java.rmi.constraint
Class SecurityConstraints

java.lang.Object
  |
  +--java.rmi.constraint.SecurityConstraints
All Implemented Interfaces:
java.io.Serializable

public final class SecurityConstraints
extends java.lang.Object
implements java.io.Serializable

Combines security constraints. Constraints come in two basic flavors: requirements and preferences. A requirement is a mandatory constraint that must be satisfied for the remote call. A preference is a desired constraint, to be satisfied if possible, but it will not be satisfied if it conflicts with a requirement, and if two preferences conflict, it is generally arbitrary as to which one will be satisfied.

Constraints are reduced (as described below) when they are placed in an instance of this class. In general, application developers do not need to be concerned with the detailed semantics of how constraints are reduced; they are intended to simplify the constraints for interpretation by security providers.

Note that it is possible for an instance of this class to contain requirements that conflict with each other, and preferences that conflict with each other.

When an instance of this class is created, the collection of requirements is reduced as follows. If there exist two requirements c1 and c2 such that c1.reduceBy(c2) is equal to c2, then c1 is removed. If there exist two requirements c1 and c2 such that c1.reduceBy(c2) is not equal to null, c1 or c2, then c1 is replaced by the value of c1.reduceBy(c2). The reduction process continues until c1.reduceBy(c2) is equal to null or c1 for every pair of requirements c1 and c2.

Note that the order in which reductions are performed above is arbitrary. If there are conflicting requirements, and at least one requirement overlaps multiple conflicting requirements, the reduced set of requirements could be any one of several possibilities, depending on the order in which reductions are performed.

When an instance of this class is created, the collection of preferences is reduced as follows. First, each preference that is a ConstraintAlternatives instance is replaced by its individual elements. Each preference is then reduced by all of the reduced requirements as follows. Given a preference p, we start with a result constraint v equal to p, and for each reduced requirement r, v is replaced with the value of v.reduceBy(r) if that value is not a ConstraintAlternatives instance. If at any step the value of v.reduceBy(r) is null or is equal to r, then p is discarded. The reduced preferences set contains the final value v computed for each undiscarded preference, with duplicates removed.

Since:
1.4
See Also:
Serialized Form

Field Summary
static SecurityConstraints EMPTY
          An empty instance, one that has no requirements and no preferences.
 
Constructor Summary
SecurityConstraints(java.util.Collection reqs, java.util.Collection prefs)
          Creates an instance that has all of the constraints from the first collection, reqs, added as requirements if the collection is a non-null value, and has all of the constraints from the second collection, prefs, added as preferences if the collection is a non-null value.
SecurityConstraints(SecurityConstraint[] reqs, SecurityConstraint[] prefs)
          Creates an instance that has all of the constraints from the first array, reqs, added as requirements if the array is a non-null value, and has all of the constraints from the second array, prefs, added as preferences if the array is a non-nullvalue.
SecurityConstraints(SecurityConstraint req, SecurityConstraint pref)
          Creates an instance that has the first constraint, req, added as a requirement if is a non-null value, and has the second constraint, pref, added as a preference if it is a non-null value.
 
Method Summary
static SecurityConstraints combine(SecurityConstraints constraints1, SecurityConstraints constraints2)
          Returns an instance of this class that has all of the requirements from each non-null parameter added as requirements and has all of the preferences from each non-null parameter added as preferences.
static SecurityConstraints combineWithContextAbsolute(SecurityConstraints constraints1, SecurityConstraints constraints2)
          Returns an instance of this class that has all of the requirements from each non-null parameter and from the current context constraints added as requirements and has all of the preferences from each non-null parameter and from the current context constraints added as preferences; every constraint that is an instance of RelativeTimeConstraint is replaced by the result of invoking the constraint's makeAbsolute method with the current time (as returned by System.currentTimeMillis).
 boolean equals(java.lang.Object obj)
          Two instances of this class are equal if they have the same requirements and the same preferences.
 int hashCode()
          Returns a hash code value for this object.
 boolean isEmpty()
          Returns true if the instance has no requirements and no preferences; returns false otherwise.
 java.util.Set preferences()
          Returns an immutable set of all the preferences.
 java.util.Set requirements()
          Returns an immutable set of all the requirements.
 java.lang.String toString()
          Returns a string representation of this object.
 
Methods inherited from class java.lang.Object
clone, finalize, getClass, notify, notifyAll, wait, wait, wait
 

Field Detail

EMPTY

public static final SecurityConstraints EMPTY
An empty instance, one that has no requirements and no preferences.
Constructor Detail

SecurityConstraints

public SecurityConstraints(SecurityConstraint req,
                           SecurityConstraint pref)
Creates an instance that has the first constraint, req, added as a requirement if is a non-null value, and has the second constraint, pref, added as a preference if it is a non-null value.
Parameters:
req - a requirement, or null
pref - a preference, or null
Throws:
java.lang.IllegalArgumentException - if a parameter is not an instance of a trusted constraint class

SecurityConstraints

public SecurityConstraints(SecurityConstraint[] reqs,
                           SecurityConstraint[] prefs)
Creates an instance that has all of the constraints from the first array, reqs, added as requirements if the array is a non-null value, and has all of the constraints from the second array, prefs, added as preferences if the array is a non-nullvalue. The parameters passed to the constructor are neither modified nor retained; subsequent changes to those parameters have no effect on the instance created.
Parameters:
reqs - requirements, or null
prefs - preferences, or null
Throws:
NullPointerException - if any element of a parameter is null
java.lang.IllegalArgumentException - if any element of a parameter is not an instance of a trusted constraint class

SecurityConstraints

public SecurityConstraints(java.util.Collection reqs,
                           java.util.Collection prefs)
Creates an instance that has all of the constraints from the first collection, reqs, added as requirements if the collection is a non-null value, and has all of the constraints from the second collection, prefs, added as preferences if the collection is a non-null value. The parameters passed to the constructor are neither modified nor retained; subsequent changes to those parameters have no effect on the instance created.
Parameters:
reqs - requirements, or null
prefs - preferences, or null
Throws:
NullPointerException - if any element of a parameter is null
java.lang.IllegalArgumentException - if any element of a parameter is not an instance of a trusted constraint class
Method Detail

combine

public static SecurityConstraints combine(SecurityConstraints constraints1,
                                          SecurityConstraints constraints2)
Returns an instance of this class that has all of the requirements from each non-null parameter added as requirements and has all of the preferences from each non-null parameter added as preferences.
Parameters:
constraints1 - constraints, or null
constraints2 - constraints, or null
Returns:
an instance of this class that has all of the requirements from each non-null parameter added as requirements and has all of the preferences from each non-null parameter added as preferences

combineWithContextAbsolute

public static SecurityConstraints combineWithContextAbsolute(SecurityConstraints constraints1,
                                                             SecurityConstraints constraints2)
Returns an instance of this class that has all of the requirements from each non-null parameter and from the current context constraints added as requirements and has all of the preferences from each non-null parameter and from the current context constraints added as preferences; every constraint that is an instance of RelativeTimeConstraint is replaced by the result of invoking the constraint's makeAbsolute method with the current time (as returned by System.currentTimeMillis). The current context constraints are the constraints returned by Security.getContextConstraints.

This method can be used by a custom proxy implementation to combine the current context constraints with the proxy's client and server constraints, in preparation for a remote call.

Parameters:
constraints1 - constraints (such as the client constraints), or null
constraints2 - constraints (such as the server constraints), or null
Returns:
an instance of this class that combines the constraint parameters with the current context constraints, with all constraints converted to absolute time

requirements

public java.util.Set requirements()
Returns an immutable set of all the requirements. Any attempt to modify this set results in an UnsupportedOperationException being thrown.
Returns:
an immutable set of all of the requirements

preferences

public java.util.Set preferences()
Returns an immutable set of all the preferences. Any attempt to modify this set results in an UnsupportedOperationException being thrown.
Returns:
an immutable set of all of the preferences

isEmpty

public boolean isEmpty()
Returns true if the instance has no requirements and no preferences; returns false otherwise.
Returns:
true if the instance has no requirements and no preferences; false otherwise

hashCode

public int hashCode()
Returns a hash code value for this object.
Overrides:
hashCode in class java.lang.Object

equals

public boolean equals(java.lang.Object obj)
Two instances of this class are equal if they have the same requirements and the same preferences.
Overrides:
equals in class java.lang.Object

toString

public java.lang.String toString()
Returns a string representation of this object.
Overrides:
toString in class java.lang.Object


Copyright © 2000 Sun Microsystems, Inc. All rights reserved