) of RFC 1964. Valid name types are specified in Section 6.2 (Principal Names) of RFC 4120. The input name must be consistent with the provided name type. (for example, duke@FOO.COM, is a valid input string for the name type, KRB_NT_PRINCIPAL where duke represents a principal, and FOO.COM represents a realm).If the input name does not contain a realm, the default realm is used. The default realm can be specified either in a Kerberos configuration file or via the java.security.krb5.realm system property. For more information, see the Kerberos Requirements. Additionally, if a security manager is installed, a
ServicePermissionmust be granted and the service principal of the permission must minimally be inside theKerberosPrincipal's realm. For example, if the result ofnew KerberosPrincipal("user")isuser@EXAMPLE.COM, then aServicePermissionwith service principalhost/www.example.com@EXAMPLE.COM(and any action) must be granted.- Parameters:
name- the principal namenameType- the name type of the principal- Throws:
IllegalArgumentException- if name is improperly formatted, if name is null, if the nameType is not supported, or if name does not contain the realm to use and the default realm is not specified in either a Kerberos configuration file or via the java.security.krb5.realm system property.SecurityException- if a security manager is installed andnamedoes not contain the realm to use, and a properServicePermissionas described above is not granted.
-
-
Method Detail
-
getRealm
public String getRealm()
Returns the realm component of this Kerberos principal.- Returns:
- the realm component of this Kerberos principal.
-
hashCode
public int hashCode()
Returns a hash code for thisKerberosPrincipal. The hash code is defined to be the result of the following calculation:hashCode = getName().hashCode();- Specified by:
hashCodein interfacePrincipal- Overrides:
hashCodein classObject- Returns:
- a hash code for this
KerberosPrincipal. - See Also:
Object.equals(java.lang.Object),System.identityHashCode(java.lang.Object)
-
equals
public boolean equals(Object other)
Compares the specified object with this principal for equality. Returns true if the given object is also aKerberosPrincipaland the twoKerberosPrincipalinstances are equivalent. More formally twoKerberosPrincipalinstances are equal if the values returned bygetName()are equal.
-
getName
public String getName()
The returned string corresponds to the single-string representation of a Kerberos Principal name as specified in Section 2.1 of RFC 1964.
-
getNameType
public int getNameType()
Returns the name type of theKerberosPrincipal. Valid name types are specified in Section 6.2 of RFC4120.- Returns:
- the name type.
-
-