stan/jdk-24
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

8078528: clean out tidy warnings from security.auth

Browse Source 
Some HTML markup fixes for docs

Reviewed-by: xuelei
This commit is contained in:
Alexander Stepanov 2015-04-29 17:29:14 +04:00
parent 6929be6fff
commit 86a3e55dec
28 changed files with 751 additions and 1029 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
jdk/src/java.smartcardio/share/classes/javax/smartcardio/package.html
View File

@ -46,12 +46,10 @@ The API is defined by classes in the package
<a href="CommandAPDU.html">CommandAPDU</a>, <a href="CommandAPDU.html">CommandAPDU</a>,
<a href="ResponseAPDU.html">ResponseAPDU</a> <a href="ResponseAPDU.html">ResponseAPDU</a>
<p>
<dt>Factory to obtain implementations <dt>Factory to obtain implementations
<dd> <dd>
<a href="TerminalFactory.html">TerminalFactory</a> <a href="TerminalFactory.html">TerminalFactory</a>
<p>
<dt>Main classes for card and terminal functions <dt>Main classes for card and terminal functions
<dd> <dd>
<a href="CardTerminals.html">CardTerminals</a>, <a href="CardTerminals.html">CardTerminals</a>,
@ -59,14 +57,12 @@ The API is defined by classes in the package
<a href="Card.html">Card</a>, <a href="Card.html">Card</a>,
<a href="CardChannel.html">CardChannel</a> <a href="CardChannel.html">CardChannel</a>
<p>
<dt>Supporting permission and exception classes <dt>Supporting permission and exception classes
<dd> <dd>
<a href="CardPermission.html">CardPermission</a>, <a href="CardPermission.html">CardPermission</a>,
<a href="CardException.html">CardException</a>, <a href="CardException.html">CardException</a>,
<a href="CardNotPresentException.html">CardNotPresentException</a> <a href="CardNotPresentException.html">CardNotPresentException</a>
<p>
<dt>Service provider interface, not accessed directly by applications <dt>Service provider interface, not accessed directly by applications
<dd> <dd>
<a href="TerminalFactorySpi.html">TerminalFactorySpi</a> <a href="TerminalFactorySpi.html">TerminalFactorySpi</a>
@ -94,7 +90,6 @@ A simple example of using the API is:
card.disconnect(false); card.disconnect(false);
</pre> </pre>
<P>
@since 1.6 @since 1.6
@author Andreas Sterbenz @author Andreas Sterbenz
@author JSR 268 Expert Group @author JSR 268 Expert Group

50
jdk/src/jdk.security.auth/share/classes/com/sun/security/auth/NTDomainPrincipal.java
View File

@ -28,19 +28,19 @@ package com.sun.security.auth;
import java.security.Principal; import java.security.Principal;
/** /**
* <p> This class implements the <code>Principal</code> interface * This class implements the {@code Principal} interface
* and represents the name of the Windows NT domain into which the * and represents the name of the Windows NT domain into which the
* user authenticated. This will be a domain name if the user logged * user authenticated. This will be a domain name if the user logged
* into a Windows NT domain, a workgroup name if the user logged into * into a Windows NT domain, a workgroup name if the user logged into
* a workgroup, or a machine name if the user logged into a standalone * a workgroup, or a machine name if the user logged into a standalone
* configuration. * configuration.
* *
* <p> Principals such as this <code>NTDomainPrincipal</code> * <p> Principals such as this {@code NTDomainPrincipal}
* may be associated with a particular <code>Subject</code> * may be associated with a particular {@code Subject}
* to augment that <code>Subject</code> with an additional * to augment that {@code Subject} with an additional
* identity. Refer to the <code>Subject</code> class for more information * identity. Refer to the {@code Subject} class for more information
* on how to achieve this. Authorization decisions can then be based upon * on how to achieve this. Authorization decisions can then be based upon
* the Principals associated with a <code>Subject</code>. * the Principals associated with a {@code Subject}.
* *
* @see java.security.Principal * @see java.security.Principal
* @see javax.security.auth.Subject * @see javax.security.auth.Subject
@ -56,14 +56,12 @@ public class NTDomainPrincipal implements Principal, java.io.Serializable {
private String name; private String name;
/** /**
* Create an <code>NTDomainPrincipal</code> with a Windows NT domain name. * Create an {@code NTDomainPrincipal} with a Windows NT domain name.
* *
* <p> * @param name the Windows NT domain name for this user.
* *
* @param name the Windows NT domain name for this user. <p> * @exception NullPointerException if the {@code name}
* * is {@code null}.
* @exception NullPointerException if the <code>name</code>
* is <code>null</code>.
*/ */
public NTDomainPrincipal(String name) { public NTDomainPrincipal(String name) {
if (name == null) { if (name == null) {
@ -79,23 +77,19 @@ public class NTDomainPrincipal implements Principal, java.io.Serializable {
/** /**
* Return the Windows NT domain name for this * Return the Windows NT domain name for this
* <code>NTDomainPrincipal</code>. * {@code NTDomainPrincipal}.
*
* <p>
* *
* @return the Windows NT domain name for this * @return the Windows NT domain name for this
* <code>NTDomainPrincipal</code> * {@code NTDomainPrincipal}
*/ */
public String getName() { public String getName() {
return name; return name;
} }
/** /**
* Return a string representation of this <code>NTDomainPrincipal</code>. * Return a string representation of this {@code NTDomainPrincipal}.
* *
* <p> * @return a string representation of this {@code NTDomainPrincipal}.
*
* @return a string representation of this <code>NTDomainPrincipal</code>.
*/ */
public String toString() { public String toString() {
java.text.MessageFormat form = new java.text.MessageFormat java.text.MessageFormat form = new java.text.MessageFormat
@ -107,18 +101,16 @@ public class NTDomainPrincipal implements Principal, java.io.Serializable {
} }
/** /**
* Compares the specified Object with this <code>NTDomainPrincipal</code> * Compares the specified Object with this {@code NTDomainPrincipal}
* for equality. Returns true if the given object is also a * for equality. Returns true if the given object is also a
* <code>NTDomainPrincipal</code> and the two NTDomainPrincipals * {@code NTDomainPrincipal} and the two NTDomainPrincipals
* have the same name. * have the same name.
* *
* <p>
*
* @param o Object to be compared for equality with this * @param o Object to be compared for equality with this
* <code>NTDomainPrincipal</code>. * {@code NTDomainPrincipal}.
* *
* @return true if the specified Object is equal to this * @return true if the specified Object is equal to this
* <code>NTDomainPrincipal</code>. * {@code NTDomainPrincipal}.
*/ */
public boolean equals(Object o) { public boolean equals(Object o) {
if (o == null) if (o == null)
@ -137,11 +129,9 @@ public class NTDomainPrincipal implements Principal, java.io.Serializable {
} }
/** /**
* Return a hash code for this <code>NTDomainPrincipal</code>. * Return a hash code for this {@code NTDomainPrincipal}.
* *
* <p> * @return a hash code for this {@code NTDomainPrincipal}.
*
* @return a hash code for this <code>NTDomainPrincipal</code>.
*/ */
public int hashCode() { public int hashCode() {
return this.getName().hashCode(); return this.getName().hashCode();

38
jdk/src/jdk.security.auth/share/classes/com/sun/security/auth/NTNumericCredential.java
View File

@ -26,9 +26,8 @@
package com.sun.security.auth; package com.sun.security.auth;
/** /**
* <p> This class abstracts an NT security token * This class abstracts an NT security token
* and provides a mechanism to do same-process security impersonation. * and provides a mechanism to do same-process security impersonation.
*
*/ */
@jdk.Exported @jdk.Exported
@ -37,12 +36,9 @@ public class NTNumericCredential {
private long impersonationToken; private long impersonationToken;
/** /**
* Create an <code>NTNumericCredential</code> with an integer value. * Create an {@code NTNumericCredential} with an integer value.
*
* <p>
*
* @param token the Windows NT security token for this user. <p>
* *
* @param token the Windows NT security token for this user.
*/ */
public NTNumericCredential(long token) { public NTNumericCredential(long token) {
this.impersonationToken = token; this.impersonationToken = token;
@ -50,23 +46,19 @@ public class NTNumericCredential {
/** /**
* Return an integer representation of this * Return an integer representation of this
* <code>NTNumericCredential</code>. * {@code NTNumericCredential}.
*
* <p>
* *
* @return an integer representation of this * @return an integer representation of this
* <code>NTNumericCredential</code>. * {@code NTNumericCredential}.
*/ */
public long getToken() { public long getToken() {
return impersonationToken; return impersonationToken;
} }
/** /**
* Return a string representation of this <code>NTNumericCredential</code>. * Return a string representation of this {@code NTNumericCredential}.
* *
* <p> * @return a string representation of this {@code NTNumericCredential}.
*
* @return a string representation of this <code>NTNumericCredential</code>.
*/ */
public String toString() { public String toString() {
java.text.MessageFormat form = new java.text.MessageFormat java.text.MessageFormat form = new java.text.MessageFormat
@ -78,18 +70,16 @@ public class NTNumericCredential {
} }
/** /**
* Compares the specified Object with this <code>NTNumericCredential</code> * Compares the specified Object with this {@code NTNumericCredential}
* for equality. Returns true if the given object is also a * for equality. Returns true if the given object is also a
* <code>NTNumericCredential</code> and the two NTNumericCredentials * {@code NTNumericCredential} and the two NTNumericCredentials
* represent the same NT security token. * represent the same NT security token.
* *
* <p>
*
* @param o Object to be compared for equality with this * @param o Object to be compared for equality with this
* <code>NTNumericCredential</code>. * {@code NTNumericCredential}.
* *
* @return true if the specified Object is equal to this * @return true if the specified Object is equal to this
* <code>NTNumericCredential</code>. * {@code NTNumericCredential}.
*/ */
public boolean equals(Object o) { public boolean equals(Object o) {
if (o == null) if (o == null)
@ -108,11 +98,9 @@ public class NTNumericCredential {
} }
/** /**
* Return a hash code for this <code>NTNumericCredential</code>. * Return a hash code for this {@code NTNumericCredential}.
* *
* <p> * @return a hash code for this {@code NTNumericCredential}.
*
* @return a hash code for this <code>NTNumericCredential</code>.
*/ */
public int hashCode() { public int hashCode() {
return (int)this.impersonationToken; return (int)this.impersonationToken;

52
jdk/src/jdk.security.auth/share/classes/com/sun/security/auth/NTSid.java
View File

@ -28,7 +28,7 @@ package com.sun.security.auth;
import java.security.Principal; import java.security.Principal;
/** /**
* <p> This class implements the <code>Principal</code> interface * This class implements the {@code Principal} interface
* and represents information about a Windows NT user, group or realm. * and represents information about a Windows NT user, group or realm.
* *
* <p> Windows NT chooses to represent users, groups and realms (or domains) * <p> Windows NT chooses to represent users, groups and realms (or domains)
@ -37,12 +37,12 @@ import java.security.Principal;
* also provides services that render these SIDs into string forms. * also provides services that render these SIDs into string forms.
* This class represents these string forms. * This class represents these string forms.
* *
* <p> Principals such as this <code>NTSid</code> * <p> Principals such as this {@code NTSid}
* may be associated with a particular <code>Subject</code> * may be associated with a particular {@code Subject}
* to augment that <code>Subject</code> with an additional * to augment that {@code Subject} with an additional
* identity. Refer to the <code>Subject</code> class for more information * identity. Refer to the {@code Subject} class for more information
* on how to achieve this. Authorization decisions can then be based upon * on how to achieve this. Authorization decisions can then be based upon
* the Principals associated with a <code>Subject</code>. * the Principals associated with a {@code Subject}.
* *
* @see java.security.Principal * @see java.security.Principal
* @see javax.security.auth.Subject * @see javax.security.auth.Subject
@ -58,16 +58,14 @@ public class NTSid implements Principal, java.io.Serializable {
private String sid; private String sid;
/** /**
* Create an <code>NTSid</code> with a Windows NT SID. * Create an {@code NTSid} with a Windows NT SID.
* *
* <p> * @param stringSid the Windows NT SID.
* *
* @param stringSid the Windows NT SID. <p> * @exception NullPointerException if the {@code String}
* is {@code null}.
* *
* @exception NullPointerException if the <code>String</code> * @exception IllegalArgumentException if the {@code String}
* is <code>null</code>.
*
* @exception IllegalArgumentException if the <code>String</code>
* has zero length. * has zero length.
*/ */
public NTSid (String stringSid) { public NTSid (String stringSid) {
@ -89,22 +87,18 @@ public class NTSid implements Principal, java.io.Serializable {
} }
/** /**
* Return a string version of this <code>NTSid</code>. * Return a string version of this {@code NTSid}.
* *
* <p> * @return a string version of this {@code NTSid}
*
* @return a string version of this <code>NTSid</code>
*/ */
public String getName() { public String getName() {
return sid; return sid;
} }
/** /**
* Return a string representation of this <code>NTSid</code>. * Return a string representation of this {@code NTSid}.
* *
* <p> * @return a string representation of this {@code NTSid}.
*
* @return a string representation of this <code>NTSid</code>.
*/ */
public String toString() { public String toString() {
java.text.MessageFormat form = new java.text.MessageFormat java.text.MessageFormat form = new java.text.MessageFormat
@ -116,18 +110,16 @@ public class NTSid implements Principal, java.io.Serializable {
} }
/** /**
* Compares the specified Object with this <code>NTSid</code> * Compares the specified Object with this {@code NTSid}
* for equality. Returns true if the given object is also a * for equality. Returns true if the given object is also a
* <code>NTSid</code> and the two NTSids have the same String * {@code NTSid} and the two NTSids have the same String
* representation. * representation.
* *
* <p>
*
* @param o Object to be compared for equality with this * @param o Object to be compared for equality with this
* <code>NTSid</code>. * {@code NTSid}.
* *
* @return true if the specified Object is equal to this * @return true if the specified Object is equal to this
* <code>NTSid</code>. * {@code NTSid}.
*/ */
public boolean equals(Object o) { public boolean equals(Object o) {
if (o == null) if (o == null)
@ -147,11 +139,9 @@ public class NTSid implements Principal, java.io.Serializable {
} }
/** /**
* Return a hash code for this <code>NTSid</code>. * Return a hash code for this {@code NTSid}.
* *
* <p> * @return a hash code for this {@code NTSid}.
*
* @return a hash code for this <code>NTSid</code>.
*/ */
public int hashCode() { public int hashCode() {
return sid.hashCode(); return sid.hashCode();

38
jdk/src/jdk.security.auth/share/classes/com/sun/security/auth/NTSidDomainPrincipal.java
View File

@ -26,19 +26,19 @@
package com.sun.security.auth; package com.sun.security.auth;
/** /**
* <p> This class extends <code>NTSid</code> * This class extends {@code NTSid}
* and represents a Windows NT user's domain SID. * and represents a Windows NT user's domain SID.
* *
* <p> An NT user only has a domain SID if in fact they are logged * <p> An NT user only has a domain SID if in fact they are logged
* into an NT domain. If the user is logged into a workgroup or * into an NT domain. If the user is logged into a workgroup or
* just a standalone configuration, they will NOT have a domain SID. * just a standalone configuration, they will NOT have a domain SID.
* *
* <p> Principals such as this <code>NTSidDomainPrincipal</code> * <p> Principals such as this {@code NTSidDomainPrincipal}
* may be associated with a particular <code>Subject</code> * may be associated with a particular {@code Subject}
* to augment that <code>Subject</code> with an additional * to augment that {@code Subject} with an additional
* identity. Refer to the <code>Subject</code> class for more information * identity. Refer to the {@code Subject} class for more information
* on how to achieve this. Authorization decisions can then be based upon * on how to achieve this. Authorization decisions can then be based upon
* the Principals associated with a <code>Subject</code>. * the Principals associated with a {@code Subject}.
* *
* @see java.security.Principal * @see java.security.Principal
* @see javax.security.auth.Subject * @see javax.security.auth.Subject
@ -49,27 +49,23 @@ public class NTSidDomainPrincipal extends NTSid {
private static final long serialVersionUID = 5247810785821650912L; private static final long serialVersionUID = 5247810785821650912L;
/** /**
* Create an <code>NTSidDomainPrincipal</code> with a Windows NT SID. * Create an {@code NTSidDomainPrincipal} with a Windows NT SID.
*
* <p>
* *
* @param name a string version of the Windows NT SID for this * @param name a string version of the Windows NT SID for this
* user's domain.<p> * user's domain.
* *
* @exception NullPointerException if the <code>name</code> * @exception NullPointerException if the {@code name}
* is <code>null</code>. * is {@code null}.
*/ */
public NTSidDomainPrincipal(String name) { public NTSidDomainPrincipal(String name) {
super(name); super(name);
} }
/** /**
* Return a string representation of this <code>NTSidDomainPrincipal</code>. * Return a string representation of this {@code NTSidDomainPrincipal}.
*
* <p>
* *
* @return a string representation of this * @return a string representation of this
* <code>NTSidDomainPrincipal</code>. * {@code NTSidDomainPrincipal}.
*/ */
public String toString() { public String toString() {
java.text.MessageFormat form = new java.text.MessageFormat java.text.MessageFormat form = new java.text.MessageFormat
@ -81,18 +77,16 @@ public class NTSidDomainPrincipal extends NTSid {
} }
/** /**
* Compares the specified Object with this <code>NTSidDomainPrincipal</code> * Compares the specified Object with this {@code NTSidDomainPrincipal}
* for equality. Returns true if the given object is also a * for equality. Returns true if the given object is also a
* <code>NTSidDomainPrincipal</code> and the two NTSidDomainPrincipals * {@code NTSidDomainPrincipal} and the two NTSidDomainPrincipals
* have the same SID. * have the same SID.
* *
* <p>
*
* @param o Object to be compared for equality with this * @param o Object to be compared for equality with this
* <code>NTSidDomainPrincipal</code>. * {@code NTSidDomainPrincipal}.
* *
* @return true if the specified Object is equal to this * @return true if the specified Object is equal to this
* <code>NTSidDomainPrincipal</code>. * {@code NTSidDomainPrincipal}.
*/ */
public boolean equals(Object o) { public boolean equals(Object o) {
if (o == null) if (o == null)

38
jdk/src/jdk.security.auth/share/classes/com/sun/security/auth/NTSidGroupPrincipal.java
View File

@ -26,15 +26,15 @@
package com.sun.security.auth; package com.sun.security.auth;
/** /**
* <p> This class extends <code>NTSid</code> * This class extends {@code NTSid}
* and represents one of the groups to which a Windows NT user belongs. * and represents one of the groups to which a Windows NT user belongs.
* *
* <p> Principals such as this <code>NTSidGroupPrincipal</code> * <p> Principals such as this {@code NTSidGroupPrincipal}
* may be associated with a particular <code>Subject</code> * may be associated with a particular {@code Subject}
* to augment that <code>Subject</code> with an additional * to augment that {@code Subject} with an additional
* identity. Refer to the <code>Subject</code> class for more information * identity. Refer to the {@code Subject} class for more information
* on how to achieve this. Authorization decisions can then be based upon * on how to achieve this. Authorization decisions can then be based upon
* the Principals associated with a <code>Subject</code>. * the Principals associated with a {@code Subject}.
* *
* @see java.security.Principal * @see java.security.Principal
* @see javax.security.auth.Subject * @see javax.security.auth.Subject
@ -46,25 +46,21 @@ public class NTSidGroupPrincipal extends NTSid {
private static final long serialVersionUID = -1373347438636198229L; private static final long serialVersionUID = -1373347438636198229L;
/** /**
* Create an <code>NTSidGroupPrincipal</code> with a Windows NT group name. * Create an {@code NTSidGroupPrincipal} with a Windows NT group name.
* *
* <p> * @param name the Windows NT group SID for this user.
* *
* @param name the Windows NT group SID for this user. <p> * @exception NullPointerException if the {@code name}
* * is {@code null}.
* @exception NullPointerException if the <code>name</code>
* is <code>null</code>.
*/ */
public NTSidGroupPrincipal(String name) { public NTSidGroupPrincipal(String name) {
super(name); super(name);
} }
/** /**
* Return a string representation of this <code>NTSidGroupPrincipal</code>. * Return a string representation of this {@code NTSidGroupPrincipal}.
* *
* <p> * @return a string representation of this {@code NTSidGroupPrincipal}.
*
* @return a string representation of this <code>NTSidGroupPrincipal</code>.
*/ */
public String toString() { public String toString() {
java.text.MessageFormat form = new java.text.MessageFormat java.text.MessageFormat form = new java.text.MessageFormat
@ -76,18 +72,16 @@ public class NTSidGroupPrincipal extends NTSid {
} }
/** /**
* Compares the specified Object with this <code>NTSidGroupPrincipal</code> * Compares the specified Object with this {@code NTSidGroupPrincipal}
* for equality. Returns true if the given object is also a * for equality. Returns true if the given object is also a
* <code>NTSidGroupPrincipal</code> and the two NTSidGroupPrincipals * {@code NTSidGroupPrincipal} and the two NTSidGroupPrincipals
* have the same SID. * have the same SID.
* *
* <p>
*
* @param o Object to be compared for equality with this * @param o Object to be compared for equality with this
* <code>NTSidGroupPrincipal</code>. * {@code NTSidGroupPrincipal}.
* *
* @return true if the specified Object is equal to this * @return true if the specified Object is equal to this
* <code>NTSidGroupPrincipal</code>. * {@code NTSidGroupPrincipal}.
*/ */
public boolean equals(Object o) { public boolean equals(Object o) {
if (o == null) if (o == null)

38
jdk/src/jdk.security.auth/share/classes/com/sun/security/auth/NTSidPrimaryGroupPrincipal.java
View File

@ -26,15 +26,15 @@
package com.sun.security.auth; package com.sun.security.auth;
/** /**
* <p> This class extends <code>NTSid</code> * This class extends {@code NTSid}
* and represents a Windows NT user's primary group SID. * and represents a Windows NT user's primary group SID.
* *
* <p> Principals such as this <code>NTSidPrimaryGroupPrincipal</code> * <p> Principals such as this {@code NTSidPrimaryGroupPrincipal}
* may be associated with a particular <code>Subject</code> * may be associated with a particular {@code Subject}
* to augment that <code>Subject</code> with an additional * to augment that {@code Subject} with an additional
* identity. Refer to the <code>Subject</code> class for more information * identity. Refer to the {@code Subject} class for more information
* on how to achieve this. Authorization decisions can then be based upon * on how to achieve this. Authorization decisions can then be based upon
* the Principals associated with a <code>Subject</code>. * the Principals associated with a {@code Subject}.
* *
* @see java.security.Principal * @see java.security.Principal
* @see javax.security.auth.Subject * @see javax.security.auth.Subject
@ -45,15 +45,13 @@ public class NTSidPrimaryGroupPrincipal extends NTSid {
private static final long serialVersionUID = 8011978367305190527L; private static final long serialVersionUID = 8011978367305190527L;
/** /**
* Create an <code>NTSidPrimaryGroupPrincipal</code> with a Windows NT * Create an {@code NTSidPrimaryGroupPrincipal} with a Windows NT
* group SID. * group SID.
* *
* <p> * @param name the primary Windows NT group SID for this user.
* *
* @param name the primary Windows NT group SID for this user. <p> * @exception NullPointerException if the {@code name}
* * is {@code null}.
* @exception NullPointerException if the <code>name</code>
* is <code>null</code>.
*/ */
public NTSidPrimaryGroupPrincipal(String name) { public NTSidPrimaryGroupPrincipal(String name) {
super(name); super(name);
@ -61,12 +59,10 @@ public class NTSidPrimaryGroupPrincipal extends NTSid {
/** /**
* Return a string representation of this * Return a string representation of this
* <code>NTSidPrimaryGroupPrincipal</code>. * {@code NTSidPrimaryGroupPrincipal}.
*
* <p>
* *
* @return a string representation of this * @return a string representation of this
* <code>NTSidPrimaryGroupPrincipal</code>. * {@code NTSidPrimaryGroupPrincipal}.
*/ */
public String toString() { public String toString() {
java.text.MessageFormat form = new java.text.MessageFormat java.text.MessageFormat form = new java.text.MessageFormat
@ -79,18 +75,16 @@ public class NTSidPrimaryGroupPrincipal extends NTSid {
/** /**
* Compares the specified Object with this * Compares the specified Object with this
* <code>NTSidPrimaryGroupPrincipal</code> * {@code NTSidPrimaryGroupPrincipal}
* for equality. Returns true if the given object is also a * for equality. Returns true if the given object is also a
* <code>NTSidPrimaryGroupPrincipal</code> and the two * {@code NTSidPrimaryGroupPrincipal} and the two
* NTSidPrimaryGroupPrincipals have the same SID. * NTSidPrimaryGroupPrincipals have the same SID.
* *
* <p>
*
* @param o Object to be compared for equality with this * @param o Object to be compared for equality with this
* <code>NTSidPrimaryGroupPrincipal</code>. * {@code NTSidPrimaryGroupPrincipal}.
* *
* @return true if the specified Object is equal to this * @return true if the specified Object is equal to this
* <code>NTSidPrimaryGroupPrincipal</code>. * {@code NTSidPrimaryGroupPrincipal}.
*/ */
public boolean equals(Object o) { public boolean equals(Object o) {
if (o == null) if (o == null)

38
jdk/src/jdk.security.auth/share/classes/com/sun/security/auth/NTSidUserPrincipal.java
View File

@ -26,15 +26,15 @@
package com.sun.security.auth; package com.sun.security.auth;
/** /**
* <p> This class extends <code>NTSid</code> * This class extends {@code NTSid}
* and represents a Windows NT user's SID. * and represents a Windows NT user's SID.
* *
* <p> Principals such as this <code>NTSidUserPrincipal</code> * <p> Principals such as this {@code NTSidUserPrincipal}
* may be associated with a particular <code>Subject</code> * may be associated with a particular {@code Subject}
* to augment that <code>Subject</code> with an additional * to augment that {@code Subject} with an additional
* identity. Refer to the <code>Subject</code> class for more information * identity. Refer to the {@code Subject} class for more information
* on how to achieve this. Authorization decisions can then be based upon * on how to achieve this. Authorization decisions can then be based upon
* the Principals associated with a <code>Subject</code>. * the Principals associated with a {@code Subject}.
* *
* @see java.security.Principal * @see java.security.Principal
* @see javax.security.auth.Subject * @see javax.security.auth.Subject
@ -45,25 +45,21 @@ public class NTSidUserPrincipal extends NTSid {
private static final long serialVersionUID = -5573239889517749525L; private static final long serialVersionUID = -5573239889517749525L;
/** /**
* Create an <code>NTSidUserPrincipal</code> with a Windows NT SID. * Create an {@code NTSidUserPrincipal} with a Windows NT SID.
* *
* <p> * @param name a string version of the Windows NT SID for this user.
* *
* @param name a string version of the Windows NT SID for this user.<p> * @exception NullPointerException if the {@code name}
* * is {@code null}.
* @exception NullPointerException if the <code>name</code>
* is <code>null</code>.
*/ */
public NTSidUserPrincipal(String name) { public NTSidUserPrincipal(String name) {
super(name); super(name);
} }
/** /**
* Return a string representation of this <code>NTSidUserPrincipal</code>. * Return a string representation of this {@code NTSidUserPrincipal}.
* *
* <p> * @return a string representation of this {@code NTSidUserPrincipal}.
*
* @return a string representation of this <code>NTSidUserPrincipal</code>.
*/ */
public String toString() { public String toString() {
java.text.MessageFormat form = new java.text.MessageFormat java.text.MessageFormat form = new java.text.MessageFormat
@ -75,18 +71,16 @@ public class NTSidUserPrincipal extends NTSid {
} }
/** /**
* Compares the specified Object with this <code>NTSidUserPrincipal</code> * Compares the specified Object with this {@code NTSidUserPrincipal}
* for equality. Returns true if the given object is also a * for equality. Returns true if the given object is also a
* <code>NTSidUserPrincipal</code> and the two NTSidUserPrincipals * {@code NTSidUserPrincipal} and the two NTSidUserPrincipals
* have the same SID. * have the same SID.
* *
* <p>
*
* @param o Object to be compared for equality with this * @param o Object to be compared for equality with this
* <code>NTSidUserPrincipal</code>. * {@code NTSidUserPrincipal}.
* *
* @return true if the specified Object is equal to this * @return true if the specified Object is equal to this
* <code>NTSidUserPrincipal</code>. * {@code NTSidUserPrincipal}.
*/ */
public boolean equals(Object o) { public boolean equals(Object o) {
if (o == null) if (o == null)

50
jdk/src/jdk.security.auth/share/classes/com/sun/security/auth/NTUserPrincipal.java
View File

@ -28,15 +28,15 @@ package com.sun.security.auth;
import java.security.Principal; import java.security.Principal;
/** /**
* <p> This class implements the <code>Principal</code> interface * This class implements the {@code Principal} interface
* and represents a Windows NT user. * and represents a Windows NT user.
* *
* <p> Principals such as this <code>NTUserPrincipal</code> * <p> Principals such as this {@code NTUserPrincipal}
* may be associated with a particular <code>Subject</code> * may be associated with a particular {@code Subject}
* to augment that <code>Subject</code> with an additional * to augment that {@code Subject} with an additional
* identity. Refer to the <code>Subject</code> class for more information * identity. Refer to the {@code Subject} class for more information
* on how to achieve this. Authorization decisions can then be based upon * on how to achieve this. Authorization decisions can then be based upon
* the Principals associated with a <code>Subject</code>. * the Principals associated with a {@code Subject}.
* *
* @see java.security.Principal * @see java.security.Principal
* @see javax.security.auth.Subject * @see javax.security.auth.Subject
@ -52,14 +52,12 @@ public class NTUserPrincipal implements Principal, java.io.Serializable {
private String name; private String name;
/** /**
* Create an <code>NTUserPrincipal</code> with a Windows NT username. * Create an {@code NTUserPrincipal} with a Windows NT username.
* *
* <p> * @param name the Windows NT username for this user.
* *
* @param name the Windows NT username for this user. <p> * @exception NullPointerException if the {@code name}
* * is {@code null}.
* @exception NullPointerException if the <code>name</code>
* is <code>null</code>.
*/ */
public NTUserPrincipal(String name) { public NTUserPrincipal(String name) {
if (name == null) { if (name == null) {
@ -74,22 +72,18 @@ public class NTUserPrincipal implements Principal, java.io.Serializable {
} }
/** /**
* Return the Windows NT username for this <code>NTPrincipal</code>. * Return the Windows NT username for this {@code NTPrincipal}.
* *
* <p> * @return the Windows NT username for this {@code NTPrincipal}
*
* @return the Windows NT username for this <code>NTPrincipal</code>
*/ */
public String getName() { public String getName() {
return name; return name;
} }
/** /**
* Return a string representation of this <code>NTPrincipal</code>. * Return a string representation of this {@code NTPrincipal}.
* *
* <p> * @return a string representation of this {@code NTPrincipal}.
*
* @return a string representation of this <code>NTPrincipal</code>.
*/ */
public String toString() { public String toString() {
java.text.MessageFormat form = new java.text.MessageFormat java.text.MessageFormat form = new java.text.MessageFormat
@ -101,18 +95,16 @@ public class NTUserPrincipal implements Principal, java.io.Serializable {
} }
/** /**
* Compares the specified Object with this <code>NTUserPrincipal</code> * Compares the specified Object with this {@code NTUserPrincipal}
* for equality. Returns true if the given object is also a * for equality. Returns true if the given object is also a
* <code>NTUserPrincipal</code> and the two NTUserPrincipals * {@code NTUserPrincipal} and the two NTUserPrincipals
* have the same name. * have the same name.
* *
* <p>
*
* @param o Object to be compared for equality with this * @param o Object to be compared for equality with this
* <code>NTPrincipal</code>. * {@code NTPrincipal}.
* *
* @return true if the specified Object is equal to this * @return true if the specified Object is equal to this
* <code>NTPrincipal</code>. * {@code NTPrincipal}.
*/ */
public boolean equals(Object o) { public boolean equals(Object o) {
if (o == null) if (o == null)
@ -131,11 +123,9 @@ public class NTUserPrincipal implements Principal, java.io.Serializable {
} }
/** /**
* Return a hash code for this <code>NTUserPrincipal</code>. * Return a hash code for this {@code NTUserPrincipal}.
* *
* <p> * @return a hash code for this {@code NTUserPrincipal}.
*
* @return a hash code for this <code>NTUserPrincipal</code>.
*/ */
public int hashCode() { public int hashCode() {
return this.getName().hashCode(); return this.getName().hashCode();

135
jdk/src/jdk.security.auth/share/classes/com/sun/security/auth/PolicyFile.java
View File

@ -31,25 +31,25 @@ import javax.security.auth.Subject;
/** /**
* This class represents a default implementation for * This class represents a default implementation for
* <code>javax.security.auth.Policy</code>. * {@code javax.security.auth.Policy}.
* *
* <p> This object stores the policy for entire Java runtime, * <p> This object stores the policy for entire Java runtime,
* and is the amalgamation of multiple static policy * and is the amalgamation of multiple static policy
* configurations that resides in files. * configurations that resides in files.
* The algorithm for locating the policy file(s) and reading their * The algorithm for locating the policy file(s) and reading their
* information into this <code>Policy</code> object is: * information into this {@code Policy} object is:
* *
* <ol> * <ol>
* <li> * <li>
* Loop through the security properties, * Loop through the security properties,
* <i>auth.policy.url.1</i>, <i>auth.policy.url.2</i>, ..., * <i>auth.policy.url.1</i>, <i>auth.policy.url.2</i>, ...,
* <i>auth.policy.url.X</i>". * <i>auth.policy.url.X</i>".
* Each property value specifies a <code>URL</code> pointing to a * Each property value specifies a {@code URL} pointing to a
* policy file to be loaded. Read in and load each policy. * policy file to be loaded. Read in and load each policy.
* *
* <li> * <li>
* The <code>java.lang.System</code> property <i>java.security.auth.policy</i> * The {@code java.lang.System} property <i>java.security.auth.policy</i>
* may also be set to a <code>URL</code> pointing to another policy file * may also be set to a {@code URL} pointing to another policy file
* (which is the case when a user uses the -D switch at runtime). * (which is the case when a user uses the -D switch at runtime).
* If this property is defined, and its use is allowed by the * If this property is defined, and its use is allowed by the
* security property file (the Security property, * security property file (the Security property,
@ -83,35 +83,35 @@ import javax.security.auth.Subject;
* doesn't matter and some are optional, as noted below). * doesn't matter and some are optional, as noted below).
* Italicized items represent variable values. * Italicized items represent variable values.
* *
* <p> A grant entry must begin with the word <code>grant</code>. * <p> A grant entry must begin with the word {@code grant}.
* The <code>signedBy</code> and <code>codeBase</code> * The {@code signedBy} and {@code codeBase}
* name/value pairs are optional. * name/value pairs are optional.
* If they are not present, then any signer (including unsigned code) * If they are not present, then any signer (including unsigned code)
* will match, and any codeBase will match. Note that the * will match, and any codeBase will match. Note that the
* <code>principal</code> name/value pair is not optional. * {@code principal} name/value pair is not optional.
* This <code>Policy</code> implementation only permits * This {@code Policy} implementation only permits
* Principal-based grant entries. Note that the <i>principalClass</i> * Principal-based grant entries. Note that the <i>principalClass</i>
* may be set to the wildcard value, *, which allows it to match * may be set to the wildcard value, *, which allows it to match
* any <code>Principal</code> class. In addition, the <i>principalName</i> * any {@code Principal} class. In addition, the <i>principalName</i>
* may also be set to the wildcard value, *, allowing it to match * may also be set to the wildcard value, *, allowing it to match
* any <code>Principal</code> name. When setting the <i>principalName</i> * any {@code Principal} name. When setting the <i>principalName</i>
* to the *, do not surround the * with quotes. * to the *, do not surround the * with quotes.
* *
* <p> A permission entry must begin with the word <code>permission</code>. * <p> A permission entry must begin with the word {@code permission}.
* The word <code><i>Type</i></code> in the template above is * The word <i>{@code Type}</i> in the template above is
* a specific permission type, such as <code>java.io.FilePermission</code> * a specific permission type, such as {@code java.io.FilePermission}
* or <code>java.lang.RuntimePermission</code>. * or {@code java.lang.RuntimePermission}.
* *
* <p> The "<i>action</i>" is required for * <p> The "<i>action</i>" is required for
* many permission types, such as <code>java.io.FilePermission</code> * many permission types, such as {@code java.io.FilePermission}
* (where it specifies what type of file access that is permitted). * (where it specifies what type of file access that is permitted).
* It is not required for categories such as * It is not required for categories such as
* <code>java.lang.RuntimePermission</code> * {@code java.lang.RuntimePermission}
* where it is not necessary - you either have the * where it is not necessary - you either have the
* permission specified by the <code>"<i>name</i>"</code> * permission specified by the "<i>{@code name}</i>"
* value following the type name or you don't. * value following the type name or you don't.
* *
* <p> The <code>signedBy</code> name/value pair for a permission entry * <p> The {@code signedBy} name/value pair for a permission entry
* is optional. If present, it indicates a signed permission. That is, * is optional. If present, it indicates a signed permission. That is,
* the permission class itself must be signed by the given alias in * the permission class itself must be signed by the given alias in
* order for it to be granted. For example, * order for it to be granted. For example,
@ -124,18 +124,18 @@ import javax.security.auth.Subject;
* </pre> * </pre>
* *
* <p> Then this permission of type <i>Foo</i> is granted if the * <p> Then this permission of type <i>Foo</i> is granted if the
* <code>Foo.class</code> permission has been signed by the * {@code Foo.class} permission has been signed by the
* "FooSoft" alias, or if <code>Foo.class</code> is a * "FooSoft" alias, or if {@code Foo.class} is a
* system class (i.e., is found on the CLASSPATH). * system class (i.e., is found on the CLASSPATH).
* *
* <p> Items that appear in an entry must appear in the specified order * <p> Items that appear in an entry must appear in the specified order
* (<code>permission</code>, <i>Type</i>, "<i>name</i>", and * ({@code permission}, <i>Type</i>, "<i>name</i>", and
* "<i>action</i>"). An entry is terminated with a semicolon. * "<i>action</i>"). An entry is terminated with a semicolon.
* *
* <p> Case is unimportant for the identifiers (<code>permission</code>, * <p> Case is unimportant for the identifiers ({@code permission},
* <code>signedBy</code>, <code>codeBase</code>, etc.) but is * {@code signedBy}, {@code codeBase}, etc.) but is
* significant for the <i>Type</i> * significant for the <i>Type</i>
* or for any string that is passed in as a value. <p> * or for any string that is passed in as a value.
* *
* <p> An example of two entries in a policy configuration file is * <p> An example of two entries in a policy configuration file is
* <pre> * <pre>
@ -153,15 +153,15 @@ import javax.security.auth.Subject;
* permission java.util.PropertyPermission "java.vendor"; * permission java.util.PropertyPermission "java.vendor";
* </pre> * </pre>
* *
* <p> This <code>Policy</code> implementation supports * <p> This {@code Policy} implementation supports
* special handling for PrivateCredentialPermissions. * special handling for PrivateCredentialPermissions.
* If a grant entry is configured with a * If a grant entry is configured with a
* <code>PrivateCredentialPermission</code>, * {@code PrivateCredentialPermission},
* and the "Principal Class/Principal Name" for that * and the "Principal Class/Principal Name" for that
* <code>PrivateCredentialPermission</code> is "self", * {@code PrivateCredentialPermission} is "self",
* then the entry grants the specified <code>Subject</code> permission to * then the entry grants the specified {@code Subject} permission to
* access its own private Credential. For example, * access its own private Credential. For example,
* the following grants the <code>Subject</code> "Duke" * the following grants the {@code Subject} "Duke"
* access to its own a.b.Credential. * access to its own a.b.Credential.
* *
* <pre> * <pre>
@ -172,7 +172,7 @@ import javax.security.auth.Subject;
* }; * };
* </pre> * </pre>
* *
* The following grants the <code>Subject</code> "Duke" * The following grants the {@code Subject} "Duke"
* access to all of its own private Credentials: * access to all of its own private Credentials:
* *
* <pre> * <pre>
@ -184,7 +184,7 @@ import javax.security.auth.Subject;
* </pre> * </pre>
* *
* The following grants all Subjects authenticated as a * The following grants all Subjects authenticated as a
* <code>SolarisPrincipal</code> (regardless of their respective names) * {@code SolarisPrincipal} (regardless of their respective names)
* permission to access their own private Credentials: * permission to access their own private Credentials:
* *
* <pre> * <pre>
@ -207,7 +207,7 @@ import javax.security.auth.Subject;
* </pre> * </pre>
* @deprecated As of JDK&nbsp;1.4, replaced by * @deprecated As of JDK&nbsp;1.4, replaced by
* <code>sun.security.provider.PolicyFile</code>. * {@code sun.security.provider.PolicyFile}.
* This class is entirely deprecated. * This class is entirely deprecated.
* *
* @see java.security.CodeSource * @see java.security.CodeSource
@ -232,10 +232,8 @@ public class PolicyFile extends javax.security.auth.Policy {
/** /**
* Refreshes the policy object by re-reading all the policy files. * Refreshes the policy object by re-reading all the policy files.
* *
* <p>
*
* @exception SecurityException if the caller doesn't have permission * @exception SecurityException if the caller doesn't have permission
* to refresh the <code>Policy</code>. * to refresh the {@code Policy}.
*/ */
@Override @Override
public void refresh() { public void refresh() {
@ -243,59 +241,56 @@ public class PolicyFile extends javax.security.auth.Policy {
} }
/** /**
* Examines this <code>Policy</code> and returns the Permissions granted * Examines this {@code Policy} and returns the Permissions granted
* to the specified <code>Subject</code> and <code>CodeSource</code>. * to the specified {@code Subject} and {@code CodeSource}.
* *
* <p> Permissions for a particular <i>grant</i> entry are returned * <p> Permissions for a particular <i>grant</i> entry are returned
* if the <code>CodeSource</code> constructed using the codebase and * if the {@code CodeSource} constructed using the codebase and
* signedby values specified in the entry <code>implies</code> * signedby values specified in the entry {@code implies}
* the <code>CodeSource</code> provided to this method, and if the * the {@code CodeSource} provided to this method, and if the
* <code>Subject</code> provided to this method contains all of the * {@code Subject} provided to this method contains all of the
* Principals specified in the entry. * Principals specified in the entry.
* *
* <p> The <code>Subject</code> provided to this method contains all * <p> The {@code Subject} provided to this method contains all
* of the Principals specified in the entry if, for each * of the Principals specified in the entry if, for each
* <code>Principal</code>, "P1", specified in the <i>grant</i> entry * {@code Principal}, "P1", specified in the <i>grant</i> entry
* one of the following two conditions is met: * one of the following two conditions is met:
* *
* <p>
* <ol> * <ol>
* <li> the <code>Subject</code> has a * <li> the {@code Subject} has a
* <code>Principal</code>, "P2", where * {@code Principal}, "P2", where
* <code>P2.getClass().getName()</code> equals the * {@code P2.getClass().getName()} equals the
* P1's class name, and where * P1's class name, and where
* <code>P2.getName()</code> equals the P1's name. * {@code P2.getName()} equals the P1's name.
* *
* <li> P1 implements * <li> P1 implements
* <code>com.sun.security.auth.PrincipalComparator</code>, * {@code com.sun.security.auth.PrincipalComparator},
* and <code>P1.implies</code> the provided <code>Subject</code>. * and {@code P1.implies} the provided {@code Subject}.
* </ol> * </ol>
* *
* <p> Note that this <code>Policy</code> implementation has * <p> Note that this {@code Policy} implementation has
* special handling for PrivateCredentialPermissions. * special handling for PrivateCredentialPermissions.
* When this method encounters a <code>PrivateCredentialPermission</code> * When this method encounters a {@code PrivateCredentialPermission}
* which specifies "self" as the <code>Principal</code> class and name, * which specifies "self" as the {@code Principal} class and name,
* it does not add that <code>Permission</code> to the returned * it does not add that {@code Permission} to the returned
* <code>PermissionCollection</code>. Instead, it builds * {@code PermissionCollection}. Instead, it builds
* a new <code>PrivateCredentialPermission</code> * a new {@code PrivateCredentialPermission}
* for each <code>Principal</code> associated with the provided * for each {@code Principal} associated with the provided
* <code>Subject</code>. Each new <code>PrivateCredentialPermission</code> * {@code Subject}. Each new {@code PrivateCredentialPermission}
* contains the same Credential class as specified in the * contains the same Credential class as specified in the
* originally granted permission, as well as the Class and name * originally granted permission, as well as the Class and name
* for the respective <code>Principal</code>. * for the respective {@code Principal}.
* *
* <p> * @param subject the Permissions granted to this {@code Subject}
* * and the additionally provided {@code CodeSource}
* @param subject the Permissions granted to this <code>Subject</code>
* and the additionally provided <code>CodeSource</code>
* are returned. <p>
*
* @param codesource the Permissions granted to this <code>CodeSource</code>
* and the additionally provided <code>Subject</code>
* are returned. * are returned.
* *
* @return the Permissions granted to the provided <code>Subject</code> * @param codesource the Permissions granted to this {@code CodeSource}
* <code>CodeSource</code>. * and the additionally provided {@code Subject}
* are returned.
*
* @return the Permissions granted to the provided {@code Subject}
* {@code CodeSource}.
*/ */
@Override @Override
public PermissionCollection getPermissions(final Subject subject, public PermissionCollection getPermissions(final Subject subject,

30
jdk/src/jdk.security.auth/share/classes/com/sun/security/auth/PrincipalComparator.java
View File

@ -26,25 +26,25 @@
package com.sun.security.auth; package com.sun.security.auth;
/** /**
* An object that implements the <code>java.security.Principal</code> * An object that implements the {@code java.security.Principal}
* interface typically also implements this interface to provide * interface typically also implements this interface to provide
* a means for comparing that object to a specified <code>Subject</code>. * a means for comparing that object to a specified {@code Subject}.
* *
* <p> The comparison is achieved via the <code>implies</code> method. * <p> The comparison is achieved via the {@code implies} method.
* The implementation of the <code>implies</code> method determines * The implementation of the {@code implies} method determines
* whether this object "implies" the specified <code>Subject</code>. * whether this object "implies" the specified {@code Subject}.
* One example application of this method may be for * One example application of this method may be for
* a "group" object to imply a particular <code>Subject</code> * a "group" object to imply a particular {@code Subject}
* if that <code>Subject</code> belongs to the group. * if that {@code Subject} belongs to the group.
* Another example application of this method would be for * Another example application of this method would be for
* "role" object to imply a particular <code>Subject</code> * "role" object to imply a particular {@code Subject}
* if that <code>Subject</code> is currently acting in that role. * if that {@code Subject} is currently acting in that role.
* *
* <p> Although classes that implement this interface typically * <p> Although classes that implement this interface typically
* also implement the <code>java.security.Principal</code> interface, * also implement the {@code java.security.Principal} interface,
* it is not required. In other words, classes may implement the * it is not required. In other words, classes may implement the
* <code>java.security.Principal</code> interface by itself, * {@code java.security.Principal} interface by itself,
* the <code>PrincipalComparator</code> interface by itself, * the {@code PrincipalComparator} interface by itself,
* or both at the same time. * or both at the same time.
* *
* @see java.security.Principal * @see java.security.Principal
@ -53,12 +53,10 @@ package com.sun.security.auth;
@jdk.Exported @jdk.Exported
public interface PrincipalComparator { public interface PrincipalComparator {
/** /**
* Check if the specified <code>Subject</code> is implied by * Check if the specified {@code Subject} is implied by
* this object. * this object.
* *
* <p> * @return true if the specified {@code Subject} is implied by
*
* @return true if the specified <code>Subject</code> is implied by
* this object, or false otherwise. * this object, or false otherwise.
*/ */
boolean implies(javax.security.auth.Subject subject); boolean implies(javax.security.auth.Subject subject);

66
jdk/src/jdk.security.auth/share/classes/com/sun/security/auth/SolarisNumericGroupPrincipal.java
View File

@ -28,15 +28,15 @@ package com.sun.security.auth;
import java.security.Principal; import java.security.Principal;
/** /**
* <p> This class implements the <code>Principal</code> interface * This class implements the {@code Principal} interface
* and represents a user's Solaris group identification number (GID). * and represents a user's Solaris group identification number (GID).
* *
* <p> Principals such as this <code>SolarisNumericGroupPrincipal</code> * <p> Principals such as this {@code SolarisNumericGroupPrincipal}
* may be associated with a particular <code>Subject</code> * may be associated with a particular {@code Subject}
* to augment that <code>Subject</code> with an additional * to augment that {@code Subject} with an additional
* identity. Refer to the <code>Subject</code> class for more information * identity. Refer to the {@code Subject} class for more information
* on how to achieve this. Authorization decisions can then be based upon * on how to achieve this. Authorization decisions can then be based upon
* the Principals associated with a <code>Subject</code>. * the Principals associated with a {@code Subject}.
* @deprecated As of JDK&nbsp;1.4, replaced by * @deprecated As of JDK&nbsp;1.4, replaced by
* {@link UnixNumericGroupPrincipal}. * {@link UnixNumericGroupPrincipal}.
@ -73,20 +73,18 @@ public class SolarisNumericGroupPrincipal implements
private boolean primaryGroup; private boolean primaryGroup;
/** /**
* Create a <code>SolarisNumericGroupPrincipal</code> using a * Create a {@code SolarisNumericGroupPrincipal} using a
* <code>String</code> representation of the user's * {@code String} representation of the user's
* group identification number (GID). * group identification number (GID).
* *
* <p>
*
* @param name the user's group identification number (GID) * @param name the user's group identification number (GID)
* for this user. <p> * for this user.
* *
* @param primaryGroup true if the specified GID represents the * @param primaryGroup true if the specified GID represents the
* primary group to which this user belongs. * primary group to which this user belongs.
* *
* @exception NullPointerException if the <code>name</code> * @exception NullPointerException if the {@code name}
* is <code>null</code>. * is {@code null}.
*/ */
public SolarisNumericGroupPrincipal(String name, boolean primaryGroup) { public SolarisNumericGroupPrincipal(String name, boolean primaryGroup) {
if (name == null) if (name == null)
@ -97,13 +95,11 @@ public class SolarisNumericGroupPrincipal implements
} }
/** /**
* Create a <code>SolarisNumericGroupPrincipal</code> using a * Create a {@code SolarisNumericGroupPrincipal} using a
* long representation of the user's group identification number (GID). * long representation of the user's group identification number (GID).
* *
* <p>
*
* @param name the user's group identification number (GID) for this user * @param name the user's group identification number (GID) for this user
* represented as a long. <p> * represented as a long.
* *
* @param primaryGroup true if the specified GID represents the * @param primaryGroup true if the specified GID represents the
* primary group to which this user belongs. * primary group to which this user belongs.
@ -116,12 +112,10 @@ public class SolarisNumericGroupPrincipal implements
/** /**
* Return the user's group identification number (GID) for this * Return the user's group identification number (GID) for this
* <code>SolarisNumericGroupPrincipal</code>. * {@code SolarisNumericGroupPrincipal}.
*
* <p>
* *
* @return the user's group identification number (GID) for this * @return the user's group identification number (GID) for this
* <code>SolarisNumericGroupPrincipal</code> * {@code SolarisNumericGroupPrincipal}
*/ */
public String getName() { public String getName() {
return name; return name;
@ -129,12 +123,10 @@ public class SolarisNumericGroupPrincipal implements
/** /**
* Return the user's group identification number (GID) for this * Return the user's group identification number (GID) for this
* <code>SolarisNumericGroupPrincipal</code> as a long. * {@code SolarisNumericGroupPrincipal} as a long.
*
* <p>
* *
* @return the user's group identification number (GID) for this * @return the user's group identification number (GID) for this
* <code>SolarisNumericGroupPrincipal</code> as a long. * {@code SolarisNumericGroupPrincipal} as a long.
*/ */
public long longValue() { public long longValue() {
return Long.parseLong(name); return Long.parseLong(name);
@ -144,8 +136,6 @@ public class SolarisNumericGroupPrincipal implements
* Return whether this group identification number (GID) represents * Return whether this group identification number (GID) represents
* the primary group to which this user belongs. * the primary group to which this user belongs.
* *
* <p>
*
* @return true if this group identification number (GID) represents * @return true if this group identification number (GID) represents
* the primary group to which this user belongs, * the primary group to which this user belongs,
* or false otherwise. * or false otherwise.
@ -156,12 +146,10 @@ public class SolarisNumericGroupPrincipal implements
/** /**
* Return a string representation of this * Return a string representation of this
* <code>SolarisNumericGroupPrincipal</code>. * {@code SolarisNumericGroupPrincipal}.
*
* <p>
* *
* @return a string representation of this * @return a string representation of this
* <code>SolarisNumericGroupPrincipal</code>. * {@code SolarisNumericGroupPrincipal}.
*/ */
public String toString() { public String toString() {
return((primaryGroup ? return((primaryGroup ?
@ -173,19 +161,17 @@ public class SolarisNumericGroupPrincipal implements
/** /**
* Compares the specified Object with this * Compares the specified Object with this
* <code>SolarisNumericGroupPrincipal</code> * {@code SolarisNumericGroupPrincipal}
* for equality. Returns true if the given object is also a * for equality. Returns true if the given object is also a
* <code>SolarisNumericGroupPrincipal</code> and the two * {@code SolarisNumericGroupPrincipal} and the two
* SolarisNumericGroupPrincipals * SolarisNumericGroupPrincipals
* have the same group identification number (GID). * have the same group identification number (GID).
* *
* <p>
*
* @param o Object to be compared for equality with this * @param o Object to be compared for equality with this
* <code>SolarisNumericGroupPrincipal</code>. * {@code SolarisNumericGroupPrincipal}.
* *
* @return true if the specified Object is equal to this * @return true if the specified Object is equal to this
* <code>SolarisNumericGroupPrincipal</code>. * {@code SolarisNumericGroupPrincipal}.
*/ */
public boolean equals(Object o) { public boolean equals(Object o) {
if (o == null) if (o == null)
@ -205,11 +191,9 @@ public class SolarisNumericGroupPrincipal implements
} }
/** /**
* Return a hash code for this <code>SolarisNumericGroupPrincipal</code>. * Return a hash code for this {@code SolarisNumericGroupPrincipal}.
* *
* <p> * @return a hash code for this {@code SolarisNumericGroupPrincipal}.
*
* @return a hash code for this <code>SolarisNumericGroupPrincipal</code>.
*/ */
public int hashCode() { public int hashCode() {
return toString().hashCode(); return toString().hashCode();

63
jdk/src/jdk.security.auth/share/classes/com/sun/security/auth/SolarisNumericUserPrincipal.java
View File

@ -28,15 +28,15 @@ package com.sun.security.auth;
import java.security.Principal; import java.security.Principal;
/** /**
* <p> This class implements the <code>Principal</code> interface * This class implements the {@code Principal} interface
* and represents a user's Solaris identification number (UID). * and represents a user's Solaris identification number (UID).
* *
* <p> Principals such as this <code>SolarisNumericUserPrincipal</code> * <p> Principals such as this {@code SolarisNumericUserPrincipal}
* may be associated with a particular <code>Subject</code> * may be associated with a particular {@code Subject}
* to augment that <code>Subject</code> with an additional * to augment that {@code Subject} with an additional
* identity. Refer to the <code>Subject</code> class for more information * identity. Refer to the {@code Subject} class for more information
* on how to achieve this. Authorization decisions can then be based upon * on how to achieve this. Authorization decisions can then be based upon
* the Principals associated with a <code>Subject</code>. * the Principals associated with a {@code Subject}.
* @deprecated As of JDK&nbsp;1.4, replaced by * @deprecated As of JDK&nbsp;1.4, replaced by
* {@link UnixNumericUserPrincipal}. * {@link UnixNumericUserPrincipal}.
* This class is entirely deprecated. * This class is entirely deprecated.
@ -68,16 +68,14 @@ public class SolarisNumericUserPrincipal implements
private String name; private String name;
/** /**
* Create a <code>SolarisNumericUserPrincipal</code> using a * Create a {@code SolarisNumericUserPrincipal} using a
* <code>String</code> representation of the * {@code String} representation of the
* user's identification number (UID). * user's identification number (UID).
* *
* <p>
*
* @param name the user identification number (UID) for this user. * @param name the user identification number (UID) for this user.
* *
* @exception NullPointerException if the <code>name</code> * @exception NullPointerException if the {@code name}
* is <code>null</code>. * is {@code null}.
*/ */
public SolarisNumericUserPrincipal(String name) { public SolarisNumericUserPrincipal(String name) {
if (name == null) if (name == null)
@ -87,11 +85,9 @@ public class SolarisNumericUserPrincipal implements
} }
/** /**
* Create a <code>SolarisNumericUserPrincipal</code> using a * Create a {@code SolarisNumericUserPrincipal} using a
* long representation of the user's identification number (UID). * long representation of the user's identification number (UID).
* *
* <p>
*
* @param name the user identification number (UID) for this user * @param name the user identification number (UID) for this user
* represented as a long. * represented as a long.
*/ */
@ -101,12 +97,10 @@ public class SolarisNumericUserPrincipal implements
/** /**
* Return the user identification number (UID) for this * Return the user identification number (UID) for this
* <code>SolarisNumericUserPrincipal</code>. * {@code SolarisNumericUserPrincipal}.
*
* <p>
* *
* @return the user identification number (UID) for this * @return the user identification number (UID) for this
* <code>SolarisNumericUserPrincipal</code> * {@code SolarisNumericUserPrincipal}
*/ */
public String getName() { public String getName() {
return name; return name;
@ -114,12 +108,10 @@ public class SolarisNumericUserPrincipal implements
/** /**
* Return the user identification number (UID) for this * Return the user identification number (UID) for this
* <code>SolarisNumericUserPrincipal</code> as a long. * {@code SolarisNumericUserPrincipal} as a long.
*
* <p>
* *
* @return the user identification number (UID) for this * @return the user identification number (UID) for this
* <code>SolarisNumericUserPrincipal</code> as a long. * {@code SolarisNumericUserPrincipal} as a long.
*/ */
public long longValue() { public long longValue() {
return Long.parseLong(name); return Long.parseLong(name);
@ -127,12 +119,10 @@ public class SolarisNumericUserPrincipal implements
/** /**
* Return a string representation of this * Return a string representation of this
* <code>SolarisNumericUserPrincipal</code>. * {@code SolarisNumericUserPrincipal}.
*
* <p>
* *
* @return a string representation of this * @return a string representation of this
* <code>SolarisNumericUserPrincipal</code>. * {@code SolarisNumericUserPrincipal}.
*/ */
public String toString() { public String toString() {
return(rb.getString("SolarisNumericUserPrincipal.") + name); return(rb.getString("SolarisNumericUserPrincipal.") + name);
@ -140,19 +130,17 @@ public class SolarisNumericUserPrincipal implements
/** /**
* Compares the specified Object with this * Compares the specified Object with this
* <code>SolarisNumericUserPrincipal</code> * {@code SolarisNumericUserPrincipal}
* for equality. Returns true if the given object is also a * for equality. Returns true if the given object is also a
* <code>SolarisNumericUserPrincipal</code> and the two * {@code SolarisNumericUserPrincipal} and the two
* SolarisNumericUserPrincipals * SolarisNumericUserPrincipals
* have the same user identification number (UID). * have the same user identification number (UID).
* *
* <p>
*
* @param o Object to be compared for equality with this * @param o Object to be compared for equality with this
* <code>SolarisNumericUserPrincipal</code>. * {@code SolarisNumericUserPrincipal}.
* *
* @return true if the specified Object is equal to this * @return true if the specified Object is equal to this
* <code>SolarisNumericUserPrincipal</code>. * {@code SolarisNumericUserPrincipal}.
*/ */
public boolean equals(Object o) { public boolean equals(Object o) {
if (o == null) if (o == null)
@ -167,15 +155,14 @@ public class SolarisNumericUserPrincipal implements
if (this.getName().equals(that.getName())) if (this.getName().equals(that.getName()))
return true; return true;
return false;
return false;
} }
/** /**
* Return a hash code for this <code>SolarisNumericUserPrincipal</code>. * Return a hash code for this {@code SolarisNumericUserPrincipal}.
* *
* <p> * @return a hash code for this {@code SolarisNumericUserPrincipal}.
*
* @return a hash code for this <code>SolarisNumericUserPrincipal</code>.
*/ */
public int hashCode() { public int hashCode() {
return name.hashCode(); return name.hashCode();

46
jdk/src/jdk.security.auth/share/classes/com/sun/security/auth/SolarisPrincipal.java
View File

@ -28,15 +28,15 @@ package com.sun.security.auth;
import java.security.Principal; import java.security.Principal;
/** /**
* <p> This class implements the <code>Principal</code> interface * This class implements the {@code Principal} interface
* and represents a Solaris user. * and represents a Solaris user.
* *
* <p> Principals such as this <code>SolarisPrincipal</code> * <p> Principals such as this {@code SolarisPrincipal}
* may be associated with a particular <code>Subject</code> * may be associated with a particular {@code Subject}
* to augment that <code>Subject</code> with an additional * to augment that {@code Subject} with an additional
* identity. Refer to the <code>Subject</code> class for more information * identity. Refer to the {@code Subject} class for more information
* on how to achieve this. Authorization decisions can then be based upon * on how to achieve this. Authorization decisions can then be based upon
* the Principals associated with a <code>Subject</code>. * the Principals associated with a {@code Subject}.
* *
* @deprecated As of JDK&nbsp;1.4, replaced by * @deprecated As of JDK&nbsp;1.4, replaced by
* {@link UnixPrincipal}. * {@link UnixPrincipal}.
@ -68,12 +68,10 @@ public class SolarisPrincipal implements Principal, java.io.Serializable {
/** /**
* Create a SolarisPrincipal with a Solaris username. * Create a SolarisPrincipal with a Solaris username.
* *
* <p>
*
* @param name the Unix username for this user. * @param name the Unix username for this user.
* *
* @exception NullPointerException if the <code>name</code> * @exception NullPointerException if the {@code name}
* is <code>null</code>. * is {@code null}.
*/ */
public SolarisPrincipal(String name) { public SolarisPrincipal(String name) {
if (name == null) if (name == null)
@ -83,40 +81,34 @@ public class SolarisPrincipal implements Principal, java.io.Serializable {
} }
/** /**
* Return the Unix username for this <code>SolarisPrincipal</code>. * Return the Unix username for this {@code SolarisPrincipal}.
* *
* <p> * @return the Unix username for this {@code SolarisPrincipal}
*
* @return the Unix username for this <code>SolarisPrincipal</code>
*/ */
public String getName() { public String getName() {
return name; return name;
} }
/** /**
* Return a string representation of this <code>SolarisPrincipal</code>. * Return a string representation of this {@code SolarisPrincipal}.
* *
* <p> * @return a string representation of this {@code SolarisPrincipal}.
*
* @return a string representation of this <code>SolarisPrincipal</code>.
*/ */
public String toString() { public String toString() {
return(rb.getString("SolarisPrincipal.") + name); return(rb.getString("SolarisPrincipal.") + name);
} }
/** /**
* Compares the specified Object with this <code>SolarisPrincipal</code> * Compares the specified Object with this {@code SolarisPrincipal}
* for equality. Returns true if the given object is also a * for equality. Returns true if the given object is also a
* <code>SolarisPrincipal</code> and the two SolarisPrincipals * {@code SolarisPrincipal} and the two SolarisPrincipals
* have the same username. * have the same username.
* *
* <p>
*
* @param o Object to be compared for equality with this * @param o Object to be compared for equality with this
* <code>SolarisPrincipal</code>. * {@code SolarisPrincipal}.
* *
* @return true if the specified Object is equal to this * @return true if the specified Object is equal to this
* <code>SolarisPrincipal</code>. * {@code SolarisPrincipal}.
*/ */
public boolean equals(Object o) { public boolean equals(Object o) {
if (o == null) if (o == null)
@ -135,11 +127,9 @@ public class SolarisPrincipal implements Principal, java.io.Serializable {
} }
/** /**
* Return a hash code for this <code>SolarisPrincipal</code>. * Return a hash code for this {@code SolarisPrincipal}.
* *
* <p> * @return a hash code for this {@code SolarisPrincipal}.
*
* @return a hash code for this <code>SolarisPrincipal</code>.
*/ */
public int hashCode() { public int hashCode() {
return name.hashCode(); return name.hashCode();

66
jdk/src/jdk.security.auth/share/classes/com/sun/security/auth/UnixNumericGroupPrincipal.java
View File

@ -28,15 +28,15 @@ package com.sun.security.auth;
import java.security.Principal; import java.security.Principal;
/** /**
* <p> This class implements the <code>Principal</code> interface * This class implements the {@code Principal} interface
* and represents a user's Unix group identification number (GID). * and represents a user's Unix group identification number (GID).
* *
* <p> Principals such as this <code>UnixNumericGroupPrincipal</code> * <p> Principals such as this {@code UnixNumericGroupPrincipal}
* may be associated with a particular <code>Subject</code> * may be associated with a particular {@code Subject}
* to augment that <code>Subject</code> with an additional * to augment that {@code Subject} with an additional
* identity. Refer to the <code>Subject</code> class for more information * identity. Refer to the {@code Subject} class for more information
* on how to achieve this. Authorization decisions can then be based upon * on how to achieve this. Authorization decisions can then be based upon
* the Principals associated with a <code>Subject</code>. * the Principals associated with a {@code Subject}.
* *
* @see java.security.Principal * @see java.security.Principal
* @see javax.security.auth.Subject * @see javax.security.auth.Subject
@ -59,20 +59,18 @@ public class UnixNumericGroupPrincipal implements
private boolean primaryGroup; private boolean primaryGroup;
/** /**
* Create a <code>UnixNumericGroupPrincipal</code> using a * Create a {@code UnixNumericGroupPrincipal} using a
* <code>String</code> representation of the user's * {@code String} representation of the user's
* group identification number (GID). * group identification number (GID).
* *
* <p>
*
* @param name the user's group identification number (GID) * @param name the user's group identification number (GID)
* for this user. <p> * for this user.
* *
* @param primaryGroup true if the specified GID represents the * @param primaryGroup true if the specified GID represents the
* primary group to which this user belongs. * primary group to which this user belongs.
* *
* @exception NullPointerException if the <code>name</code> * @exception NullPointerException if the {@code name}
* is <code>null</code>. * is {@code null}.
*/ */
public UnixNumericGroupPrincipal(String name, boolean primaryGroup) { public UnixNumericGroupPrincipal(String name, boolean primaryGroup) {
if (name == null) { if (name == null) {
@ -89,13 +87,11 @@ public class UnixNumericGroupPrincipal implements
} }
/** /**
* Create a <code>UnixNumericGroupPrincipal</code> using a * Create a {@code UnixNumericGroupPrincipal} using a
* long representation of the user's group identification number (GID). * long representation of the user's group identification number (GID).
* *
* <p>
*
* @param name the user's group identification number (GID) for this user * @param name the user's group identification number (GID) for this user
* represented as a long. <p> * represented as a long.
* *
* @param primaryGroup true if the specified GID represents the * @param primaryGroup true if the specified GID represents the
* primary group to which this user belongs. * primary group to which this user belongs.
@ -108,12 +104,10 @@ public class UnixNumericGroupPrincipal implements
/** /**
* Return the user's group identification number (GID) for this * Return the user's group identification number (GID) for this
* <code>UnixNumericGroupPrincipal</code>. * {@code UnixNumericGroupPrincipal}.
*
* <p>
* *
* @return the user's group identification number (GID) for this * @return the user's group identification number (GID) for this
* <code>UnixNumericGroupPrincipal</code> * {@code UnixNumericGroupPrincipal}
*/ */
public String getName() { public String getName() {
return name; return name;
@ -121,12 +115,10 @@ public class UnixNumericGroupPrincipal implements
/** /**
* Return the user's group identification number (GID) for this * Return the user's group identification number (GID) for this
* <code>UnixNumericGroupPrincipal</code> as a long. * {@code UnixNumericGroupPrincipal} as a long.
*
* <p>
* *
* @return the user's group identification number (GID) for this * @return the user's group identification number (GID) for this
* <code>UnixNumericGroupPrincipal</code> as a long. * {@code UnixNumericGroupPrincipal} as a long.
*/ */
public long longValue() { public long longValue() {
return Long.parseLong(name); return Long.parseLong(name);
@ -136,8 +128,6 @@ public class UnixNumericGroupPrincipal implements
* Return whether this group identification number (GID) represents * Return whether this group identification number (GID) represents
* the primary group to which this user belongs. * the primary group to which this user belongs.
* *
* <p>
*
* @return true if this group identification number (GID) represents * @return true if this group identification number (GID) represents
* the primary group to which this user belongs, * the primary group to which this user belongs,
* or false otherwise. * or false otherwise.
@ -148,12 +138,10 @@ public class UnixNumericGroupPrincipal implements
/** /**
* Return a string representation of this * Return a string representation of this
* <code>UnixNumericGroupPrincipal</code>. * {@code UnixNumericGroupPrincipal}.
*
* <p>
* *
* @return a string representation of this * @return a string representation of this
* <code>UnixNumericGroupPrincipal</code>. * {@code UnixNumericGroupPrincipal}.
*/ */
public String toString() { public String toString() {
@ -176,19 +164,17 @@ public class UnixNumericGroupPrincipal implements
/** /**
* Compares the specified Object with this * Compares the specified Object with this
* <code>UnixNumericGroupPrincipal</code> * {@code UnixNumericGroupPrincipal}
* for equality. Returns true if the given object is also a * for equality. Returns true if the given object is also a
* <code>UnixNumericGroupPrincipal</code> and the two * {@code UnixNumericGroupPrincipal} and the two
* UnixNumericGroupPrincipals * UnixNumericGroupPrincipals
* have the same group identification number (GID). * have the same group identification number (GID).
* *
* <p>
*
* @param o Object to be compared for equality with this * @param o Object to be compared for equality with this
* <code>UnixNumericGroupPrincipal</code>. * {@code UnixNumericGroupPrincipal}.
* *
* @return true if the specified Object is equal to this * @return true if the specified Object is equal to this
* <code>UnixNumericGroupPrincipal</code>. * {@code UnixNumericGroupPrincipal}.
*/ */
public boolean equals(Object o) { public boolean equals(Object o) {
if (o == null) if (o == null)
@ -208,11 +194,9 @@ public class UnixNumericGroupPrincipal implements
} }
/** /**
* Return a hash code for this <code>UnixNumericGroupPrincipal</code>. * Return a hash code for this {@code UnixNumericGroupPrincipal}.
* *
* <p> * @return a hash code for this {@code UnixNumericGroupPrincipal}.
*
* @return a hash code for this <code>UnixNumericGroupPrincipal</code>.
*/ */
public int hashCode() { public int hashCode() {
return toString().hashCode(); return toString().hashCode();

60
jdk/src/jdk.security.auth/share/classes/com/sun/security/auth/UnixNumericUserPrincipal.java
View File

@ -28,15 +28,15 @@ package com.sun.security.auth;
import java.security.Principal; import java.security.Principal;
/** /**
* <p> This class implements the <code>Principal</code> interface * This class implements the {@code Principal} interface
* and represents a user's Unix identification number (UID). * and represents a user's Unix identification number (UID).
* *
* <p> Principals such as this <code>UnixNumericUserPrincipal</code> * <p> Principals such as this {@code UnixNumericUserPrincipal}
* may be associated with a particular <code>Subject</code> * may be associated with a particular {@code Subject}
* to augment that <code>Subject</code> with an additional * to augment that {@code Subject} with an additional
* identity. Refer to the <code>Subject</code> class for more information * identity. Refer to the {@code Subject} class for more information
* on how to achieve this. Authorization decisions can then be based upon * on how to achieve this. Authorization decisions can then be based upon
* the Principals associated with a <code>Subject</code>. * the Principals associated with a {@code Subject}.
* *
* @see java.security.Principal * @see java.security.Principal
* @see javax.security.auth.Subject * @see javax.security.auth.Subject
@ -53,16 +53,14 @@ public class UnixNumericUserPrincipal implements
private String name; private String name;
/** /**
* Create a <code>UnixNumericUserPrincipal</code> using a * Create a {@code UnixNumericUserPrincipal} using a
* <code>String</code> representation of the * {@code String} representation of the
* user's identification number (UID). * user's identification number (UID).
* *
* <p>
*
* @param name the user identification number (UID) for this user. * @param name the user identification number (UID) for this user.
* *
* @exception NullPointerException if the <code>name</code> * @exception NullPointerException if the {@code name}
* is <code>null</code>. * is {@code null}.
*/ */
public UnixNumericUserPrincipal(String name) { public UnixNumericUserPrincipal(String name) {
if (name == null) { if (name == null) {
@ -78,11 +76,9 @@ public class UnixNumericUserPrincipal implements
} }
/** /**
* Create a <code>UnixNumericUserPrincipal</code> using a * Create a {@code UnixNumericUserPrincipal} using a
* long representation of the user's identification number (UID). * long representation of the user's identification number (UID).
* *
* <p>
*
* @param name the user identification number (UID) for this user * @param name the user identification number (UID) for this user
* represented as a long. * represented as a long.
*/ */
@ -92,12 +88,10 @@ public class UnixNumericUserPrincipal implements
/** /**
* Return the user identification number (UID) for this * Return the user identification number (UID) for this
* <code>UnixNumericUserPrincipal</code>. * {@code UnixNumericUserPrincipal}.
*
* <p>
* *
* @return the user identification number (UID) for this * @return the user identification number (UID) for this
* <code>UnixNumericUserPrincipal</code> * {@code UnixNumericUserPrincipal}
*/ */
public String getName() { public String getName() {
return name; return name;
@ -105,12 +99,10 @@ public class UnixNumericUserPrincipal implements
/** /**
* Return the user identification number (UID) for this * Return the user identification number (UID) for this
* <code>UnixNumericUserPrincipal</code> as a long. * {@code UnixNumericUserPrincipal} as a long.
*
* <p>
* *
* @return the user identification number (UID) for this * @return the user identification number (UID) for this
* <code>UnixNumericUserPrincipal</code> as a long. * {@code UnixNumericUserPrincipal} as a long.
*/ */
public long longValue() { public long longValue() {
return Long.parseLong(name); return Long.parseLong(name);
@ -118,12 +110,10 @@ public class UnixNumericUserPrincipal implements
/** /**
* Return a string representation of this * Return a string representation of this
* <code>UnixNumericUserPrincipal</code>. * {@code UnixNumericUserPrincipal}.
*
* <p>
* *
* @return a string representation of this * @return a string representation of this
* <code>UnixNumericUserPrincipal</code>. * {@code UnixNumericUserPrincipal}.
*/ */
public String toString() { public String toString() {
java.text.MessageFormat form = new java.text.MessageFormat java.text.MessageFormat form = new java.text.MessageFormat
@ -136,19 +126,17 @@ public class UnixNumericUserPrincipal implements
/** /**
* Compares the specified Object with this * Compares the specified Object with this
* <code>UnixNumericUserPrincipal</code> * {@code UnixNumericUserPrincipal}
* for equality. Returns true if the given object is also a * for equality. Returns true if the given object is also a
* <code>UnixNumericUserPrincipal</code> and the two * {@code UnixNumericUserPrincipal} and the two
* UnixNumericUserPrincipals * UnixNumericUserPrincipals
* have the same user identification number (UID). * have the same user identification number (UID).
* *
* <p>
*
* @param o Object to be compared for equality with this * @param o Object to be compared for equality with this
* <code>UnixNumericUserPrincipal</code>. * {@code UnixNumericUserPrincipal}.
* *
* @return true if the specified Object is equal to this * @return true if the specified Object is equal to this
* <code>UnixNumericUserPrincipal</code>. * {@code UnixNumericUserPrincipal}.
*/ */
public boolean equals(Object o) { public boolean equals(Object o) {
if (o == null) if (o == null)
@ -167,11 +155,9 @@ public class UnixNumericUserPrincipal implements
} }
/** /**
* Return a hash code for this <code>UnixNumericUserPrincipal</code>. * Return a hash code for this {@code UnixNumericUserPrincipal}.
* *
* <p> * @return a hash code for this {@code UnixNumericUserPrincipal}.
*
* @return a hash code for this <code>UnixNumericUserPrincipal</code>.
*/ */
public int hashCode() { public int hashCode() {
return name.hashCode(); return name.hashCode();

46
jdk/src/jdk.security.auth/share/classes/com/sun/security/auth/UnixPrincipal.java
View File

@ -28,15 +28,15 @@ package com.sun.security.auth;
import java.security.Principal; import java.security.Principal;
/** /**
* <p> This class implements the <code>Principal</code> interface * This class implements the {@code Principal} interface
* and represents a Unix user. * and represents a Unix user.
* *
* <p> Principals such as this <code>UnixPrincipal</code> * <p> Principals such as this {@code UnixPrincipal}
* may be associated with a particular <code>Subject</code> * may be associated with a particular {@code Subject}
* to augment that <code>Subject</code> with an additional * to augment that {@code Subject} with an additional
* identity. Refer to the <code>Subject</code> class for more information * identity. Refer to the {@code Subject} class for more information
* on how to achieve this. Authorization decisions can then be based upon * on how to achieve this. Authorization decisions can then be based upon
* the Principals associated with a <code>Subject</code>. * the Principals associated with a {@code Subject}.
* *
* @see java.security.Principal * @see java.security.Principal
* @see javax.security.auth.Subject * @see javax.security.auth.Subject
@ -54,12 +54,10 @@ public class UnixPrincipal implements Principal, java.io.Serializable {
/** /**
* Create a UnixPrincipal with a Unix username. * Create a UnixPrincipal with a Unix username.
* *
* <p>
*
* @param name the Unix username for this user. * @param name the Unix username for this user.
* *
* @exception NullPointerException if the <code>name</code> * @exception NullPointerException if the {@code name}
* is <code>null</code>. * is {@code null}.
*/ */
public UnixPrincipal(String name) { public UnixPrincipal(String name) {
if (name == null) { if (name == null) {
@ -75,22 +73,18 @@ public class UnixPrincipal implements Principal, java.io.Serializable {
} }
/** /**
* Return the Unix username for this <code>UnixPrincipal</code>. * Return the Unix username for this {@code UnixPrincipal}.
* *
* <p> * @return the Unix username for this {@code UnixPrincipal}
*
* @return the Unix username for this <code>UnixPrincipal</code>
*/ */
public String getName() { public String getName() {
return name; return name;
} }
/** /**
* Return a string representation of this <code>UnixPrincipal</code>. * Return a string representation of this {@code UnixPrincipal}.
* *
* <p> * @return a string representation of this {@code UnixPrincipal}.
*
* @return a string representation of this <code>UnixPrincipal</code>.
*/ */
public String toString() { public String toString() {
java.text.MessageFormat form = new java.text.MessageFormat java.text.MessageFormat form = new java.text.MessageFormat
@ -102,18 +96,16 @@ public class UnixPrincipal implements Principal, java.io.Serializable {
} }
/** /**
* Compares the specified Object with this <code>UnixPrincipal</code> * Compares the specified Object with this {@code UnixPrincipal}
* for equality. Returns true if the given object is also a * for equality. Returns true if the given object is also a
* <code>UnixPrincipal</code> and the two UnixPrincipals * {@code UnixPrincipal} and the two UnixPrincipals
* have the same username. * have the same username.
* *
* <p>
*
* @param o Object to be compared for equality with this * @param o Object to be compared for equality with this
* <code>UnixPrincipal</code>. * {@code UnixPrincipal}.
* *
* @return true if the specified Object is equal to this * @return true if the specified Object is equal to this
* <code>UnixPrincipal</code>. * {@code UnixPrincipal}.
*/ */
public boolean equals(Object o) { public boolean equals(Object o) {
if (o == null) if (o == null)
@ -132,11 +124,9 @@ public class UnixPrincipal implements Principal, java.io.Serializable {
} }
/** /**
* Return a hash code for this <code>UnixPrincipal</code>. * Return a hash code for this {@code UnixPrincipal}.
* *
* <p> * @return a hash code for this {@code UnixPrincipal}.
*
* @return a hash code for this <code>UnixPrincipal</code>.
*/ */
public int hashCode() { public int hashCode() {
return name.hashCode(); return name.hashCode();

46
jdk/src/jdk.security.auth/share/classes/com/sun/security/auth/X500Principal.java
View File

@ -29,17 +29,17 @@ import java.security.Principal;
import sun.security.x509.X500Name; import sun.security.x509.X500Name;
/** /**
* <p> This class represents an X.500 <code>Principal</code>. * This class represents an X.500 {@code Principal}.
* X500Principals have names such as, * X500Principals have names such as,
* "CN=Duke, OU=JavaSoft, O=Sun Microsystems, C=US" * "CN=Duke, OU=JavaSoft, O=Sun Microsystems, C=US"
* (RFC 1779 style). * (RFC 1779 style).
* *
* <p> Principals such as this <code>X500Principal</code> * <p> Principals such as this {@code X500Principal}
* may be associated with a particular <code>Subject</code> * may be associated with a particular {@code Subject}
* to augment that <code>Subject</code> with an additional * to augment that {@code Subject} with an additional
* identity. Refer to the <code>Subject</code> class for more information * identity. Refer to the {@code Subject} class for more information
* on how to achieve this. Authorization decisions can then be based upon * on how to achieve this. Authorization decisions can then be based upon
* the Principals associated with a <code>Subject</code>. * the Principals associated with a {@code Subject}.
* *
* @see java.security.Principal * @see java.security.Principal
* @see javax.security.auth.Subject * @see javax.security.auth.Subject
@ -76,14 +76,12 @@ public class X500Principal implements Principal, java.io.Serializable {
* such as "CN=Duke, OU=JavaSoft, O=Sun Microsystems, C=US" * such as "CN=Duke, OU=JavaSoft, O=Sun Microsystems, C=US"
* (RFC 1779 style). * (RFC 1779 style).
* *
* <p>
*
* @param name the X.500 name * @param name the X.500 name
* *
* @exception NullPointerException if the <code>name</code> * @exception NullPointerException if the {@code name}
* is <code>null</code>. <p> * is {@code null}.
* *
* @exception IllegalArgumentException if the <code>name</code> * @exception IllegalArgumentException if the {@code name}
* is improperly specified. * is improperly specified.
*/ */
public X500Principal(String name) { public X500Principal(String name) {
@ -100,38 +98,32 @@ public class X500Principal implements Principal, java.io.Serializable {
} }
/** /**
* Return the Unix username for this <code>X500Principal</code>. * Return the Unix username for this {@code X500Principal}.
* *
* <p> * @return the Unix username for this {@code X500Principal}
*
* @return the Unix username for this <code>X500Principal</code>
*/ */
public String getName() { public String getName() {
return thisX500Name.getName(); return thisX500Name.getName();
} }
/** /**
* Return a string representation of this <code>X500Principal</code>. * Return a string representation of this {@code X500Principal}.
* *
* <p> * @return a string representation of this {@code X500Principal}.
*
* @return a string representation of this <code>X500Principal</code>.
*/ */
public String toString() { public String toString() {
return thisX500Name.toString(); return thisX500Name.toString();
} }
/** /**
* Compares the specified Object with this <code>X500Principal</code> * Compares the specified Object with this {@code X500Principal}
* for equality. * for equality.
* *
* <p>
*
* @param o Object to be compared for equality with this * @param o Object to be compared for equality with this
* <code>X500Principal</code>. * {@code X500Principal}.
* *
* @return true if the specified Object is equal to this * @return true if the specified Object is equal to this
* <code>X500Principal</code>. * {@code X500Principal}.
*/ */
public boolean equals(Object o) { public boolean equals(Object o) {
if (o == null) if (o == null)
@ -159,11 +151,9 @@ public class X500Principal implements Principal, java.io.Serializable {
} }
/** /**
* Return a hash code for this <code>X500Principal</code>. * Return a hash code for this {@code X500Principal}.
* *
* <p> * @return a hash code for this {@code X500Principal}.
*
* @return a hash code for this <code>X500Principal</code>.
*/ */
public int hashCode() { public int hashCode() {
return thisX500Name.hashCode(); return thisX500Name.hashCode();

88
jdk/src/jdk.security.auth/share/classes/com/sun/security/auth/module/JndiLoginModule.java
View File

@ -44,28 +44,28 @@ import com.sun.security.auth.UnixNumericGroupPrincipal;
/** /**
* <p> The module prompts for a username and password * The module prompts for a username and password
* and then verifies the password against the password stored in * and then verifies the password against the password stored in
* a directory service configured under JNDI. * a directory service configured under JNDI.
* *
* <p> This <code>LoginModule</code> interoperates with * <p> This {@code LoginModule} interoperates with
* any conformant JNDI service provider. To direct this * any conformant JNDI service provider. To direct this
* <code>LoginModule</code> to use a specific JNDI service provider, * {@code LoginModule} to use a specific JNDI service provider,
* two options must be specified in the login <code>Configuration</code> * two options must be specified in the login {@code Configuration}
* for this <code>LoginModule</code>. * for this {@code LoginModule}.
* <pre> * <pre>
* user.provider.url=<b>name_service_url</b> * user.provider.url=<b>name_service_url</b>
* group.provider.url=<b>name_service_url</b> * group.provider.url=<b>name_service_url</b>
* </pre> * </pre>
* *
* <b>name_service_url</b> specifies * <b>name_service_url</b> specifies
* the directory service and path where this <code>LoginModule</code> * the directory service and path where this {@code LoginModule}
* can access the relevant user and group information. Because this * can access the relevant user and group information. Because this
* <code>LoginModule</code> only performs one-level searches to * {@code LoginModule} only performs one-level searches to
* find the relevant user information, the <code>URL</code> * find the relevant user information, the {@code URL}
* must point to a directory one level above where the user and group * must point to a directory one level above where the user and group
* information is stored in the directory service. * information is stored in the directory service.
* For example, to instruct this <code>LoginModule</code> * For example, to instruct this {@code LoginModule}
* to contact a NIS server, the following URLs must be specified: * to contact a NIS server, the following URLs must be specified:
* <pre> * <pre>
* user.provider.url="nis://<b>NISServerHostName</b>/<b>NISDomain</b>/user" * user.provider.url="nis://<b>NISServerHostName</b>/<b>NISDomain</b>/user"
@ -90,14 +90,14 @@ import com.sun.security.auth.UnixNumericGroupPrincipal;
* *
* <p> The format in which the user's information must be stored in * <p> The format in which the user's information must be stored in
* the directory service is specified in RFC 2307. Specifically, * the directory service is specified in RFC 2307. Specifically,
* this <code>LoginModule</code> will search for the user's entry in the * this {@code LoginModule} will search for the user's entry in the
* directory service using the user's <i>uid</i> attribute, * directory service using the user's <i>uid</i> attribute,
* where <i>uid=<b>username</b></i>. If the search succeeds, * where <i>uid=<b>username</b></i>. If the search succeeds,
* this <code>LoginModule</code> will then * this {@code LoginModule} will then
* obtain the user's encrypted password from the retrieved entry * obtain the user's encrypted password from the retrieved entry
* using the <i>userPassword</i> attribute. * using the <i>userPassword</i> attribute.
* This <code>LoginModule</code> assumes that the password is stored * This {@code LoginModule} assumes that the password is stored
* as a byte array, which when converted to a <code>String</code>, * as a byte array, which when converted to a {@code String},
* has the following format: * has the following format:
* <pre> * <pre>
* "{crypt}<b>encrypted_password</b>" * "{crypt}<b>encrypted_password</b>"
@ -106,12 +106,12 @@ import com.sun.security.auth.UnixNumericGroupPrincipal;
* The LDAP directory server must be configured * The LDAP directory server must be configured
* to permit read access to the userPassword attribute. * to permit read access to the userPassword attribute.
* If the user entered a valid username and password, * If the user entered a valid username and password,
* this <code>LoginModule</code> associates a * this {@code LoginModule} associates a
* <code>UnixPrincipal</code>, <code>UnixNumericUserPrincipal</code>, * {@code UnixPrincipal}, {@code UnixNumericUserPrincipal},
* and the relevant UnixNumericGroupPrincipals with the * and the relevant UnixNumericGroupPrincipals with the
* <code>Subject</code>. * {@code Subject}.
* *
* <p> This LoginModule also recognizes the following <code>Configuration</code> * <p> This LoginModule also recognizes the following {@code Configuration}
* options: * options:
* <pre> * <pre>
* debug if, true, debug messages are output to System.out. * debug if, true, debug messages are output to System.out.
@ -144,7 +144,7 @@ import com.sun.security.auth.UnixNumericGroupPrincipal;
* exist for the username and password in the shared state, * exist for the username and password in the shared state,
* or if authentication fails. * or if authentication fails.
* *
* clearPass if, true, this <code>LoginModule</code> clears the * clearPass if, true, this {@code LoginModule} clears the
* username and password stored in the module's shared state * username and password stored in the module's shared state
* after both phases of authentication (login and commit) * after both phases of authentication (login and commit)
* have completed. * have completed.
@ -208,21 +208,19 @@ public class JndiLoginModule implements LoginModule {
private static final String PWD = "javax.security.auth.login.password"; private static final String PWD = "javax.security.auth.login.password";
/** /**
* Initialize this <code>LoginModule</code>. * Initialize this {@code LoginModule}.
* *
* <p> * @param subject the {@code Subject} to be authenticated.
* *
* @param subject the <code>Subject</code> to be authenticated. <p> * @param callbackHandler a {@code CallbackHandler} for communicating
*
* @param callbackHandler a <code>CallbackHandler</code> for communicating
* with the end user (prompting for usernames and * with the end user (prompting for usernames and
* passwords, for example). <p> * passwords, for example).
* *
* @param sharedState shared <code>LoginModule</code> state. <p> * @param sharedState shared {@code LoginModule} state.
* *
* @param options options specified in the login * @param options options specified in the login
* <code>Configuration</code> for this particular * {@code Configuration} for this particular
* <code>LoginModule</code>. * {@code LoginModule}.
*/ */
// Unchecked warning from (Map<String, Object>)sharedState is safe // Unchecked warning from (Map<String, Object>)sharedState is safe
// since javax.security.auth.login.LoginContext passes a raw HashMap. // since javax.security.auth.login.LoginContext passes a raw HashMap.
@ -255,17 +253,15 @@ public class JndiLoginModule implements LoginModule {
} }
/** /**
* <p> Prompt for username and password. * Prompt for username and password.
* Verify the password against the relevant name service. * Verify the password against the relevant name service.
* *
* <p> * @return true always, since this {@code LoginModule}
*
* @return true always, since this <code>LoginModule</code>
* should not be ignored. * should not be ignored.
* *
* @exception FailedLoginException if the authentication fails. <p> * @exception FailedLoginException if the authentication fails.
* *
* @exception LoginException if this <code>LoginModule</code> * @exception LoginException if this {@code LoginModule}
* is unable to perform the authentication. * is unable to perform the authentication.
*/ */
public boolean login() throws LoginException { public boolean login() throws LoginException {
@ -367,15 +363,13 @@ public class JndiLoginModule implements LoginModule {
* *
* <p> If this LoginModule's own authentication attempt * <p> If this LoginModule's own authentication attempt
* succeeded (checked by retrieving the private state saved by the * succeeded (checked by retrieving the private state saved by the
* <code>login</code> method), then this method associates a * {@code login} method), then this method associates a
* <code>UnixPrincipal</code> * {@code UnixPrincipal}
* with the <code>Subject</code> located in the * with the {@code Subject} located in the
* <code>LoginModule</code>. If this LoginModule's own * {@code LoginModule}. If this LoginModule's own
* authentication attempted failed, then this method removes * authentication attempted failed, then this method removes
* any state that was originally saved. * any state that was originally saved.
* *
* <p>
*
* @exception LoginException if the commit fails * @exception LoginException if the commit fails
* *
* @return true if this LoginModule's own login and commit * @return true if this LoginModule's own login and commit
@ -418,18 +412,16 @@ public class JndiLoginModule implements LoginModule {
} }
/** /**
* <p> This method is called if the LoginContext's * This method is called if the LoginContext's
* overall authentication failed. * overall authentication failed.
* (the relevant REQUIRED, REQUISITE, SUFFICIENT and OPTIONAL LoginModules * (the relevant REQUIRED, REQUISITE, SUFFICIENT and OPTIONAL LoginModules
* did not succeed). * did not succeed).
* *
* <p> If this LoginModule's own authentication attempt * <p> If this LoginModule's own authentication attempt
* succeeded (checked by retrieving the private state saved by the * succeeded (checked by retrieving the private state saved by the
* <code>login</code> and <code>commit</code> methods), * {@code login} and {@code commit} methods),
* then this method cleans up any state that was originally saved. * then this method cleans up any state that was originally saved.
* *
* <p>
*
* @exception LoginException if the abort fails. * @exception LoginException if the abort fails.
* *
* @return false if this LoginModule's own login and/or commit attempts * @return false if this LoginModule's own login and/or commit attempts
@ -464,13 +456,11 @@ public class JndiLoginModule implements LoginModule {
* Logout a user. * Logout a user.
* *
* <p> This method removes the Principals * <p> This method removes the Principals
* that were added by the <code>commit</code> method. * that were added by the {@code commit} method.
*
* <p>
* *
* @exception LoginException if the logout fails. * @exception LoginException if the logout fails.
* *
* @return true in all cases since this <code>LoginModule</code> * @return true in all cases since this {@code LoginModule}
* should not be ignored. * should not be ignored.
*/ */
public boolean logout() throws LoginException { public boolean logout() throws LoginException {
@ -506,8 +496,6 @@ public class JndiLoginModule implements LoginModule {
/** /**
* Attempt authentication * Attempt authentication
* *
* <p>
*
* @param getPasswdFromSharedState boolean that tells this method whether * @param getPasswdFromSharedState boolean that tells this method whether
* to retrieve the password from the sharedState. * to retrieve the password from the sharedState.
*/ */
@ -674,8 +662,6 @@ public class JndiLoginModule implements LoginModule {
* values in the shared state in case subsequent LoginModules * values in the shared state in case subsequent LoginModules
* want to use them via use/tryFirstPass. * want to use them via use/tryFirstPass.
* *
* <p>
*
* @param getPasswdFromSharedState boolean that tells this method whether * @param getPasswdFromSharedState boolean that tells this method whether
* to retrieve the password from the sharedState. * to retrieve the password from the sharedState.
*/ */

80
jdk/src/jdk.security.auth/share/classes/com/sun/security/auth/module/KeyStoreLoginModule.java
View File

@ -55,53 +55,53 @@ import sun.security.util.Password;
/** /**
* Provides a JAAS login module that prompts for a key store alias and * Provides a JAAS login module that prompts for a key store alias and
* populates the subject with the alias's principal and credentials. Stores * populates the subject with the alias's principal and credentials. Stores
* an <code>X500Principal</code> for the subject distinguished name of the * an {@code X500Principal} for the subject distinguished name of the
* first certificate in the alias's credentials in the subject's principals, * first certificate in the alias's credentials in the subject's principals,
* the alias's certificate path in the subject's public credentials, and a * the alias's certificate path in the subject's public credentials, and a
* <code>X500PrivateCredential</code> whose certificate is the first * {@code X500PrivateCredential} whose certificate is the first
* certificate in the alias's certificate path and whose private key is the * certificate in the alias's certificate path and whose private key is the
* alias's private key in the subject's private credentials. <p> * alias's private key in the subject's private credentials. <p>
* *
* Recognizes the following options in the configuration file: * Recognizes the following options in the configuration file:
* <dl> * <dl>
* *
* <dt> <code>keyStoreURL</code> </dt> * <dt> {@code keyStoreURL} </dt>
* <dd> A URL that specifies the location of the key store. Defaults to * <dd> A URL that specifies the location of the key store. Defaults to
* a URL pointing to the .keystore file in the directory specified by the * a URL pointing to the .keystore file in the directory specified by the
* <code>user.home</code> system property. The input stream from this * {@code user.home} system property. The input stream from this
* URL is passed to the <code>KeyStore.load</code> method. * URL is passed to the {@code KeyStore.load} method.
* "NONE" may be specified if a <code>null</code> stream must be * "NONE" may be specified if a {@code null} stream must be
* passed to the <code>KeyStore.load</code> method. * passed to the {@code KeyStore.load} method.
* "NONE" should be specified if the KeyStore resides * "NONE" should be specified if the KeyStore resides
* on a hardware token device, for example.</dd> * on a hardware token device, for example.</dd>
* *
* <dt> <code>keyStoreType</code> </dt> * <dt> {@code keyStoreType} </dt>
* <dd> The key store type. If not specified, defaults to the result of * <dd> The key store type. If not specified, defaults to the result of
* calling <code>KeyStore.getDefaultType()</code>. * calling {@code KeyStore.getDefaultType()}.
* If the type is "PKCS11", then keyStoreURL must be "NONE" * If the type is "PKCS11", then keyStoreURL must be "NONE"
* and privateKeyPasswordURL must not be specified.</dd> * and privateKeyPasswordURL must not be specified.</dd>
* *
* <dt> <code>keyStoreProvider</code> </dt> * <dt> {@code keyStoreProvider} </dt>
* <dd> The key store provider. If not specified, uses the standard search * <dd> The key store provider. If not specified, uses the standard search
* order to find the provider. </dd> * order to find the provider. </dd>
* *
* <dt> <code>keyStoreAlias</code> </dt> * <dt> {@code keyStoreAlias} </dt>
* <dd> The alias in the key store to login as. Required when no callback * <dd> The alias in the key store to login as. Required when no callback
* handler is provided. No default value. </dd> * handler is provided. No default value. </dd>
* *
* <dt> <code>keyStorePasswordURL</code> </dt> * <dt> {@code keyStorePasswordURL} </dt>
* <dd> A URL that specifies the location of the key store password. Required * <dd> A URL that specifies the location of the key store password. Required
* when no callback handler is provided and * when no callback handler is provided and
* <code>protected</code> is false. * {@code protected} is false.
* No default value. </dd> * No default value. </dd>
* *
* <dt> <code>privateKeyPasswordURL</code> </dt> * <dt> {@code privateKeyPasswordURL} </dt>
* <dd> A URL that specifies the location of the specific private key password * <dd> A URL that specifies the location of the specific private key password
* needed to access the private key for this alias. * needed to access the private key for this alias.
* The keystore password * The keystore password
* is used if this value is needed and not specified. </dd> * is used if this value is needed and not specified. </dd>
* *
* <dt> <code>protected</code> </dt> * <dt> {@code protected} </dt>
* <dd> This value should be set to "true" if the KeyStore * <dd> This value should be set to "true" if the KeyStore
* has a separate, protected authentication path * has a separate, protected authentication path
* (for example, a dedicated PIN-pad attached to a smart card). * (for example, a dedicated PIN-pad attached to a smart card).
@ -174,22 +174,20 @@ public class KeyStoreLoginModule implements LoginModule {
/* -- Methods -- */ /* -- Methods -- */
/** /**
* Initialize this <code>LoginModule</code>. * Initialize this {@code LoginModule}.
* *
* <p> * @param subject the {@code Subject} to be authenticated.
* *
* @param subject the <code>Subject</code> to be authenticated. <p> * @param callbackHandler a {@code CallbackHandler} for communicating
*
* @param callbackHandler a <code>CallbackHandler</code> for communicating
* with the end user (prompting for usernames and * with the end user (prompting for usernames and
* passwords, for example), * passwords, for example),
* which may be <code>null</code>. <p> * which may be {@code null}.
* *
* @param sharedState shared <code>LoginModule</code> state. <p> * @param sharedState shared {@code LoginModule} state.
* *
* @param options options specified in the login * @param options options specified in the login
* <code>Configuration</code> for this particular * {@code Configuration} for this particular
* <code>LoginModule</code>. * {@code LoginModule}.
*/ */
// Unchecked warning from (Map<String, Object>)sharedState is safe // Unchecked warning from (Map<String, Object>)sharedState is safe
// since javax.security.auth.login.LoginContext passes a raw HashMap. // since javax.security.auth.login.LoginContext passes a raw HashMap.
@ -258,11 +256,9 @@ public class KeyStoreLoginModule implements LoginModule {
* <p> Get the Keystore alias and relevant passwords. * <p> Get the Keystore alias and relevant passwords.
* Retrieve the alias's principal and credentials from the Keystore. * Retrieve the alias's principal and credentials from the Keystore.
* *
* <p> * @exception FailedLoginException if the authentication fails.
* *
* @exception FailedLoginException if the authentication fails. <p> * @return true in all cases (this {@code LoginModule}
*
* @return true in all cases (this <code>LoginModule</code>
* should not be ignored). * should not be ignored).
*/ */
@ -719,19 +715,17 @@ public class KeyStoreLoginModule implements LoginModule {
* *
* <p> If this LoginModule's own authentication attempt * <p> If this LoginModule's own authentication attempt
* succeeded (checked by retrieving the private state saved by the * succeeded (checked by retrieving the private state saved by the
* <code>login</code> method), then this method associates a * {@code login} method), then this method associates a
* <code>X500Principal</code> for the subject distinguished name of the * {@code X500Principal} for the subject distinguished name of the
* first certificate in the alias's credentials in the subject's * first certificate in the alias's credentials in the subject's
* principals,the alias's certificate path in the subject's public * principals,the alias's certificate path in the subject's public
* credentials, and a<code>X500PrivateCredential</code> whose certificate * credentials, and a {@code X500PrivateCredential} whose certificate
* is the first certificate in the alias's certificate path and whose * is the first certificate in the alias's certificate path and whose
* private key is the alias's private key in the subject's private * private key is the alias's private key in the subject's private
* credentials. If this LoginModule's own * credentials. If this LoginModule's own
* authentication attempted failed, then this method removes * authentication attempted failed, then this method removes
* any state that was originally saved. * any state that was originally saved.
* *
* <p>
*
* @exception LoginException if the commit fails * @exception LoginException if the commit fails
* *
* @return true if this LoginModule's own login and commit * @return true if this LoginModule's own login and commit
@ -774,21 +768,19 @@ public class KeyStoreLoginModule implements LoginModule {
} }
/** /**
* <p> This method is called if the LoginContext's * This method is called if the LoginContext's
* overall authentication failed. * overall authentication failed.
* (the relevant REQUIRED, REQUISITE, SUFFICIENT and OPTIONAL LoginModules * (the relevant REQUIRED, REQUISITE, SUFFICIENT and OPTIONAL LoginModules
* did not succeed). * did not succeed).
* *
* <p> If this LoginModule's own authentication attempt * <p> If this LoginModule's own authentication attempt
* succeeded (checked by retrieving the private state saved by the * succeeded (checked by retrieving the private state saved by the
* <code>login</code> and <code>commit</code> methods), * {@code login} and {@code commit} methods),
* then this method cleans up any state that was originally saved. * then this method cleans up any state that was originally saved.
* *
* <p> If the loaded KeyStore's provider extends * <p> If the loaded KeyStore's provider extends
* <code>java.security.AuthProvider</code>, * {@code java.security.AuthProvider},
* then the provider's <code>logout</code> method is invoked. * then the provider's {@code logout} method is invoked.
*
* <p>
* *
* @exception LoginException if the abort fails. * @exception LoginException if the abort fails.
* *
@ -815,17 +807,15 @@ public class KeyStoreLoginModule implements LoginModule {
* Logout a user. * Logout a user.
* *
* <p> This method removes the Principals, public credentials and the * <p> This method removes the Principals, public credentials and the
* private credentials that were added by the <code>commit</code> method. * private credentials that were added by the {@code commit} method.
* *
* <p> If the loaded KeyStore's provider extends * <p> If the loaded KeyStore's provider extends
* <code>java.security.AuthProvider</code>, * {@code java.security.AuthProvider},
* then the provider's <code>logout</code> method is invoked. * then the provider's {@code logout} method is invoked.
*
* <p>
* *
* @exception LoginException if the logout fails. * @exception LoginException if the logout fails.
* *
* @return true in all cases since this <code>LoginModule</code> * @return true in all cases since this {@code LoginModule}
* should not be ignored. * should not be ignored.
*/ */

377
jdk/src/jdk.security.auth/share/classes/com/sun/security/auth/module/Krb5LoginModule.java
View File

@ -47,147 +47,142 @@ import sun.security.krb5.Credentials;
import sun.misc.HexDumpEncoder; import sun.misc.HexDumpEncoder;
/** /**
* <p> This <code>LoginModule</code> authenticates users using * This {@code LoginModule} authenticates users using
* Kerberos protocols. * Kerberos protocols.
* *
* <p> The configuration entry for <code>Krb5LoginModule</code> has * <p> The configuration entry for {@code Krb5LoginModule} has
* several options that control the authentication process and * several options that control the authentication process and
* additions to the <code>Subject</code>'s private credential * additions to the {@code Subject}'s private credential
* set. Irrespective of these options, the <code>Subject</code>'s * set. Irrespective of these options, the {@code Subject}'s
* principal set and private credentials set are updated only when * principal set and private credentials set are updated only when
* <code>commit</code> is called. * {@code commit} is called.
* When <code>commit</code> is called, the <code>KerberosPrincipal</code> * When {@code commit} is called, the {@code KerberosPrincipal}
* is added to the <code>Subject</code>'s principal set (unless the * is added to the {@code Subject}'s principal set (unless the
* <code>principal</code> is specified as "*"). If <code>isInitiator</code> * {@code principal} is specified as "*"). If {@code isInitiator}
* is true, the <code>KerberosTicket</code> is * is true, the {@code KerberosTicket} is
* added to the <code>Subject</code>'s private credentials. * added to the {@code Subject}'s private credentials.
* *
* <p> If the configuration entry for <code>KerberosLoginModule</code> * <p> If the configuration entry for {@code KerberosLoginModule}
* has the option <code>storeKey</code> set to true, then * has the option {@code storeKey} set to true, then
* <code>KerberosKey</code> or <code>KeyTab</code> will also be added to the * {@code KerberosKey} or {@code KeyTab} will also be added to the
* subject's private credentials. <code>KerberosKey</code>, the principal's * subject's private credentials. {@code KerberosKey}, the principal's
* key(s) will be derived from user's password, and <code>KeyTab</code> is * key(s) will be derived from user's password, and {@code KeyTab} is
* the keytab used when <code>useKeyTab</code> is set to true. The * the keytab used when {@code useKeyTab} is set to true. The
* <code>KeyTab</code> object is restricted to be used by the specified * {@code KeyTab} object is restricted to be used by the specified
* principal unless the principal value is "*". * principal unless the principal value is "*".
* *
* <p> This <code>LoginModule</code> recognizes the <code>doNotPrompt</code> * <p> This {@code LoginModule} recognizes the {@code doNotPrompt}
* option. If set to true the user will not be prompted for the password. * option. If set to true the user will not be prompted for the password.
* *
* <p> The user can specify the location of the ticket cache by using * <p> The user can specify the location of the ticket cache by using
* the option <code>ticketCache</code> in the configuration entry. * the option {@code ticketCache} in the configuration entry.
* *
* <p>The user can specify the keytab location by using * <p>The user can specify the keytab location by using
* the option <code>keyTab</code> * the option {@code keyTab}
* in the configuration entry. * in the configuration entry.
* *
* <p> The principal name can be specified in the configuration entry * <p> The principal name can be specified in the configuration entry
* by using the option <code>principal</code>. The principal name * by using the option {@code principal}. The principal name
* can either be a simple user name, a service name such as * can either be a simple user name, a service name such as
* <code>host/mission.eng.sun.com</code>, or "*". The principal can also * {@code host/mission.eng.sun.com}, or "*". The principal can also
* be set using the system property <code>sun.security.krb5.principal</code>. * be set using the system property {@code sun.security.krb5.principal}.
* This property is checked during login. If this property is not set, then * This property is checked during login. If this property is not set, then
* the principal name from the configuration is used. In the * the principal name from the configuration is used. In the
* case where the principal property is not set and the principal * case where the principal property is not set and the principal
* entry also does not exist, the user is prompted for the name. * entry also does not exist, the user is prompted for the name.
* When this property of entry is set, and <code>useTicketCache</code> * When this property of entry is set, and {@code useTicketCache}
* is set to true, only TGT belonging to this principal is used. * is set to true, only TGT belonging to this principal is used.
* *
* <p> The following is a list of configuration options supported * <p> The following is a list of configuration options supported
* for <code>Krb5LoginModule</code>: * for {@code Krb5LoginModule}:
* <blockquote><dl> * <blockquote><dl>
* <dt><b><code>refreshKrb5Config</code></b>:</dt> * <dt>{@code refreshKrb5Config}:</dt>
* <dd> Set this to true, if you want the configuration * <dd> Set this to true, if you want the configuration
* to be refreshed before the <code>login</code> method is called.</dd> * to be refreshed before the {@code login} method is called.</dd>
* <dt><b><code>useTicketCache</code></b>:</dt> * <dt>{@code useTicketCache}:</dt>
* <dd>Set this to true, if you want the * <dd>Set this to true, if you want the
* TGT to be obtained * TGT to be obtained from the ticket cache. Set this option
* from the ticket cache. Set this option
* to false if you do not want this module to use the ticket cache. * to false if you do not want this module to use the ticket cache.
* (Default is False). * (Default is False).
* This module will * This module will search for the ticket
* search for the ticket * cache in the following locations: On Solaris and Linux
* cache in the following locations: * it will look for the ticket cache in /tmp/krb5cc_{@code uid}
* On Solaris and Linux * where the uid is numeric user identifier. If the ticket cache is
* it will look for the ticket cache in /tmp/krb5cc_<code>uid</code>
* where the uid is numeric user
* identifier. If the ticket cache is
* not available in the above location, or if we are on a * not available in the above location, or if we are on a
* Windows platform, it will look for the cache as * Windows platform, it will look for the cache as
* {user.home}{file.separator}krb5cc_{user.name}. * {user.home}{file.separator}krb5cc_{user.name}.
* You can override the ticket cache location by using * You can override the ticket cache location by using
* <code>ticketCache</code>. * {@code ticketCache}.
* For Windows, if a ticket cannot be retrieved from the file ticket cache, * For Windows, if a ticket cannot be retrieved from the file ticket cache,
* it will use Local Security Authority (LSA) API to get the TGT. * it will use Local Security Authority (LSA) API to get the TGT.
* <dt><b><code>ticketCache</code></b>:</dt> * <dt>{@code ticketCache}:</dt>
* <dd>Set this to the name of the ticket * <dd>Set this to the name of the ticket
* cache that contains user's TGT. * cache that contains user's TGT.
* If this is set, <code>useTicketCache</code> * If this is set, {@code useTicketCache}
* must also be set to true; Otherwise a configuration error will * must also be set to true; Otherwise a configuration error will
* be returned.</dd> * be returned.</dd>
* <dt><b><code>renewTGT</code></b>:</dt> * <dt>{@code renewTGT}:</dt>
* <dd>Set this to true, if you want to renew * <dd>Set this to true, if you want to renew
* the TGT. If this is set, <code>useTicketCache</code> must also be * the TGT. If this is set, {@code useTicketCache} must also be
* set to true; otherwise a configuration error will be returned.</dd> * set to true; otherwise a configuration error will be returned.</dd>
* <dt><b><code>doNotPrompt</code></b>:</dt> * <dt>{@code doNotPrompt}:</dt>
* <dd>Set this to true if you do not want to be * <dd>Set this to true if you do not want to be
* prompted for the password * prompted for the password
* if credentials can not be obtained from the cache, the keytab, * if credentials can not be obtained from the cache, the keytab,
* or through shared state.(Default is false) * or through shared state.(Default is false)
* If set to true, credential must be obtained through cache, keytab, * If set to true, credential must be obtained through cache, keytab,
* or shared state. Otherwise, authentication will fail.</dd> * or shared state. Otherwise, authentication will fail.</dd>
* <dt><b><code>useKeyTab</code></b>:</dt> * <dt>{@code useKeyTab}:</dt>
* <dd>Set this to true if you * <dd>Set this to true if you
* want the module to get the principal's key from the * want the module to get the principal's key from the
* the keytab.(default value is False) * the keytab.(default value is False)
* If <code>keytab</code> * If {@code keytab} is not set then
* is not set then
* the module will locate the keytab from the * the module will locate the keytab from the
* Kerberos configuration file. * Kerberos configuration file.
* If it is not specified in the Kerberos configuration file * If it is not specified in the Kerberos configuration file
* then it will look for the file * then it will look for the file
* <code>{user.home}{file.separator}</code>krb5.keytab.</dd> * {@code {user.home}{file.separator}}krb5.keytab.</dd>
* <dt><b><code>keyTab</code></b>:</dt> * <dt>{@code keyTab}:</dt>
* <dd>Set this to the file name of the * <dd>Set this to the file name of the
* keytab to get principal's secret key.</dd> * keytab to get principal's secret key.</dd>
* <dt><b><code>storeKey</code></b>:</dt> * <dt>{@code storeKey}:</dt>
* <dd>Set this to true to if you want the keytab or the * <dd>Set this to true to if you want the keytab or the
* principal's key to be stored in the Subject's private credentials. * principal's key to be stored in the Subject's private credentials.
* For <code>isInitiator</code> being false, if <code>principal</code> * For {@code isInitiator} being false, if {@code principal}
* is "*", the {@link KeyTab} stored can be used by anyone, otherwise, * is "*", the {@link KeyTab} stored can be used by anyone, otherwise,
* it's restricted to be used by the specified principal only.</dd> * it's restricted to be used by the specified principal only.</dd>
* <dt><b><code>principal</code></b>:</dt> * <dt>{@code principal}:</dt>
* <dd>The name of the principal that should * <dd>The name of the principal that should
* be used. The principal can be a simple username such as * be used. The principal can be a simple username such as
* "<code>testuser</code>" or a service name such as * "{@code testuser}" or a service name such as
* "<code>host/testhost.eng.sun.com</code>". You can use the * "{@code host/testhost.eng.sun.com}". You can use the
* <code>principal</code> option to set the principal when there are * {@code principal} option to set the principal when there are
* credentials for multiple principals in the * credentials for multiple principals in the
* <code>keyTab</code> or when you want a specific ticket cache only. * {@code keyTab} or when you want a specific ticket cache only.
* The principal can also be set using the system property * The principal can also be set using the system property
* <code>sun.security.krb5.principal</code>. In addition, if this * {@code sun.security.krb5.principal}. In addition, if this
* system property is defined, then it will be used. If this property * system property is defined, then it will be used. If this property
* is not set, then the principal name from the configuration will be * is not set, then the principal name from the configuration will be
* used. * used.
* The principal name can be set to "*" when <code>isInitiator</code> is false. * The principal name can be set to "*" when {@code isInitiator} is false.
* In this case, the acceptor is not bound to a single principal. It can * In this case, the acceptor is not bound to a single principal. It can
* act as any principal an initiator requests if keys for that principal * act as any principal an initiator requests if keys for that principal
* can be found. When <code>isInitiator</code> is true, the principal name * can be found. When {@code isInitiator} is true, the principal name
* cannot be set to "*". * cannot be set to "*".
* </dd> * </dd>
* <dt><b><code>isInitiator</code></b>:</dt> * <dt>{@code isInitiator}:</dt>
* <dd>Set this to true, if initiator. Set this to false, if acceptor only. * <dd>Set this to true, if initiator. Set this to false, if acceptor only.
* (Default is true). * (Default is true).
* Note: Do not set this value to false for initiators.</dd> * Note: Do not set this value to false for initiators.</dd>
* </dl></blockquote> * </dl></blockquote>
* *
* <p> This <code>LoginModule</code> also recognizes the following additional * <p> This {@code LoginModule} also recognizes the following additional
* <code>Configuration</code> * {@code Configuration}
* options that enable you to share username and passwords across different * options that enable you to share username and passwords across different
* authentication modules: * authentication modules:
* <blockquote><dl> * <blockquote><dl>
* *
* <dt><b><code>useFirstPass</code></b>:</dt> * <dt>{@code useFirstPass}:</dt>
* <dd>if, true, this LoginModule retrieves the * <dd>if, true, this LoginModule retrieves the
* username and password from the module's shared state, * username and password from the module's shared state,
* using "javax.security.auth.login.name" and * using "javax.security.auth.login.name" and
@ -197,7 +192,7 @@ import sun.misc.HexDumpEncoder;
* is made, and the failure is reported back to the * is made, and the failure is reported back to the
* calling application.</dd> * calling application.</dd>
* *
* <dt><b><code>tryFirstPass</code></b>:</dt> * <dt>{@code tryFirstPass}:</dt>
* <dd>if, true, this LoginModule retrieves the * <dd>if, true, this LoginModule retrieves the
* the username and password from the module's shared * the username and password from the module's shared
* state using "javax.security.auth.login.name" and * state using "javax.security.auth.login.name" and
@ -210,7 +205,7 @@ import sun.misc.HexDumpEncoder;
* is made. If the authentication fails, * is made. If the authentication fails,
* the failure is reported back to the calling application</dd> * the failure is reported back to the calling application</dd>
* *
* <dt><b><code>storePass</code></b>:</dt> * <dt>{@code storePass}:</dt>
* <dd>if, true, this LoginModule stores the username and * <dd>if, true, this LoginModule stores the username and
* password obtained from the CallbackHandler in the * password obtained from the CallbackHandler in the
* modules shared state, using * modules shared state, using
@ -220,7 +215,7 @@ import sun.misc.HexDumpEncoder;
* exist for the username and password in the shared * exist for the username and password in the shared
* state, or if authentication fails.</dd> * state, or if authentication fails.</dd>
* *
* <dt><b><code>clearPass</code></b>:</dt> * <dt>{@code clearPass}:</dt>
* <dd>if, true, this LoginModule clears the * <dd>if, true, this LoginModule clears the
* username and password stored in the module's shared * username and password stored in the module's shared
* state after both phases of authentication * state after both phases of authentication
@ -236,148 +231,137 @@ import sun.misc.HexDumpEncoder;
* <li>shared state * <li>shared state
* <li>user prompt * <li>user prompt
* </ol> * </ol>
*
* <p>Note that if any step fails, it will fallback to the next step. * <p>Note that if any step fails, it will fallback to the next step.
* There's only one exception, if the shared state step fails and * There's only one exception, if the shared state step fails and
* <code>useFirstPass</code>=true, no user prompt is made. * {@code useFirstPass = true}, no user prompt is made.
* <p>Examples of some configuration values for Krb5LoginModule in * <p>Examples of some configuration values for Krb5LoginModule in
* JAAS config file and the results are: * JAAS config file and the results are:
* <ul> * <blockquote><dl>
* <p> <code>doNotPrompt</code>=true; * <dd><pre>{@code
* </ul> * doNotPrompt = true}</pre>
* <p> This is an illegal combination since none of <code>useTicketCache</code>, * This is an illegal combination since none of {@code useTicketCache,
* <code>useKeyTab</code>, <code>useFirstPass</code> and <code>tryFirstPass</code> * useKeyTab, useFirstPass} and {@code tryFirstPass}
* is set and the user can not be prompted for the password. * is set and the user can not be prompted for the password.</dd>
*<ul> *
* <p> <code>ticketCache</code> = &lt;filename&gt;; * <dd><pre>{@code
*</ul> * ticketCache = <filename>}</pre>
* <p> This is an illegal combination since <code>useTicketCache</code> * This is an illegal combination since {@code useTicketCache}
* is not set to true and the ticketCache is set. A configuration error * is not set to true and the ticketCache is set. A configuration error
* will occur. * will occur.</dd>
* <ul> *
* <p> <code>renewTGT</code>=true; * <dd><pre>{@code
*</ul> * renewTGT = true}</pre>
* <p> This is an illegal combination since <code>useTicketCache</code> is * This is an illegal combination since {@code useTicketCache} is
* not set to true and renewTGT is set. A configuration error will occur. * not set to true and renewTGT is set. A configuration error will occur.</dd>
* <ul> *
* <p> <code>storeKey</code>=true * <dd><pre>{@code
* <code>useTicketCache</code> = true * storeKey = true useTicketCache = true doNotPrompt = true}</pre>
* <code>doNotPrompt</code>=true;; * This is an illegal combination since {@code storeKey} is set to
*</ul>
* <p> This is an illegal combination since <code>storeKey</code> is set to
* true but the key can not be obtained either by prompting the user or from * true but the key can not be obtained either by prompting the user or from
* the keytab, or from the shared state. A configuration error will occur. * the keytab, or from the shared state. A configuration error will occur.</dd>
* <ul> *
* <p> <code>keyTab</code> = &lt;filename&gt; <code>doNotPrompt</code>=true ; * <dd><pre>{@code
* </ul> * keyTab = <filename> doNotPrompt = true}</pre>
* <p>This is an illegal combination since useKeyTab is not set to true and * This is an illegal combination since useKeyTab is not set to true and
* the keyTab is set. A configuration error will occur. * the keyTab is set. A configuration error will occur.</dd>
* <ul> *
* <p> <code>debug=true </code> * <dd><pre>{@code
*</ul> * debug = true}</pre>
* <p> Prompt the user for the principal name and the password. * Prompt the user for the principal name and the password.
* Use the authentication exchange to get TGT from the KDC and * Use the authentication exchange to get TGT from the KDC and
* populate the <code>Subject</code> with the principal and TGT. * populate the {@code Subject} with the principal and TGT.
* Output debug messages. * Output debug messages.</dd>
* <ul> *
* <p> <code>useTicketCache</code> = true <code>doNotPrompt</code>=true; * <dd><pre>{@code
*</ul> * useTicketCache = true doNotPrompt = true}</pre>
* <p>Check the default cache for TGT and populate the <code>Subject</code> * Check the default cache for TGT and populate the {@code Subject}
* with the principal and TGT. If the TGT is not available, * with the principal and TGT. If the TGT is not available,
* do not prompt the user, instead fail the authentication. * do not prompt the user, instead fail the authentication.</dd>
* <ul> *
* <p><code>principal</code>=&lt;name&gt;<code>useTicketCache</code> = true * <dd><pre>{@code
* <code>doNotPrompt</code>=true; * principal = <name> useTicketCache = true doNotPrompt = true}</pre>
*</ul> * Get the TGT from the default cache for the principal and populate the
* <p> Get the TGT from the default cache for the principal and populate the
* Subject's principal and private creds set. If ticket cache is * Subject's principal and private creds set. If ticket cache is
* not available or does not contain the principal's TGT * not available or does not contain the principal's TGT
* authentication will fail. * authentication will fail.</dd>
* <ul> *
* <p> <code>useTicketCache</code> = true * <dd><pre>{@code
* <code>ticketCache</code>=&lt;file name&gt;<code>useKeyTab</code> = true * useTicketCache = true
* <code> keyTab</code>=&lt;keytab filename&gt; * ticketCache = <file name>
* <code>principal</code> = &lt;principal name&gt; * useKeyTab = true
* <code>doNotPrompt</code>=true; * keyTab = <keytab filename>
*</ul> * principal = <principal name>
* <p> Search the cache for the principal's TGT. If it is not available * doNotPrompt = true}</pre>
* Search the cache for the principal's TGT. If it is not available
* use the key in the keytab to perform authentication exchange with the * use the key in the keytab to perform authentication exchange with the
* KDC and acquire the TGT. * KDC and acquire the TGT.
* The Subject will be populated with the principal and the TGT. * The Subject will be populated with the principal and the TGT.
* If the key is not available or valid then authentication will fail. * If the key is not available or valid then authentication will fail.</dd>
* <ul> *
* <p><code>useTicketCache</code> = true * <dd><pre>{@code
* <code>ticketCache</code>=&lt;file name&gt; * useTicketCache = true ticketCache = <filename>}</pre>
*</ul> * The TGT will be obtained from the cache specified.
* <p> The TGT will be obtained from the cache specified.
* The Kerberos principal name used will be the principal name in * The Kerberos principal name used will be the principal name in
* the Ticket cache. If the TGT is not available in the * the Ticket cache. If the TGT is not available in the
* ticket cache the user will be prompted for the principal name * ticket cache the user will be prompted for the principal name
* and the password. The TGT will be obtained using the authentication * and the password. The TGT will be obtained using the authentication
* exchange with the KDC. * exchange with the KDC.
* The Subject will be populated with the TGT. * The Subject will be populated with the TGT.</dd>
*<ul> *
* <p> <code>useKeyTab</code> = true * <dd><pre>{@code
* <code>keyTab</code>=&lt;keytab filename&gt; * useKeyTab = true keyTab=<keytab filename> principal = <principal name> storeKey = true}</pre>
* <code>principal</code>= &lt;principal name&gt; * The key for the principal will be retrieved from the keytab.
* <code>storeKey</code>=true;
*</ul>
* <p> The key for the principal will be retrieved from the keytab.
* If the key is not available in the keytab the user will be prompted * If the key is not available in the keytab the user will be prompted
* for the principal's password. The Subject will be populated * for the principal's password. The Subject will be populated
* with the principal's key either from the keytab or derived from the * with the principal's key either from the keytab or derived from the
* password entered. * password entered.</dd>
* <ul> *
* <p> <code>useKeyTab</code> = true * <dd><pre>{@code
* <code>keyTab</code>=&lt;keytabname&gt; * useKeyTab = true keyTab = <keytabname> storeKey = true doNotPrompt = false}</pre>
* <code>storeKey</code>=true * The user will be prompted for the service principal name.
* <code>doNotPrompt</code>=false;
*</ul>
* <p>The user will be prompted for the service principal name.
* If the principal's * If the principal's
* longterm key is available in the keytab , it will be added to the * longterm key is available in the keytab , it will be added to the
* Subject's private credentials. An authentication exchange will be * Subject's private credentials. An authentication exchange will be
* attempted with the principal name and the key from the Keytab. * attempted with the principal name and the key from the Keytab.
* If successful the TGT will be added to the * If successful the TGT will be added to the
* Subject's private credentials set. Otherwise the authentication will * Subject's private credentials set. Otherwise the authentication will fail.</dd>
* fail. *
* <ul> * <dd><pre>{@code
* <p> <code>isInitiator</code> = false <code>useKeyTab</code> = true * isInitiator = false useKeyTab = true keyTab = <keytabname> storeKey = true principal = *}</pre>
* <code>keyTab</code>=&lt;keytabname&gt; * The acceptor will be an unbound acceptor and it can act as any principal
* <code>storeKey</code>=true * as long that principal has keys in the keytab.</dd>
* <code>principal</code>=*; *
*</ul> * <dd><pre>{@code
* <p>The acceptor will be an unbound acceptor and it can act as any principal * useTicketCache = true
* as long that principal has keys in the keytab. * ticketCache = <file name>
*<ul> * useKeyTab = true
* <p> * keyTab = <file name>
* <code>useTicketCache</code>=true * storeKey = true
* <code>ticketCache</code>=&lt;file name&gt;; * principal = <principal name>}</pre>
* <code>useKeyTab</code> = true
* <code>keyTab</code>=&lt;file name&gt; <code>storeKey</code>=true
* <code>principal</code>= &lt;principal name&gt;
*</ul>
* <p>
* The client's TGT will be retrieved from the ticket cache and added to the * The client's TGT will be retrieved from the ticket cache and added to the
* <code>Subject</code>'s private credentials. If the TGT is not available * {@code Subject}'s private credentials. If the TGT is not available
* in the ticket cache, or the TGT's client name does not match the principal * in the ticket cache, or the TGT's client name does not match the principal
* name, Java will use a secret key to obtain the TGT using the authentication * name, Java will use a secret key to obtain the TGT using the authentication
* exchange and added to the Subject's private credentials. * exchange and added to the Subject's private credentials.
* This secret key will be first retrieved from the keytab. If the key * This secret key will be first retrieved from the keytab. If the key
* is not available, the user will be prompted for the password. In either * is not available, the user will be prompted for the password. In either
* case, the key derived from the password will be added to the * case, the key derived from the password will be added to the
* Subject's private credentials set. * Subject's private credentials set.</dd>
* <ul> *
* <p><code>isInitiator</code> = false * <dd><pre>{@code
*</ul> * isInitiator = false}</pre>
* <p>Configured to act as acceptor only, credentials are not acquired * Configured to act as acceptor only, credentials are not acquired
* via AS exchange. For acceptors only, set this value to false. * via AS exchange. For acceptors only, set this value to false.
* For initiators, do not set this value to false. * For initiators, do not set this value to false.</dd>
* <ul> *
* <p><code>isInitiator</code> = true * <dd><pre>{@code
*</ul> * isInitiator = true}</pre>
* <p>Configured to act as initiator, credentials are acquired * Configured to act as initiator, credentials are acquired
* via AS exchange. For initiators, set this value to true, or leave this * via AS exchange. For initiators, set this value to true, or leave this
* option unset, in which case default value (true) will be used. * option unset, in which case default value (true) will be used.</dd>
*
* </dl></blockquote>
* *
* @author Ram Marti * @author Ram Marti
*/ */
@ -445,20 +429,19 @@ public class Krb5LoginModule implements LoginModule {
); );
/** /**
* Initialize this <code>LoginModule</code>. * Initialize this {@code LoginModule}.
* *
* <p> * @param subject the {@code Subject} to be authenticated.
* @param subject the <code>Subject</code> to be authenticated. <p>
* *
* @param callbackHandler a <code>CallbackHandler</code> for * @param callbackHandler a {@code CallbackHandler} for
* communication with the end user (prompting for * communication with the end user (prompting for
* usernames and passwords, for example). <p> * usernames and passwords, for example).
* *
* @param sharedState shared <code>LoginModule</code> state. <p> * @param sharedState shared {@code LoginModule} state.
* *
* @param options options specified in the login * @param options options specified in the login
* <code>Configuration</code> for this particular * {@code Configuration} for this particular
* <code>LoginModule</code>. * {@code LoginModule}.
*/ */
// Unchecked warning from (Map<String, Object>)sharedState is safe // Unchecked warning from (Map<String, Object>)sharedState is safe
// since javax.security.auth.login.LoginContext passes a raw HashMap. // since javax.security.auth.login.LoginContext passes a raw HashMap.
@ -536,14 +519,12 @@ public class Krb5LoginModule implements LoginModule {
/** /**
* Authenticate the user * Authenticate the user
* *
* <p> * @return true in all cases since this {@code LoginModule}
*
* @return true in all cases since this <code>LoginModule</code>
* should not be ignored. * should not be ignored.
* *
* @exception FailedLoginException if the authentication fails. <p> * @exception FailedLoginException if the authentication fails.
* *
* @exception LoginException if this <code>LoginModule</code> * @exception LoginException if this {@code LoginModule}
* is unable to perform the authentication. * is unable to perform the authentication.
*/ */
public boolean login() throws LoginException { public boolean login() throws LoginException {
@ -1019,23 +1000,21 @@ public class Krb5LoginModule implements LoginModule {
} }
/** /**
* <p> This method is called if the LoginContext's * This method is called if the LoginContext's
* overall authentication succeeded * overall authentication succeeded
* (the relevant REQUIRED, REQUISITE, SUFFICIENT and OPTIONAL * (the relevant REQUIRED, REQUISITE, SUFFICIENT and OPTIONAL
* LoginModules succeeded). * LoginModules succeeded).
* *
* <p> If this LoginModule's own authentication attempt * <p> If this LoginModule's own authentication attempt
* succeeded (checked by retrieving the private state saved by the * succeeded (checked by retrieving the private state saved by the
* <code>login</code> method), then this method associates a * {@code login} method), then this method associates a
* <code>Krb5Principal</code> * {@code Krb5Principal}
* with the <code>Subject</code> located in the * with the {@code Subject} located in the
* <code>LoginModule</code>. It adds Kerberos Credentials to the * {@code LoginModule}. It adds Kerberos Credentials to the
* the Subject's private credentials set. If this LoginModule's own * the Subject's private credentials set. If this LoginModule's own
* authentication attempted failed, then this method removes * authentication attempted failed, then this method removes
* any state that was originally saved. * any state that was originally saved.
* *
* <p>
*
* @exception LoginException if the commit fails. * @exception LoginException if the commit fails.
* *
* @return true if this LoginModule's own login and commit * @return true if this LoginModule's own login and commit
@ -1147,18 +1126,16 @@ public class Krb5LoginModule implements LoginModule {
} }
/** /**
* <p> This method is called if the LoginContext's * This method is called if the LoginContext's
* overall authentication failed. * overall authentication failed.
* (the relevant REQUIRED, REQUISITE, SUFFICIENT and OPTIONAL * (the relevant REQUIRED, REQUISITE, SUFFICIENT and OPTIONAL
* LoginModules did not succeed). * LoginModules did not succeed).
* *
* <p> If this LoginModule's own authentication attempt * <p> If this LoginModule's own authentication attempt
* succeeded (checked by retrieving the private state saved by the * succeeded (checked by retrieving the private state saved by the
* <code>login</code> and <code>commit</code> methods), * {@code login} and {@code commit} methods),
* then this method cleans up any state that was originally saved. * then this method cleans up any state that was originally saved.
* *
* <p>
*
* @exception LoginException if the abort fails. * @exception LoginException if the abort fails.
* *
* @return false if this LoginModule's own login and/or commit attempts * @return false if this LoginModule's own login and/or commit attempts
@ -1183,14 +1160,12 @@ public class Krb5LoginModule implements LoginModule {
/** /**
* Logout the user. * Logout the user.
* *
* <p> This method removes the <code>Krb5Principal</code> * <p> This method removes the {@code Krb5Principal}
* that was added by the <code>commit</code> method. * that was added by the {@code commit} method.
*
* <p>
* *
* @exception LoginException if the logout fails. * @exception LoginException if the logout fails.
* *
* @return true in all cases since this <code>LoginModule</code> * @return true in all cases since this {@code LoginModule}
* should not be ignored. * should not be ignored.
*/ */
public boolean logout() throws LoginException { public boolean logout() throws LoginException {

113
jdk/src/jdk.security.auth/share/classes/com/sun/security/auth/module/LdapLoginModule.java
View File

@ -70,8 +70,8 @@ import com.sun.security.auth.UserPrincipal;
* conjunction with a specified search filter. * conjunction with a specified search filter.
* If successful then authentication is attempted using the user's * If successful then authentication is attempted using the user's
* distinguished name and the supplied password. * distinguished name and the supplied password.
* To enable this mode, set the <code>userFilter</code> option and omit the * To enable this mode, set the {@code userFilter} option and omit the
* <code>authIdentity</code> option. * {@code authIdentity} option.
* Use search-first mode when the user's distinguished name is not * Use search-first mode when the user's distinguished name is not
* known in advance. * known in advance.
* *
@ -79,22 +79,22 @@ import com.sun.security.auth.UserPrincipal;
* supplied username and password and then the LDAP directory is searched. * supplied username and password and then the LDAP directory is searched.
* If authentication is successful then a search is performed using the * If authentication is successful then a search is performed using the
* supplied username in conjunction with a specified search filter. * supplied username in conjunction with a specified search filter.
* To enable this mode, set the <code>authIdentity</code> and the * To enable this mode, set the {@code authIdentity} and the
* <code>userFilter</code> options. * {@code userFilter} options.
* Use authentication-first mode when accessing an LDAP directory * Use authentication-first mode when accessing an LDAP directory
* that has been configured to disallow anonymous searches. * that has been configured to disallow anonymous searches.
* *
* <p> In authentication-only mode, authentication is attempted using the * <p> In authentication-only mode, authentication is attempted using the
* supplied username and password. The LDAP directory is not searched because * supplied username and password. The LDAP directory is not searched because
* the user's distinguished name is already known. * the user's distinguished name is already known.
* To enable this mode, set the <code>authIdentity</code> option to a valid * To enable this mode, set the {@code authIdentity} option to a valid
* distinguished name and omit the <code>userFilter</code> option. * distinguished name and omit the {@code userFilter} option.
* Use authentication-only mode when the user's distinguished name is * Use authentication-only mode when the user's distinguished name is
* known in advance. * known in advance.
* *
* <p> The following option is mandatory and must be specified in this * <p> The following option is mandatory and must be specified in this
* module's login {@link Configuration}: * module's login {@link Configuration}:
* <dl><dt></dt><dd> * <dl><dd>
* <dl> * <dl>
* <dt> <code>userProvider=<b>ldap_urls</b></code> * <dt> <code>userProvider=<b>ldap_urls</b></code>
* </dt> * </dt>
@ -106,7 +106,7 @@ import com.sun.security.auth.UserPrincipal;
* When several LDAP URLs are specified then each is attempted, * When several LDAP URLs are specified then each is attempted,
* in turn, until the first successful connection is established. * in turn, until the first successful connection is established.
* Spaces in the distinguished name component of the URL must be escaped * Spaces in the distinguished name component of the URL must be escaped
* using the standard mechanism of percent character ('<code>%</code>') * using the standard mechanism of percent character ('{@code %}')
* followed by two hexadecimal digits (see {@link java.net.URI}). * followed by two hexadecimal digits (see {@link java.net.URI}).
* Query components must also be omitted from the URL. * Query components must also be omitted from the URL.
* *
@ -120,33 +120,33 @@ import com.sun.security.auth.UserPrincipal;
* *
* <p> This module also recognizes the following optional {@link Configuration} * <p> This module also recognizes the following optional {@link Configuration}
* options: * options:
* <dl><dt></dt><dd> * <dl><dd>
* <dl> * <dl>
* <dt> <code>userFilter=<b>ldap_filter</b></code> </dt> * <dt> <code>userFilter=<b>ldap_filter</b></code> </dt>
* <dd> This option specifies the search filter to use to locate a user's * <dd> This option specifies the search filter to use to locate a user's
* entry in the LDAP directory. It is used to determine a user's * entry in the LDAP directory. It is used to determine a user's
* distinguished name. * distinguished name.
* <code><b>ldap_filter</b></code> is an LDAP filter string * <b>{@code ldap_filter}</b> is an LDAP filter string
* (<a href="http://www.ietf.org/rfc/rfc2254.txt">RFC 2254</a>). * (<a href="http://www.ietf.org/rfc/rfc2254.txt">RFC 2254</a>).
* If it contains the special token "<code><b>{USERNAME}</b></code>" * If it contains the special token "<b>{@code {USERNAME}}</b>"
* then that token will be replaced with the supplied username value * then that token will be replaced with the supplied username value
* before the filter is used to search the directory. </dd> * before the filter is used to search the directory. </dd>
* *
* <dt> <code>authIdentity=<b>auth_id</b></code> </dt> * <dt> <code>authIdentity=<b>auth_id</b></code> </dt>
* <dd> This option specifies the identity to use when authenticating a user * <dd> This option specifies the identity to use when authenticating a user
* to the LDAP directory. * to the LDAP directory.
* <code><b>auth_id</b></code> may be an LDAP distinguished name string * <b>{@code auth_id}</b> may be an LDAP distinguished name string
* (<a href="http://www.ietf.org/rfc/rfc2253.txt">RFC 2253</a>) or some * (<a href="http://www.ietf.org/rfc/rfc2253.txt">RFC 2253</a>) or some
* other string name. * other string name.
* It must contain the special token "<code><b>{USERNAME}</b></code>" * It must contain the special token "<b>{@code {USERNAME}}</b>"
* which will be replaced with the supplied username value before the * which will be replaced with the supplied username value before the
* name is used for authentication. * name is used for authentication.
* Note that if this option does not contain a distinguished name then * Note that if this option does not contain a distinguished name then
* the <code>userFilter</code> option must also be specified. </dd> * the {@code userFilter} option must also be specified. </dd>
* *
* <dt> <code>authzIdentity=<b>authz_id</b></code> </dt> * <dt> <code>authzIdentity=<b>authz_id</b></code> </dt>
* <dd> This option specifies an authorization identity for the user. * <dd> This option specifies an authorization identity for the user.
* <code><b>authz_id</b></code> is any string name. * <b>{@code authz_id}</b> is any string name.
* If it comprises a single special token with curly braces then * If it comprises a single special token with curly braces then
* that token is treated as a attribute name and will be replaced with a * that token is treated as a attribute name and will be replaced with a
* single value of that attribute from the user's LDAP entry. * single value of that attribute from the user's LDAP entry.
@ -156,23 +156,23 @@ import com.sun.security.auth.UserPrincipal;
* is created using the authorization identity and it is associated with * is created using the authorization identity and it is associated with
* the current {@link Subject}. </dd> * the current {@link Subject}. </dd>
* *
* <dt> <code>useSSL</code> </dt> * <dt> {@code useSSL} </dt>
* <dd> if <code>false</code>, this module does not establish an SSL connection * <dd> if {@code false}, this module does not establish an SSL connection
* to the LDAP server before attempting authentication. SSL is used to * to the LDAP server before attempting authentication. SSL is used to
* protect the privacy of the user's password because it is transmitted * protect the privacy of the user's password because it is transmitted
* in the clear over LDAP. * in the clear over LDAP.
* By default, this module uses SSL. </dd> * By default, this module uses SSL. </dd>
* *
* <dt> <code>useFirstPass</code> </dt> * <dt> {@code useFirstPass} </dt>
* <dd> if <code>true</code>, this module retrieves the username and password * <dd> if {@code true}, this module retrieves the username and password
* from the module's shared state, using "javax.security.auth.login.name" * from the module's shared state, using "javax.security.auth.login.name"
* and "javax.security.auth.login.password" as the respective keys. The * and "javax.security.auth.login.password" as the respective keys. The
* retrieved values are used for authentication. If authentication fails, * retrieved values are used for authentication. If authentication fails,
* no attempt for a retry is made, and the failure is reported back to * no attempt for a retry is made, and the failure is reported back to
* the calling application.</dd> * the calling application.</dd>
* *
* <dt> <code>tryFirstPass</code> </dt> * <dt> {@code tryFirstPass} </dt>
* <dd> if <code>true</code>, this module retrieves the username and password * <dd> if {@code true}, this module retrieves the username and password
* from the module's shared state, using "javax.security.auth.login.name" * from the module's shared state, using "javax.security.auth.login.name"
* and "javax.security.auth.login.password" as the respective keys. The * and "javax.security.auth.login.password" as the respective keys. The
* retrieved values are used for authentication. If authentication fails, * retrieved values are used for authentication. If authentication fails,
@ -181,8 +181,8 @@ import com.sun.security.auth.UserPrincipal;
* authentication fails, the failure is reported back to the calling * authentication fails, the failure is reported back to the calling
* application.</dd> * application.</dd>
* *
* <dt> <code>storePass</code> </dt> * <dt> {@code storePass} </dt>
* <dd> if <code>true</code>, this module stores the username and password * <dd> if {@code true}, this module stores the username and password
* obtained from the {@link CallbackHandler} in the module's shared state, * obtained from the {@link CallbackHandler} in the module's shared state,
* using * using
* "javax.security.auth.login.name" and * "javax.security.auth.login.name" and
@ -190,13 +190,13 @@ import com.sun.security.auth.UserPrincipal;
* not performed if existing values already exist for the username and * not performed if existing values already exist for the username and
* password in the shared state, or if authentication fails.</dd> * password in the shared state, or if authentication fails.</dd>
* *
* <dt> <code>clearPass</code> </dt> * <dt> {@code clearPass} </dt>
* <dd> if <code>true</code>, this module clears the username and password * <dd> if {@code true}, this module clears the username and password
* stored in the module's shared state after both phases of authentication * stored in the module's shared state after both phases of authentication
* (login and commit) have completed.</dd> * (login and commit) have completed.</dd>
* *
* <dt> <code>debug</code> </dt> * <dt> {@code debug} </dt>
* <dd> if <code>true</code>, debug messages are displayed on the standard * <dd> if {@code true}, debug messages are displayed on the standard
* output stream. * output stream.
* </dl> * </dl>
* </dl> * </dl>
@ -209,36 +209,36 @@ import com.sun.security.auth.UserPrincipal;
* Note that the following four JNDI properties are set by this module directly * Note that the following four JNDI properties are set by this module directly
* and are ignored if also present in the configuration: * and are ignored if also present in the configuration:
* <ul> * <ul>
* <li> <code>java.naming.provider.url</code> * <li> {@code java.naming.provider.url}
* <li> <code>java.naming.security.principal</code> * <li> {@code java.naming.security.principal}
* <li> <code>java.naming.security.credentials</code> * <li> {@code java.naming.security.credentials}
* <li> <code>java.naming.security.protocol</code> * <li> {@code java.naming.security.protocol}
* </ul> * </ul>
* *
* <p> * <p>
* Three sample {@link Configuration}s are shown below. * Three sample {@link Configuration}s are shown below.
* The first one activates search-first mode. It identifies the LDAP server * The first one activates search-first mode. It identifies the LDAP server
* and specifies that users' entries be located by their <code>uid</code> and * and specifies that users' entries be located by their {@code uid} and
* <code>objectClass</code> attributes. It also specifies that an identity * {@code objectClass} attributes. It also specifies that an identity
* based on the user's <code>employeeNumber</code> attribute should be created. * based on the user's {@code employeeNumber} attribute should be created.
* The second one activates authentication-first mode. It requests that the * The second one activates authentication-first mode. It requests that the
* LDAP server be located dynamically, that authentication be performed using * LDAP server be located dynamically, that authentication be performed using
* the supplied username directly but without the protection of SSL and that * the supplied username directly but without the protection of SSL and that
* users' entries be located by one of three naming attributes and their * users' entries be located by one of three naming attributes and their
* <code>objectClass</code> attribute. * {@code objectClass} attribute.
* The third one activates authentication-only mode. It identifies alternative * The third one activates authentication-only mode. It identifies alternative
* LDAP servers, it specifies the distinguished name to use for * LDAP servers, it specifies the distinguished name to use for
* authentication and a fixed identity to use for authorization. No directory * authentication and a fixed identity to use for authorization. No directory
* search is performed. * search is performed.
* *
* <pre> * <pre>{@literal
* *
* ExampleApplication { * ExampleApplication {
* com.sun.security.auth.module.LdapLoginModule REQUIRED * com.sun.security.auth.module.LdapLoginModule REQUIRED
* userProvider="ldap://ldap-svr/ou=people,dc=example,dc=com" * userProvider="ldap://ldap-svr/ou=people,dc=example,dc=com"
* userFilter="(&(uid={USERNAME})(objectClass=inetOrgPerson))" * userFilter="(&(uid={USERNAME})(objectClass=inetOrgPerson))"
* authzIdentity="{EMPLOYEENUMBER}" * authzIdentity="{EMPLOYEENUMBER}"
* debug=true; * debug=true;
* }; * };
* *
* ExampleApplication { * ExampleApplication {
@ -258,7 +258,7 @@ import com.sun.security.auth.UserPrincipal;
* debug=true; * debug=true;
* }; * };
* *
* </pre> * }</pre>
* *
* <dl> * <dl>
* <dt><b>Note:</b> </dt> * <dt><b>Note:</b> </dt>
@ -282,7 +282,6 @@ import com.sun.security.auth.UserPrincipal;
* <em>caller-specified</em> {@link Configuration} then the application * <em>caller-specified</em> {@link Configuration} then the application
* must be granted the permissions required by the {@link LoginModule}. * must be granted the permissions required by the {@link LoginModule}.
* <em>This</em> module requires the following two permissions: * <em>This</em> module requires the following two permissions:
* <p>
* <ul> * <ul>
* <li> The {@link SocketPermission} to connect to an LDAP server. * <li> The {@link SocketPermission} to connect to an LDAP server.
* <li> The {@link AuthPermission} to modify the set of {@link Principal}s * <li> The {@link AuthPermission} to modify the set of {@link Principal}s
@ -373,15 +372,15 @@ public class LdapLoginModule implements LoginModule {
private SearchControls constraints = null; private SearchControls constraints = null;
/** /**
* Initialize this <code>LoginModule</code>. * Initialize this {@code LoginModule}.
* *
* @param subject the <code>Subject</code> to be authenticated. * @param subject the {@code Subject} to be authenticated.
* @param callbackHandler a <code>CallbackHandler</code> to acquire the * @param callbackHandler a {@code CallbackHandler} to acquire the
* username and password. * username and password.
* @param sharedState shared <code>LoginModule</code> state. * @param sharedState shared {@code LoginModule} state.
* @param options options specified in the login * @param options options specified in the login
* <code>Configuration</code> for this particular * {@code Configuration} for this particular
* <code>LoginModule</code>. * {@code LoginModule}.
*/ */
// Unchecked warning from (Map<String, Object>)sharedState is safe // Unchecked warning from (Map<String, Object>)sharedState is safe
// since javax.security.auth.login.LoginContext passes a raw HashMap. // since javax.security.auth.login.LoginContext passes a raw HashMap.
@ -492,10 +491,10 @@ public class LdapLoginModule implements LoginModule {
* <p> Acquire the user's credentials and verify them against the * <p> Acquire the user's credentials and verify them against the
* specified LDAP directory. * specified LDAP directory.
* *
* @return true always, since this <code>LoginModule</code> * @return true always, since this {@code LoginModule}
* should not be ignored. * should not be ignored.
* @exception FailedLoginException if the authentication fails. * @exception FailedLoginException if the authentication fails.
* @exception LoginException if this <code>LoginModule</code> * @exception LoginException if this {@code LoginModule}
* is unable to perform the authentication. * is unable to perform the authentication.
*/ */
public boolean login() throws LoginException { public boolean login() throws LoginException {
@ -593,10 +592,10 @@ public class LdapLoginModule implements LoginModule {
* *
* <p> If this LoginModule's own authentication attempt * <p> If this LoginModule's own authentication attempt
* succeeded (checked by retrieving the private state saved by the * succeeded (checked by retrieving the private state saved by the
* <code>login</code> method), then this method associates an * {@code login} method), then this method associates an
* <code>LdapPrincipal</code> and one or more <code>UserPrincipal</code>s * {@code LdapPrincipal} and one or more {@code UserPrincipal}s
* with the <code>Subject</code> located in the * with the {@code Subject} located in the
* <code>LoginModule</code>. If this LoginModule's own * {@code LoginModule}. If this LoginModule's own
* authentication attempted failed, then this method removes * authentication attempted failed, then this method removes
* any state that was originally saved. * any state that was originally saved.
* *
@ -662,7 +661,7 @@ public class LdapLoginModule implements LoginModule {
* *
* <p> If this LoginModule's own authentication attempt * <p> If this LoginModule's own authentication attempt
* succeeded (checked by retrieving the private state saved by the * succeeded (checked by retrieving the private state saved by the
* <code>login</code> and <code>commit</code> methods), * {@code login} and {@code commit} methods),
* then this method cleans up any state that was originally saved. * then this method cleans up any state that was originally saved.
* *
* @exception LoginException if the abort fails. * @exception LoginException if the abort fails.
@ -697,10 +696,10 @@ public class LdapLoginModule implements LoginModule {
* Logout a user. * Logout a user.
* *
* <p> This method removes the Principals * <p> This method removes the Principals
* that were added by the <code>commit</code> method. * that were added by the {@code commit} method.
* *
* @exception LoginException if the logout fails. * @exception LoginException if the logout fails.
* @return true in all cases since this <code>LoginModule</code> * @return true in all cases since this {@code LoginModule}
* should not be ignored. * should not be ignored.
*/ */
public boolean logout() throws LoginException { public boolean logout() throws LoginException {

62
jdk/src/jdk.security.auth/share/classes/com/sun/security/auth/module/NTLoginModule.java
View File

@ -41,10 +41,10 @@ import com.sun.security.auth.NTSidGroupPrincipal;
import com.sun.security.auth.NTNumericCredential; import com.sun.security.auth.NTNumericCredential;
/** /**
* <p> This <code>LoginModule</code> * This {@code LoginModule}
* renders a user's NT security information as some number of * renders a user's NT security information as some number of
* <code>Principal</code>s * {@code Principal}s
* and associates them with a <code>Subject</code>. * and associates them with a {@code Subject}.
* *
* <p> This LoginModule recognizes the debug option. * <p> This LoginModule recognizes the debug option.
* If set to true in the login Configuration, * If set to true in the login Configuration,
@ -85,23 +85,21 @@ public class NTLoginModule implements LoginModule {
private NTNumericCredential iToken; // impersonation token private NTNumericCredential iToken; // impersonation token
/** /**
* Initialize this <code>LoginModule</code>. * Initialize this {@code LoginModule}.
* *
* <p> * @param subject the {@code Subject} to be authenticated.
* *
* @param subject the <code>Subject</code> to be authenticated. <p> * @param callbackHandler a {@code CallbackHandler} for communicating
*
* @param callbackHandler a <code>CallbackHandler</code> for communicating
* with the end user (prompting for usernames and * with the end user (prompting for usernames and
* passwords, for example). This particular LoginModule only * passwords, for example). This particular LoginModule only
* extracts the underlying NT system information, so this * extracts the underlying NT system information, so this
* parameter is ignored.<p> * parameter is ignored.
* *
* @param sharedState shared <code>LoginModule</code> state. <p> * @param sharedState shared {@code LoginModule} state.
* *
* @param options options specified in the login * @param options options specified in the login
* <code>Configuration</code> for this particular * {@code Configuration} for this particular
* <code>LoginModule</code>. * {@code LoginModule}.
*/ */
public void initialize(Subject subject, CallbackHandler callbackHandler, public void initialize(Subject subject, CallbackHandler callbackHandler,
Map<String,?> sharedState, Map<String,?> sharedState,
@ -125,14 +123,12 @@ public class NTLoginModule implements LoginModule {
/** /**
* Import underlying NT system identity information. * Import underlying NT system identity information.
* *
* <p> * @return true in all cases since this {@code LoginModule}
*
* @return true in all cases since this <code>LoginModule</code>
* should not be ignored. * should not be ignored.
* *
* @exception FailedLoginException if the authentication fails. <p> * @exception FailedLoginException if the authentication fails.
* *
* @exception LoginException if this <code>LoginModule</code> * @exception LoginException if this {@code LoginModule}
* is unable to perform the authentication. * is unable to perform the authentication.
*/ */
public boolean login() throws LoginException { public boolean login() throws LoginException {
@ -221,22 +217,20 @@ public class NTLoginModule implements LoginModule {
} }
/** /**
* <p> This method is called if the LoginContext's * This method is called if the LoginContext's
* overall authentication succeeded * overall authentication succeeded
* (the relevant REQUIRED, REQUISITE, SUFFICIENT and OPTIONAL LoginModules * (the relevant REQUIRED, REQUISITE, SUFFICIENT and OPTIONAL LoginModules
* succeeded). * succeeded).
* *
* <p> If this LoginModule's own authentication attempt * <p> If this LoginModule's own authentication attempt
* succeeded (checked by retrieving the private state saved by the * succeeded (checked by retrieving the private state saved by the
* <code>login</code> method), then this method associates some * {@code login} method), then this method associates some
* number of various <code>Principal</code>s * number of various {@code Principal}s
* with the <code>Subject</code> located in the * with the {@code Subject} located in the
* <code>LoginModuleContext</code>. If this LoginModule's own * {@code LoginModuleContext}. If this LoginModule's own
* authentication attempted failed, then this method removes * authentication attempted failed, then this method removes
* any state that was originally saved. * any state that was originally saved.
* *
* <p>
*
* @exception LoginException if the commit fails. * @exception LoginException if the commit fails.
* *
* @return true if this LoginModule's own login and commit * @return true if this LoginModule's own login and commit
@ -290,18 +284,16 @@ public class NTLoginModule implements LoginModule {
/** /**
* <p> This method is called if the LoginContext's * This method is called if the LoginContext's
* overall authentication failed. * overall authentication failed.
* (the relevant REQUIRED, REQUISITE, SUFFICIENT and OPTIONAL LoginModules * (the relevant REQUIRED, REQUISITE, SUFFICIENT and OPTIONAL LoginModules
* did not succeed). * did not succeed).
* *
* <p> If this LoginModule's own authentication attempt * <p> If this LoginModule's own authentication attempt
* succeeded (checked by retrieving the private state saved by the * succeeded (checked by retrieving the private state saved by the
* <code>login</code> and <code>commit</code> methods), * {@code login} and {@code commit} methods),
* then this method cleans up any state that was originally saved. * then this method cleans up any state that was originally saved.
* *
* <p>
*
* @exception LoginException if the abort fails. * @exception LoginException if the abort fails.
* *
* @return false if this LoginModule's own login and/or commit attempts * @return false if this LoginModule's own login and/or commit attempts
@ -336,17 +328,15 @@ public class NTLoginModule implements LoginModule {
/** /**
* Logout the user. * Logout the user.
* *
* <p> This method removes the <code>NTUserPrincipal</code>, * <p> This method removes the {@code NTUserPrincipal},
* <code>NTDomainPrincipal</code>, <code>NTSidUserPrincipal</code>, * {@code NTDomainPrincipal}, {@code NTSidUserPrincipal},
* <code>NTSidDomainPrincipal</code>, <code>NTSidGroupPrincipal</code>s, * {@code NTSidDomainPrincipal}, {@code NTSidGroupPrincipal}s,
* and <code>NTSidPrimaryGroupPrincipal</code> * and {@code NTSidPrimaryGroupPrincipal}
* that may have been added by the <code>commit</code> method. * that may have been added by the {@code commit} method.
*
* <p>
* *
* @exception LoginException if the logout fails. * @exception LoginException if the logout fails.
* *
* @return true in all cases since this <code>LoginModule</code> * @return true in all cases since this {@code LoginModule}
* should not be ignored. * should not be ignored.
*/ */
public boolean logout() throws LoginException { public boolean logout() throws LoginException {

20
jdk/src/jdk.security.auth/share/classes/com/sun/security/auth/module/NTSystem.java
View File

@ -26,7 +26,7 @@
package com.sun.security.auth.module; package com.sun.security.auth.module;
/** /**
* <p> This class implementation retrieves and makes available NT * This class implementation retrieves and makes available NT
* security information for the current user. * security information for the current user.
* *
*/ */
@ -45,7 +45,7 @@ public class NTSystem {
private long impersonationToken; private long impersonationToken;
/** /**
* Instantiate an <code>NTSystem</code> and load * Instantiate an {@code NTSystem} and load
* the native library to access the underlying system information. * the native library to access the underlying system information.
*/ */
public NTSystem() { public NTSystem() {
@ -53,7 +53,7 @@ public class NTSystem {
} }
/** /**
* Instantiate an <code>NTSystem</code> and load * Instantiate an {@code NTSystem} and load
* the native library to access the underlying system information. * the native library to access the underlying system information.
*/ */
NTSystem(boolean debug) { NTSystem(boolean debug) {
@ -64,8 +64,6 @@ public class NTSystem {
/** /**
* Get the username for the current NT user. * Get the username for the current NT user.
* *
* <p>
*
* @return the username for the current NT user. * @return the username for the current NT user.
*/ */
public String getName() { public String getName() {
@ -75,8 +73,6 @@ public class NTSystem {
/** /**
* Get the domain for the current NT user. * Get the domain for the current NT user.
* *
* <p>
*
* @return the domain for the current NT user. * @return the domain for the current NT user.
*/ */
public String getDomain() { public String getDomain() {
@ -86,8 +82,6 @@ public class NTSystem {
/** /**
* Get a printable SID for the current NT user's domain. * Get a printable SID for the current NT user's domain.
* *
* <p>
*
* @return a printable SID for the current NT user's domain. * @return a printable SID for the current NT user's domain.
*/ */
public String getDomainSID() { public String getDomainSID() {
@ -97,8 +91,6 @@ public class NTSystem {
/** /**
* Get a printable SID for the current NT user. * Get a printable SID for the current NT user.
* *
* <p>
*
* @return a printable SID for the current NT user. * @return a printable SID for the current NT user.
*/ */
public String getUserSID() { public String getUserSID() {
@ -108,8 +100,6 @@ public class NTSystem {
/** /**
* Get a printable primary group SID for the current NT user. * Get a printable primary group SID for the current NT user.
* *
* <p>
*
* @return the primary group SID for the current NT user. * @return the primary group SID for the current NT user.
*/ */
public String getPrimaryGroupID() { public String getPrimaryGroupID() {
@ -119,8 +109,6 @@ public class NTSystem {
/** /**
* Get the printable group SIDs for the current NT user. * Get the printable group SIDs for the current NT user.
* *
* <p>
*
* @return the group SIDs for the current NT user. * @return the group SIDs for the current NT user.
*/ */
public String[] getGroupIDs() { public String[] getGroupIDs() {
@ -130,8 +118,6 @@ public class NTSystem {
/** /**
* Get an impersonation token for the current NT user. * Get an impersonation token for the current NT user.
* *
* <p>
*
* @return an impersonation token for the current NT user. * @return an impersonation token for the current NT user.
*/ */
public synchronized long getImpersonationToken() { public synchronized long getImpersonationToken() {

52
jdk/src/jdk.security.auth/share/classes/com/sun/security/auth/module/SolarisLoginModule.java
View File

@ -36,17 +36,17 @@ import com.sun.security.auth.SolarisNumericUserPrincipal;
import com.sun.security.auth.SolarisNumericGroupPrincipal; import com.sun.security.auth.SolarisNumericGroupPrincipal;
/** /**
* <p> This <code>LoginModule</code> imports a user's Solaris * This {@code LoginModule} imports a user's Solaris
* <code>Principal</code> information (<code>SolarisPrincipal</code>, * {@code Principal} information ({@code SolarisPrincipal},
* <code>SolarisNumericUserPrincipal</code>, * {@code SolarisNumericUserPrincipal},
* and <code>SolarisNumericGroupPrincipal</code>) * and {@code SolarisNumericGroupPrincipal})
* and associates them with the current <code>Subject</code>. * and associates them with the current {@code Subject}.
* *
* <p> This LoginModule recognizes the debug option. * <p> This LoginModule recognizes the debug option.
* If set to true in the login Configuration, * If set to true in the login Configuration,
* debug messages will be output to the output stream, System.out. * debug messages will be output to the output stream, System.out.
* @deprecated As of JDK1.4, replaced by * @deprecated As of JDK1.4, replaced by
* <code>com.sun.security.auth.module.UnixLoginModule</code>. * {@code com.sun.security.auth.module.UnixLoginModule}.
* This LoginModule is entirely deprecated and * This LoginModule is entirely deprecated and
* is here to allow for a smooth transition to the new * is here to allow for a smooth transition to the new
* UnixLoginModule. * UnixLoginModule.
@ -80,21 +80,19 @@ public class SolarisLoginModule implements LoginModule {
new LinkedList<>(); new LinkedList<>();
/** /**
* Initialize this <code>LoginModule</code>. * Initialize this {@code LoginModule}.
* *
* <p> * @param subject the {@code Subject} to be authenticated.
* *
* @param subject the <code>Subject</code> to be authenticated. <p> * @param callbackHandler a {@code CallbackHandler} for communicating
*
* @param callbackHandler a <code>CallbackHandler</code> for communicating
* with the end user (prompting for usernames and * with the end user (prompting for usernames and
* passwords, for example). <p> * passwords, for example).
* *
* @param sharedState shared <code>LoginModule</code> state. <p> * @param sharedState shared {@code LoginModule} state.
* *
* @param options options specified in the login * @param options options specified in the login
* <code>Configuration</code> for this particular * {@code Configuration} for this particular
* <code>LoginModule</code>. * {@code LoginModule}.
*/ */
public void initialize(Subject subject, CallbackHandler callbackHandler, public void initialize(Subject subject, CallbackHandler callbackHandler,
Map<String,?> sharedState, Map<String,?> sharedState,
@ -114,15 +112,13 @@ public class SolarisLoginModule implements LoginModule {
* Authenticate the user (first phase). * Authenticate the user (first phase).
* *
* <p> The implementation of this method attempts to retrieve the user's * <p> The implementation of this method attempts to retrieve the user's
* Solaris <code>Subject</code> information by making a native Solaris * Solaris {@code Subject} information by making a native Solaris
* system call. * system call.
* *
* <p>
*
* @exception FailedLoginException if attempts to retrieve the underlying * @exception FailedLoginException if attempts to retrieve the underlying
* system information fail. * system information fail.
* *
* @return true in all cases (this <code>LoginModule</code> * @return true in all cases (this {@code LoginModule}
* should not be ignored). * should not be ignored).
*/ */
public boolean login() throws LoginException { public boolean login() throws LoginException {
@ -175,13 +171,11 @@ public class SolarisLoginModule implements LoginModule {
* <p> If this LoginModule's own authentication attempt * <p> If this LoginModule's own authentication attempt
* succeeded (the importing of the Solaris authentication information * succeeded (the importing of the Solaris authentication information
* succeeded), then this method associates the Solaris Principals * succeeded), then this method associates the Solaris Principals
* with the <code>Subject</code> currently tied to the * with the {@code Subject} currently tied to the
* <code>LoginModule</code>. If this LoginModule's * {@code LoginModule}. If this LoginModule's
* authentication attempted failed, then this method removes * authentication attempted failed, then this method removes
* any state that was originally saved. * any state that was originally saved.
* *
* <p>
*
* @exception LoginException if the commit fails * @exception LoginException if the commit fails
* *
* @return true if this LoginModule's own login and commit attempts * @return true if this LoginModule's own login and commit attempts
@ -232,10 +226,8 @@ public class SolarisLoginModule implements LoginModule {
* did not succeed). * did not succeed).
* *
* <p> This method cleans up any state that was originally saved * <p> This method cleans up any state that was originally saved
* as part of the authentication attempt from the <code>login</code> * as part of the authentication attempt from the {@code login}
* and <code>commit</code> methods. * and {@code commit} methods.
*
* <p>
* *
* @exception LoginException if the abort fails * @exception LoginException if the abort fails
* *
@ -272,13 +264,11 @@ public class SolarisLoginModule implements LoginModule {
* Logout the user * Logout the user
* *
* <p> This method removes the Principals associated * <p> This method removes the Principals associated
* with the <code>Subject</code>. * with the {@code Subject}.
*
* <p>
* *
* @exception LoginException if the logout fails * @exception LoginException if the logout fails
* *
* @return true in all cases (this <code>LoginModule</code> * @return true in all cases (this {@code LoginModule}
* should not be ignored). * should not be ignored).
*/ */
public boolean logout() throws LoginException { public boolean logout() throws LoginException {

12
jdk/src/jdk.security.auth/share/classes/com/sun/security/auth/module/SolarisSystem.java
View File

@ -26,7 +26,7 @@
package com.sun.security.auth.module; package com.sun.security.auth.module;
/** /**
* <p> This class implementation retrieves and makes available Solaris * This class implementation retrieves and makes available Solaris
* UID/GID/groups information for the current user. * UID/GID/groups information for the current user.
* *
* @deprecated replaced by {@link UnixSystem}. * @deprecated replaced by {@link UnixSystem}.
@ -43,7 +43,7 @@ public class SolarisSystem {
protected long[] groups; protected long[] groups;
/** /**
* Instantiate a <code>SolarisSystem</code> and load * Instantiate a {@code SolarisSystem} and load
* the native library to access the underlying system information. * the native library to access the underlying system information.
*/ */
public SolarisSystem() { public SolarisSystem() {
@ -54,8 +54,6 @@ public class SolarisSystem {
/** /**
* Get the username for the current Solaris user. * Get the username for the current Solaris user.
* *
* <p>
*
* @return the username for the current Solaris user. * @return the username for the current Solaris user.
*/ */
public String getUsername() { public String getUsername() {
@ -65,8 +63,6 @@ public class SolarisSystem {
/** /**
* Get the UID for the current Solaris user. * Get the UID for the current Solaris user.
* *
* <p>
*
* @return the UID for the current Solaris user. * @return the UID for the current Solaris user.
*/ */
public long getUid() { public long getUid() {
@ -76,8 +72,6 @@ public class SolarisSystem {
/** /**
* Get the GID for the current Solaris user. * Get the GID for the current Solaris user.
* *
* <p>
*
* @return the GID for the current Solaris user. * @return the GID for the current Solaris user.
*/ */
public long getGid() { public long getGid() {
@ -87,8 +81,6 @@ public class SolarisSystem {
/** /**
* Get the supplementary groups for the current Solaris user. * Get the supplementary groups for the current Solaris user.
* *
* <p>
*
* @return the supplementary groups for the current Solaris user. * @return the supplementary groups for the current Solaris user.
*/ */
public long[] getGroups() { public long[] getGroups() {

50
jdk/src/jdk.security.auth/share/classes/com/sun/security/auth/module/UnixLoginModule.java
View File

@ -36,11 +36,11 @@ import com.sun.security.auth.UnixNumericUserPrincipal;
import com.sun.security.auth.UnixNumericGroupPrincipal; import com.sun.security.auth.UnixNumericGroupPrincipal;
/** /**
* <p> This <code>LoginModule</code> imports a user's Unix * This {@code LoginModule} imports a user's Unix
* <code>Principal</code> information (<code>UnixPrincipal</code>, * {@code Principal} information ({@code UnixPrincipal},
* <code>UnixNumericUserPrincipal</code>, * {@code UnixNumericUserPrincipal},
* and <code>UnixNumericGroupPrincipal</code>) * and {@code UnixNumericGroupPrincipal})
* and associates them with the current <code>Subject</code>. * and associates them with the current {@code Subject}.
* *
* <p> This LoginModule recognizes the debug option. * <p> This LoginModule recognizes the debug option.
* If set to true in the login Configuration, * If set to true in the login Configuration,
@ -74,21 +74,19 @@ public class UnixLoginModule implements LoginModule {
new LinkedList<>(); new LinkedList<>();
/** /**
* Initialize this <code>LoginModule</code>. * Initialize this {@code LoginModule}.
* *
* <p> * @param subject the {@code Subject} to be authenticated.
* *
* @param subject the <code>Subject</code> to be authenticated. <p> * @param callbackHandler a {@code CallbackHandler} for communicating
*
* @param callbackHandler a <code>CallbackHandler</code> for communicating
* with the end user (prompting for usernames and * with the end user (prompting for usernames and
* passwords, for example). <p> * passwords, for example).
* *
* @param sharedState shared <code>LoginModule</code> state. <p> * @param sharedState shared {@code LoginModule} state.
* *
* @param options options specified in the login * @param options options specified in the login
* <code>Configuration</code> for this particular * {@code Configuration} for this particular
* <code>LoginModule</code>. * {@code LoginModule}.
*/ */
public void initialize(Subject subject, CallbackHandler callbackHandler, public void initialize(Subject subject, CallbackHandler callbackHandler,
Map<String,?> sharedState, Map<String,?> sharedState,
@ -107,15 +105,13 @@ public class UnixLoginModule implements LoginModule {
* Authenticate the user (first phase). * Authenticate the user (first phase).
* *
* <p> The implementation of this method attempts to retrieve the user's * <p> The implementation of this method attempts to retrieve the user's
* Unix <code>Subject</code> information by making a native Unix * Unix {@code Subject} information by making a native Unix
* system call. * system call.
* *
* <p>
*
* @exception FailedLoginException if attempts to retrieve the underlying * @exception FailedLoginException if attempts to retrieve the underlying
* system information fail. * system information fail.
* *
* @return true in all cases (this <code>LoginModule</code> * @return true in all cases (this {@code LoginModule}
* should not be ignored). * should not be ignored).
*/ */
public boolean login() throws LoginException { public boolean login() throws LoginException {
@ -169,13 +165,11 @@ public class UnixLoginModule implements LoginModule {
* <p> If this LoginModule's own authentication attempt * <p> If this LoginModule's own authentication attempt
* succeeded (the importing of the Unix authentication information * succeeded (the importing of the Unix authentication information
* succeeded), then this method associates the Unix Principals * succeeded), then this method associates the Unix Principals
* with the <code>Subject</code> currently tied to the * with the {@code Subject} currently tied to the
* <code>LoginModule</code>. If this LoginModule's * {@code LoginModule}. If this LoginModule's
* authentication attempted failed, then this method removes * authentication attempted failed, then this method removes
* any state that was originally saved. * any state that was originally saved.
* *
* <p>
*
* @exception LoginException if the commit fails * @exception LoginException if the commit fails
* *
* @return true if this LoginModule's own login and commit attempts * @return true if this LoginModule's own login and commit attempts
@ -228,10 +222,8 @@ public class UnixLoginModule implements LoginModule {
* did not succeed). * did not succeed).
* *
* <p> This method cleans up any state that was originally saved * <p> This method cleans up any state that was originally saved
* as part of the authentication attempt from the <code>login</code> * as part of the authentication attempt from the {@code login}
* and <code>commit</code> methods. * and {@code commit} methods.
*
* <p>
* *
* @exception LoginException if the abort fails * @exception LoginException if the abort fails
* *
@ -267,13 +259,11 @@ public class UnixLoginModule implements LoginModule {
* Logout the user * Logout the user
* *
* <p> This method removes the Principals associated * <p> This method removes the Principals associated
* with the <code>Subject</code>. * with the {@code Subject}.
*
* <p>
* *
* @exception LoginException if the logout fails * @exception LoginException if the logout fails
* *
* @return true in all cases (this <code>LoginModule</code> * @return true in all cases (this {@code LoginModule}
* should not be ignored). * should not be ignored).
*/ */
public boolean logout() throws LoginException { public boolean logout() throws LoginException {

13
jdk/src/jdk.security.auth/share/classes/com/sun/security/auth/module/UnixSystem.java
View File

@ -26,9 +26,8 @@
package com.sun.security.auth.module; package com.sun.security.auth.module;
/** /**
* <p> This class implementation retrieves and makes available Unix * This class implementation retrieves and makes available Unix
* UID/GID/groups information for the current user. * UID/GID/groups information for the current user.
*
*/ */
@jdk.Exported @jdk.Exported
public class UnixSystem { public class UnixSystem {
@ -41,7 +40,7 @@ public class UnixSystem {
protected long[] groups; protected long[] groups;
/** /**
* Instantiate a <code>UnixSystem</code> and load * Instantiate a {@code UnixSystem} and load
* the native library to access the underlying system information. * the native library to access the underlying system information.
*/ */
public UnixSystem() { public UnixSystem() {
@ -52,8 +51,6 @@ public class UnixSystem {
/** /**
* Get the username for the current Unix user. * Get the username for the current Unix user.
* *
* <p>
*
* @return the username for the current Unix user. * @return the username for the current Unix user.
*/ */
public String getUsername() { public String getUsername() {
@ -63,8 +60,6 @@ public class UnixSystem {
/** /**
* Get the UID for the current Unix user. * Get the UID for the current Unix user.
* *
* <p>
*
* @return the UID for the current Unix user. * @return the UID for the current Unix user.
*/ */
public long getUid() { public long getUid() {
@ -74,8 +69,6 @@ public class UnixSystem {
/** /**
* Get the GID for the current Unix user. * Get the GID for the current Unix user.
* *
* <p>
*
* @return the GID for the current Unix user. * @return the GID for the current Unix user.
*/ */
public long getGid() { public long getGid() {
@ -85,8 +78,6 @@ public class UnixSystem {
/** /**
* Get the supplementary groups for the current Unix user. * Get the supplementary groups for the current Unix user.
* *
* <p>
*
* @return the supplementary groups for the current Unix user. * @return the supplementary groups for the current Unix user.
*/ */
public long[] getGroups() { public long[] getGroups() {