public class ClientPrincipal extends HandleResource implements ClientPrincipalResource, java.lang.Cloneable, Deletable, java.io.Externalizable
Modifier and Type | Class and Description |
---|---|
private static class |
ClientPrincipal.AttrInfo
attributes' descriptor.
|
private static class |
ClientPrincipal.AttrType
attributes' types.
|
static class |
ClientPrincipal.LoginState
CP login states.
|
ClientPrincipalResource.SealCallee, ClientPrincipalResource.SealFailure
Modifier and Type | Field and Description |
---|---|
private java.util.Map<ClientPrincipal.AttrInfo,java.util.Optional<java.lang.Object>> |
attributes
Attributes.
|
private boolean |
deleted
Flag indicating if this resource is was was deleted.
|
private java.lang.String |
domainAccessCode
The domain access code used to
seal this object. |
private boolean |
exported
Flag indicated that CP was exported at least once.
|
private java.lang.String |
generatedSessionId
Generated SESSION-ID.
|
private boolean |
hideValues
Flag indicated that attributed values should not be exposed (see #4801).
|
private ClientPrincipal.LoginState |
loginState
A character value that represents the current state of the client-principal object.
|
private long |
magic
The value of the 0x00d0001c undocumented hidden attribute
|
private static java.util.Set<ClientPrincipal.AttrInfo> |
MANDATORY |
private static java.util.Set<ClientPrincipal.AttrInfo> |
NOT_FOR_MAC |
private java.util.Map<java.lang.String,java.lang.String> |
properties
The set properties in this CLIENT-PRINCIPAL.
|
private java.lang.Boolean |
sealed
Flag indicating this object has been
sealed() . |
private boolean |
sealedOnImport
Flag indicated that CP was sealed on import
|
private ClientPrincipalResource.SealFailure |
sealFailure
SEAL failure reason.
|
instProc
Constructor and Description |
---|
ClientPrincipal()
default constructor.
|
Modifier and Type | Method and Description |
---|---|
private void |
addHiddenAttrs()
Add standard "hidden" attributes.
|
private static void |
argumentUnknownError()
Raise or log an error for the specified attribute, as it can't be set to unknown value.
|
private static void |
attributeEmptyError(java.lang.String attr)
Raise or log an error for the specified attribute, as it can't be set to unknown value.
|
private static void |
attributeUnknownError(java.lang.String attr)
Raise or log an error for the specified attribute, as it can't be set to unknown value.
|
logical |
authenticationFailed()
Indicates that the identity asserted in the unsealed client-principal object cannot be
authenticated.
|
logical |
authenticationFailed(character reason)
Indicates that the identity asserted in the unsealed client-principal object cannot be
authenticated.
|
logical |
authenticationFailed(character reason,
boolean fromSetClient)
Indicates that the identity asserted in the unsealed client-principal object cannot be
authenticated.
|
static void |
authenticationFailed(int code,
java.lang.String where,
java.lang.String reason)
Report CLIENT-PRINCIPAL authentication error
|
logical |
authenticationFailed(java.lang.String reason)
Indicates that the identity asserted in the unsealed client-principal object cannot be
authenticated.
|
logical |
authenticationFailed(java.lang.String reason,
boolean fromSetClient)
Indicates that the identity asserted in the unsealed client-principal object cannot be
authenticated.
|
private boolean |
canBeSealed()
Check if all mandatory attributes are set.
|
ClientPrincipal |
clone()
Create a copy of this CLIENT-PRINCIPAL instance.
|
static void |
create(handle h)
Create a new resource and assign it to the specified handle.
|
static void |
create(handle h,
character widgetPool)
Create a new resource and assign it to the specified handle.
|
static void |
create(handle h,
java.lang.String widgetPool)
Create a new resource and assign it to the specified handle.
|
void |
delete()
Perform actual delete of an resource.
|
raw |
exportPrincipal()
Export the state of this CLIENT-PRINCIPAL object to a byte representation.
|
private void |
finalizeSeal(java.lang.String macPwd)
Add SEAL-TIMESTAMP and calculate MAC.
|
private static java.lang.String |
generateSessionID()
Generate SESSION-ID.
|
character |
getAuditEventContext()
Get the AUDIT-EVENT-CONTEXT attribute.
|
private character |
getCharAttrValue(ClientPrincipal.AttrInfo ai)
Return value of the CHARACTER attribute.
|
character |
getClientTty()
Get the CLIENT-TTY attribute.
|
character |
getClientWks()
Get the CLIENT-WORKSTATION attribute.
|
character |
getDbList()
Get a comma-separated list of logical database names that is stored in the
client-principal object.
|
(package private) java.lang.String |
getDomainAccessCode()
Get this object's domain access code (valid only if it was
sealed() . |
character |
getDomainDescription()
Get the DOMAIN-DESCRIPTION attribute.
|
character |
getDomainName()
Get the DOMAIN-NAME attribute.
|
character |
getDomainType()
Get the DOMAIN-TYPE attribute.
|
datetimetz |
getLoginExpirationTimestamp()
Get the LOGIN-EXPIRATION-TIMESTAMP attribute.
|
character |
getLoginHost()
Get the LOGIN-HOST attribute.
|
character |
getLoginState()
Get the LOGIN-STATE attribute.
|
character |
getPrimaryPassphrase()
Get the PRIMARY-PASSPHRASE attribute.
|
character |
getProperty(character prop)
Get the value of the specified property, from the CLIENT-PRINCIPAL object.
|
character |
getProperty(java.lang.String prop)
Get the value of the specified property, from the CLIENT-PRINCIPAL object.
|
character |
getQualifiedUid()
Get the QUALIFIED-USER-ID attribute.
|
character |
getRoles()
Get the ROLES attribute.
|
datetimetz |
getSealTimestamp()
Get the SEAL-TIMESTAMP attribute.
|
character |
getSessionId()
Get the SESSION-ID attribute.
|
character |
getStateDetail()
Set the STATE-DETAIL attribute.
|
character |
getUserId()
Get the USER-ID attribute.
|
private boolean |
importPrincipal(byte[] data)
Import the state of this CLIENT-PRINCIPAL object from the specified byte representation.
|
logical |
importPrincipal(raw data)
Import the state of this CLIENT-PRINCIPAL object from the specified byte representation.
|
private logical |
init(character qualifiedUid,
character sessionId,
BaseDataType expiration,
java.lang.String primaryPassphrase) |
logical |
initialize(character qualifiedUid)
Simplifies initialization of client-principal object attributes that are required and
commonly used
|
logical |
initialize(character qualifiedUid,
character sessionId)
Simplifies initialization of client-principal object attributes that are required and
commonly used
|
logical |
initialize(character qualifiedUid,
character sessionId,
BaseDataType expiration) |
logical |
initialize(character qualifiedUid,
character sessionId,
BaseDataType expiration,
character primaryPassphrase)
Simplifies initialization of client-principal object attributes that are required and
commonly used
|
boolean |
isSealed()
Check if this CLIENT-PRINCIPIAL has been sealed.
|
character |
listPropertyNames()
Get a list of all application-defined properties stored in the client-principal object.
|
logical |
logout()
Indicates that the user represented by the sealed() client-principal object (in the LOGIN
state) has logged out of their current user login session.
|
private byte[] |
mac(java.lang.String macPwd)
Calculate Message Authentication Code (MAC) of the CP.
|
character |
primaryPassphrase()
Get the PRIMARY-PASSPHRASE attribute value (for internal use).
|
private void |
processAttribute(ClientPrincipal.AttrInfo ai,
java.lang.Object value,
java.util.function.Consumer<byte[]> dest)
Serialize CP attributes
and submit result to a consumer.
|
private void |
processPrincipal(java.util.function.Predicate<ClientPrincipal.AttrInfo> filter,
java.util.function.Consumer<byte[]> consumer)
Serialize CP attributes (including "hidden") one by one
and submit results to a consumer.
|
void |
readExternal(java.io.ObjectInput in)
Replacement for the default object reading method.
|
private int |
readProperties(byte[] data)
Read properties.
|
private void |
readTimestamp(ClientPrincipal.AttrInfo ai,
java.io.DataInputStream dis)
Read DATETIME-TZ attribute.
|
private void |
reset()
Reset state.
|
logical |
seal(character domainAccessCode)
Seal this CLIENT-PRINCIPAL, using the given domain access code.
|
logical |
seal(java.lang.String domainAccessCode)
Seal this CLIENT-PRINCIPAL, using the given domain access code.
|
logical |
seal(java.lang.String domainAccessCode,
ClientPrincipalResource.SealCallee callee)
Seal this CLIENT-PRINCIPAL, using the given domain access code, for internal use.
|
private void |
sealedError(java.lang.String attr)
Raise or log an error for the specified attribute, as the object is sealed().
|
private void |
sealFailed(java.lang.String reason)
Report SEAL failure.
|
ClientPrincipalResource.SealFailure |
sealFailure()
Get the SEAL operation failure reason.
|
private byte[] |
serializePrincipal()
Serialize CP.
|
private byte[] |
serializeProps()
Serialize CP properties.
|
void |
setAuditEventContext(character ctx)
Set the AUDIT-EVENT-CONTEXT Attribute.
|
void |
setAuditEventContext(java.lang.String ctx)
Set the AUDIT-EVENT-CONTEXT Attribute.
|
private void |
setCharAttrValue(ClientPrincipal.AttrInfo ai,
character value)
Set a new value of the optional CHARACTER attribute.
|
private void |
setCharAttrValue(ClientPrincipal.AttrInfo ai,
character value,
boolean mandatory)
Set a new value of the optional CHARACTER attribute.
|
void |
setClientTty(character tty)
Set the CLIENT-TTY Attribute.
|
void |
setClientTty(java.lang.String tty)
Set the CLIENT-TTY Attribute.
|
void |
setClientWks(character wks)
Set the CLIENT-WORKSTATION Attribute.
|
void |
setClientWks(java.lang.String wks)
Set the CLIENT-WORKSTATION Attribute.
|
void |
setDomainDescription(character desc)
Set the DOMAIN-DESCRIPTION Attribute.
|
void |
setDomainDescription(java.lang.String desc)
Set the DOMAIN-DESCRIPTION Attribute.
|
void |
setDomainName(character domainName)
Set the DOMAIN-NAME Attribute.
|
void |
setDomainName(java.lang.String domainName)
Set the DOMAIN-NAME Attribute.
|
void |
setDomainType(character domType)
Set the DOMAIN-TYPE Attribute.
|
void |
setDomainType(java.lang.String domainType)
Set the DOMAIN-TYPE Attribute.
|
void |
setLoginExpirationTimestamp(datetimetz ts)
Get the LOGIN-EXPIRATION-TIMESTAMP attribute.
|
void |
setLoginHost(character host)
Set the LOGIN-HOST Attribute.
|
void |
setLoginHost(java.lang.String host)
Set the LOGIN-HOST Attribute.
|
void |
setLoginState(ClientPrincipal.LoginState state)
Set the LOGIN-STATE attribute.
|
void |
setPrimaryPassphrase(character passphrase)
Set the PRIMARY-PASSPHRASE attribute.
|
void |
setPrimaryPassphrase(java.lang.String passphrase)
Set the PRIMARY-PASSPHRASE attribute.
|
logical |
setProperty(character prop,
character val)
Set this property in the CLIENT-PRINCIPAL object.
|
logical |
setProperty(character prop,
java.lang.String val)
Set this property in the CLIENT-PRINCIPAL object.
|
logical |
setProperty(java.lang.String prop,
character val)
Set this property in the CLIENT-PRINCIPAL object.
|
logical |
setProperty(java.lang.String prop,
java.lang.String val)
Set this property in the CLIENT-PRINCIPAL object.
|
private void |
setQualifiedIserId(java.lang.String quid)
Split QUALIFIED-USER-ID attribute value and set USER-ID and DOMAIN-NAME.
|
void |
setQualifiedUid(character uid)
Set the QUALIFIED-USER-ID attribute.
|
void |
setQualifiedUid(java.lang.String uid)
Set the QUALIFIED-USER-ID attribute.
|
void |
setRoles(character rs)
Set the ROLES Attribute.
|
void |
setRoles(java.lang.String roles)
Set the ROLES Attribute.
|
void |
setSessionId(character sessionId)
Set the SESSION-ID Attribute.
|
void |
setSessionId(java.lang.String sessionId)
Set the SESSION-ID Attribute.
|
void |
setUserId(character userId)
Set the USER-ID Attribute.
|
void |
setUserId(java.lang.String userId)
Set the USER-ID Attribute.
|
private static byte[] |
toBytes(int v)
Convert int to byte[].
|
private static byte[] |
toBytes(long v)
Convert long to byte[].
|
private static byte[] |
toBytes(short v)
Convert short to byte[].
|
private logical |
trySeal(java.lang.String where,
java.lang.String dac,
ClientPrincipalResource.SealCallee callee)
Try to seal CLIENT-PRINCIPAL if unsealed
|
boolean |
valid()
Reports if this object is valid for use.
|
boolean |
validateDomainAccessCode(java.lang.String dac)
Validate domain access code for a sealed principal
|
logical |
validateDomainAccessCode(java.lang.String where,
java.lang.String dac,
ClientPrincipalResource.SealCallee callee)
Validate CLIENT-PRINCIPAL against domain access code.
|
logical |
validatePassword(java.lang.String where,
java.lang.String dac,
java.lang.String password,
ClientPrincipalResource.SealCallee callee)
Validate CLIENT-PRINCIPAL against domain password.
|
logical |
validateSeal()
Validates the message authentication code (MAC) generated by the SEAL( ) method to seal a
client-principal object.
|
logical |
validateSeal(character domainAccessCode)
Validates the message authentication code (MAC) generated by the SEAL( ) method to seal a
client-principal object.
|
logical |
validateSeal(java.lang.String domainAccessCode)
Validates the message authentication code (MAC) generated by the SEAL( ) method to seal a
client-principal object.
|
static void |
validationFailed(int code,
java.lang.String where,
java.lang.String reason)
Report CLIENT-PRINCIPAL validation error
|
private boolean |
wasSealed()
Check if object was ever sealed
|
void |
writeExternal(java.io.ObjectOutput out)
Replacement for the default object writing method.
|
doDelete, getResourceType, id, id, implicitDeletion, incrementTrigger, instantiatingProcedure, invalidAttribute, processResource, readOnlyError, readOnlyError, registerResource, resourceDelete, setInstantiatingProcedure, toString, type, unableToAssignUnknown, unknown
private static final java.util.Set<ClientPrincipal.AttrInfo> MANDATORY
private static final java.util.Set<ClientPrincipal.AttrInfo> NOT_FOR_MAC
private final java.util.Map<ClientPrincipal.AttrInfo,java.util.Optional<java.lang.Object>> attributes
private boolean deleted
private final java.lang.String generatedSessionId
private final java.util.Map<java.lang.String,java.lang.String> properties
private java.lang.Boolean sealed
sealed()
.private java.lang.String domainAccessCode
seal
this object.private ClientPrincipal.LoginState loginState
private boolean exported
private boolean hideValues
private ClientPrincipalResource.SealFailure sealFailure
private boolean sealedOnImport
private long magic
public static void create(handle h)
h
- The handle where to save the resource. Must be not-null.public static void create(handle h, java.lang.String widgetPool)
h
- The handle where to save the resource. Must be not-null.widgetPool
- The named widget pool where to save the widget. If null
, use the
closest unnamed pool.public static void create(handle h, character widgetPool)
h
- The handle where to save the resource. Must be not-null.widgetPool
- The named widget pool where to save the widget. If null
, use the
closest unnamed pool.public boolean valid()
valid
in interface WrappedResource
true
if we are valid (can be used).public void delete()
delete
in interface Deletable
delete
in class HandleResource
public character getUserId()
getUserId
in interface ClientPrincipalResource
public void setUserId(character userId)
setUserId
in interface ClientPrincipalResource
userId
- The value of the USER-ID attribute.public void setUserId(java.lang.String userId)
setUserId
in interface ClientPrincipalResource
userId
- The value of the USER-ID attribute.public character getDomainType()
getDomainType
in interface ClientPrincipalResource
public void setDomainType(character domType)
setDomainType
in interface ClientPrincipalResource
domType
- The value of the DOMAIN-TYPE attribute.public void setDomainType(java.lang.String domainType)
setDomainType
in interface ClientPrincipalResource
domainType
- The value of the DOMAIN-TYPE attribute.public character getDomainName()
getDomainName
in interface ClientPrincipalResource
public void setDomainName(character domainName)
setDomainName
in interface ClientPrincipalResource
domainName
- The value of the DOMAIN-NAME attribute.public void setDomainName(java.lang.String domainName)
setDomainName
in interface ClientPrincipalResource
domainName
- The value of the DOMAIN-NAME attribute.public character getSessionId()
getSessionId
in interface ClientPrincipalResource
public void setSessionId(character sessionId)
setSessionId
in interface ClientPrincipalResource
sessionId
- The value of the SESSION-ID attribute.public void setSessionId(java.lang.String sessionId)
setSessionId
in interface ClientPrincipalResource
sessionId
- The value of the SESSION-ID attribute.public character getDomainDescription()
getDomainDescription
in interface ClientPrincipalResource
public void setDomainDescription(java.lang.String desc)
setDomainDescription
in interface ClientPrincipalResource
desc
- The value of the DOMAIN-DESCRIPTION attribute.public void setDomainDescription(character desc)
setDomainDescription
in interface ClientPrincipalResource
desc
- The value of the DOMAIN-DESCRIPTION attribute.public character getClientTty()
getClientTty
in interface ClientPrincipalResource
public void setClientTty(java.lang.String tty)
setClientTty
in interface ClientPrincipalResource
tty
- The value of the CLIENT-TTY attribute.public void setClientTty(character tty)
setClientTty
in interface ClientPrincipalResource
tty
- The value of the CLIENT-TTY attribute.public character getClientWks()
getClientWks
in interface ClientPrincipalResource
public void setClientWks(java.lang.String wks)
setClientWks
in interface ClientPrincipalResource
wks
- The value of the CLIENT-WORKSTATION attribute.public void setClientWks(character wks)
setClientWks
in interface ClientPrincipalResource
wks
- The value of the CLIENT-WORKSTATION attribute.public character getAuditEventContext()
getAuditEventContext
in interface ClientPrincipalResource
public void setAuditEventContext(java.lang.String ctx)
setAuditEventContext
in interface ClientPrincipalResource
ctx
- The value of the AUDIT-EVENT-CONTEXT attribute.public void setAuditEventContext(character ctx)
setAuditEventContext
in interface ClientPrincipalResource
ctx
- The value of the AUDIT-EVENT-CONTEXT attribute.public character getLoginHost()
getLoginHost
in interface ClientPrincipalResource
public void setLoginHost(java.lang.String host)
setLoginHost
in interface ClientPrincipalResource
host
- The value of the LOGIN-HOST attribute.public void setLoginHost(character host)
setLoginHost
in interface ClientPrincipalResource
host
- The value of the LOGIN-HOST attribute.public character getRoles()
getRoles
in interface ClientPrincipalResource
public void setRoles(java.lang.String roles)
setRoles
in interface ClientPrincipalResource
roles
- The value of the ROLES attribute.public void setRoles(character rs)
setRoles
in interface ClientPrincipalResource
rs
- The value of the ROLES attribute.public character getLoginState()
getLoginState
in interface ClientPrincipalResource
public void setLoginState(ClientPrincipal.LoginState state)
state
- A character value that represents the current state of the
client-principal object.public datetimetz getLoginExpirationTimestamp()
getLoginExpirationTimestamp
in interface ClientPrincipalResource
public void setLoginExpirationTimestamp(datetimetz ts)
setLoginExpirationTimestamp
in interface ClientPrincipalResource
ts
- The time stamp specifying when the client-principal object will expire
client-principal object.public datetimetz getSealTimestamp()
getSealTimestamp
in interface ClientPrincipalResource
public character getPrimaryPassphrase()
getPrimaryPassphrase
in interface ClientPrincipalResource
null
public character primaryPassphrase()
primaryPassphrase
in interface ClientPrincipalResource
public void setPrimaryPassphrase(java.lang.String passphrase)
setPrimaryPassphrase
in interface ClientPrincipalResource
passphrase
- new value of the attributepublic void setPrimaryPassphrase(character passphrase)
setPrimaryPassphrase
in interface ClientPrincipalResource
passphrase
- new value of the attributepublic character getQualifiedUid()
getQualifiedUid
in interface ClientPrincipalResource
public void setQualifiedUid(java.lang.String uid)
setQualifiedUid
in interface ClientPrincipalResource
uid
- new value of the attributepublic void setQualifiedUid(character uid)
setQualifiedUid
in interface ClientPrincipalResource
uid
- new value of the attributepublic character getStateDetail()
getStateDetail
in interface ClientPrincipalResource
public character getDbList()
getDbList
in interface ClientPrincipalResource
public logical setProperty(character prop, character val)
setProperty
in interface ClientPrincipalResource
prop
- The property's name.val
- The property's value.true
if the property could be set.public logical setProperty(character prop, java.lang.String val)
setProperty
in interface ClientPrincipalResource
prop
- The property's name.val
- The property's value.true
if the property could be set.public logical setProperty(java.lang.String prop, character val)
setProperty
in interface ClientPrincipalResource
prop
- The property's name.val
- The property's value.true
if the property could be set.public logical setProperty(java.lang.String prop, java.lang.String val)
setProperty
in interface ClientPrincipalResource
prop
- The property's name.val
- The property's value.true
if the property could be set.public character getProperty(character prop)
getProperty
in interface ClientPrincipalResource
prop
- The property's name.public character getProperty(java.lang.String prop)
getProperty
in interface ClientPrincipalResource
prop
- The property's name.public character listPropertyNames()
listPropertyNames
in interface ClientPrincipalResource
public raw exportPrincipal()
exportPrincipal
in interface ClientPrincipalResource
raw
instance.public logical importPrincipal(raw data)
importPrincipal
in interface ClientPrincipalResource
data
- The byte representation.true
id successfulpublic logical seal(character domainAccessCode)
seal
in interface ClientPrincipalResource
domainAccessCode
- The access code.true
id successfulpublic logical seal(java.lang.String domainAccessCode)
seal
in interface ClientPrincipalResource
domainAccessCode
- The access code.true
id successfulpublic logical seal(java.lang.String domainAccessCode, ClientPrincipalResource.SealCallee callee)
seal
in interface ClientPrincipalResource
domainAccessCode
- The access code.callee
- the method callee.true
id successful.public ClientPrincipalResource.SealFailure sealFailure()
sealFailure
in interface ClientPrincipalResource
public logical authenticationFailed()
authenticationFailed
in interface ClientPrincipalResource
true
id successfulpublic logical authenticationFailed(character reason)
authenticationFailed
in interface ClientPrincipalResource
reason
- An optional character expression that specifies the reason for the authentication
failure.true
id successfulpublic logical authenticationFailed(character reason, boolean fromSetClient)
authenticationFailed
in interface ClientPrincipalResource
reason
- An optional character expression that specifies the reason for the authentication
failure.fromSetClient
- flag indicating that called from SET-CLIENT.true
id successful.public logical authenticationFailed(java.lang.String reason, boolean fromSetClient)
authenticationFailed
in interface ClientPrincipalResource
reason
- An optional character expression that specifies the reason for the authentication
failure.fromSetClient
- flag indicating that called from SET-CLIENT.true
id successfulpublic logical authenticationFailed(java.lang.String reason)
authenticationFailed
in interface ClientPrincipalResource
reason
- An optional character expression that specifies the reason for the authentication
failure.true
id successful.public logical validateSeal()
validateSeal
in interface ClientPrincipalResource
true
id successfulpublic logical validateSeal(java.lang.String domainAccessCode)
validateSeal
in interface ClientPrincipalResource
domainAccessCode
- The access code.true
id successfulpublic logical validateSeal(character domainAccessCode)
validateSeal
in interface ClientPrincipalResource
domainAccessCode
- The access code.true
id successfulpublic logical logout()
logout
in interface ClientPrincipalResource
true
id successfulpublic logical initialize(character qualifiedUid)
ClientPrincipalResource
initialize
in interface ClientPrincipalResource
qualifiedUid
- A character expression that evaluates to a fully qualified user ID (user name and
domain name delimited by the '@' character)true
on successpublic logical initialize(character qualifiedUid, character sessionId)
ClientPrincipalResource
initialize
in interface ClientPrincipalResource
qualifiedUid
- A character expression that evaluates to a fully qualified user ID (user name and
domain name delimited by the '@' character)sessionId
- An optional character expression that evaluates to the user's application login session ID.true
on successpublic logical initialize(character qualifiedUid, character sessionId, BaseDataType expiration)
initialize
in interface ClientPrincipalResource
qualifiedUid
- A character expression that evaluates to a fully qualified user ID (user name and
domain name delimited by the '@' character)sessionId
- An optional character expression that evaluates to the user's application login
session ID.expiration
- An optional DATETIME-TZ expression that evaluates to a date and time value that
specifies the expiration of thee client-principal user credentialstrue
on successpublic logical initialize(character qualifiedUid, character sessionId, BaseDataType expiration, character primaryPassphrase)
ClientPrincipalResource
initialize
in interface ClientPrincipalResource
qualifiedUid
- A character expression that evaluates to a fully qualified user ID (user name and
domain name delimited by the '@' character)sessionId
- An optional character expression that evaluates to the user's application login
session ID.expiration
- An optional DATETIME-TZ expression that evaluates to a date and time value that
specifies the expiration of thee client-principal user credentialsprimaryPassphrase
- An optional character expression that evaluates to the cleartext or encrypted value
of the user's account password.true
on successprivate logical init(character qualifiedUid, character sessionId, BaseDataType expiration, java.lang.String primaryPassphrase)
qualifiedUid
- A character expression that evaluates to a fully qualified user ID (user name and
domain name delimited by the '@' character)sessionId
- An optional character expression that evaluates to the user's application login
session ID.expiration
- An optional DATETIME-TZ expression that evaluates to a date and time value that
specifies the expiration of thee client-principal user credentialsprimaryPassphrase
- An optional character expression that evaluates to the cleartext or encrypted value
of the user's account password.true
on successprivate void reset()
public ClientPrincipal clone()
Relies on exportPrincipal()
and importPrincipal(com.goldencode.p2j.util.raw)
to transfer the state
from this instance to the copy.
clone
in class java.lang.Object
public logical validatePassword(java.lang.String where, java.lang.String dac, java.lang.String password, ClientPrincipalResource.SealCallee callee)
validatePassword
in interface ClientPrincipalResource
where
- subsystem namedac
- domain access codepassword
- domain passwordcallee
- where the method is called fromtrue
if successfulpublic logical validateDomainAccessCode(java.lang.String where, java.lang.String dac, ClientPrincipalResource.SealCallee callee)
validateDomainAccessCode
in interface ClientPrincipalResource
where
- subsystem namedac
- domain access codecallee
- where the method is called fromtrue
if successfulpublic boolean validateDomainAccessCode(java.lang.String dac)
dac
- domain access codetrue
if successfulpublic boolean isSealed()
isSealed
in interface ClientPrincipalResource
private boolean importPrincipal(byte[] data)
data
- The byte representation.private boolean wasSealed()
true
if object was ever sealedjava.lang.String getDomainAccessCode()
sealed()
.domain access code
.public static void validationFailed(int code, java.lang.String where, java.lang.String reason)
code
- error codewhere
- subsystem namereason
- reasonpublic static void authenticationFailed(int code, java.lang.String where, java.lang.String reason)
code
- error code.where
- subsystem name.reason
- reason.private static void argumentUnknownError()
private static void attributeUnknownError(java.lang.String attr)
attr
- The attribute being accessed.private static void attributeEmptyError(java.lang.String attr)
attr
- The attribute being accessed.private void sealedError(java.lang.String attr)
attr
- The attribute being accessed.private void sealFailed(java.lang.String reason)
reason
- fail reason.private void finalizeSeal(java.lang.String macPwd)
private logical trySeal(java.lang.String where, java.lang.String dac, ClientPrincipalResource.SealCallee callee)
where
- subsystem namedac
- domain access codecallee
- where the method is called fromtrue
if successfulprivate byte[] mac(java.lang.String macPwd)
macPwd
- MAC password.private static java.lang.String generateSessionID()
private void setQualifiedIserId(java.lang.String quid)
quid
- QUALIFIED-USER-ID attribute valueprivate character getCharAttrValue(ClientPrincipal.AttrInfo ai)
ai
- attribute descriptor.private void setCharAttrValue(ClientPrincipal.AttrInfo ai, character value)
ai
- attribute descriptor.value
- a new value of the attribute.private void setCharAttrValue(ClientPrincipal.AttrInfo ai, character value, boolean mandatory)
ai
- attribute descriptor.value
- a new value of the attribute.mandatory
- boolean flag indicating that the attribute value cannot by null or UNKNOWN.private byte[] serializePrincipal()
private void processPrincipal(java.util.function.Predicate<ClientPrincipal.AttrInfo> filter, java.util.function.Consumer<byte[]> consumer)
consumer
- Consumer
instance to process serialized attributes.filter
- Predicate
instance to filter attributesprivate void processAttribute(ClientPrincipal.AttrInfo ai, java.lang.Object value, java.util.function.Consumer<byte[]> dest)
ai
- attribute descriptor.value
- attribute value.dest
- Consumer
instance to process serialized attributes.private byte[] serializeProps()
private static byte[] toBytes(short v)
v
- value to be converted.private static byte[] toBytes(int v)
v
- value to be converted.private static byte[] toBytes(long v)
v
- value to be converted.private void addHiddenAttrs()
private int readProperties(byte[] data) throws java.io.IOException
data
- serialized properties data.java.io.IOException
- If any issue is encountered while accessing the input stream.private void readTimestamp(ClientPrincipal.AttrInfo ai, java.io.DataInputStream dis) throws java.io.IOException
ai
- attribute descriptor.dis
- input stream.java.io.IOException
- If any issue is encountered while accessing the input stream.private boolean canBeSealed()
true
if all mandatory attributes are set.public void writeExternal(java.io.ObjectOutput out) throws java.io.IOException
writeExternal
in interface java.io.Externalizable
out
- The output destination to which fields will be saved.java.io.IOException
- In case of I/O errors.public void readExternal(java.io.ObjectInput in) throws java.io.IOException, java.lang.ClassNotFoundException
readExternal
in interface java.io.Externalizable
in
- Input source from which fields will be restored.java.io.IOException
- In case of I/O errors.java.lang.ClassNotFoundException
- If payload can't be instantiated.