javax.security.auth.x500
Class X500Principal

java.lang.Object sample code for java.lang.Object definition code for java.lang.Object 
  extended by javax.security.auth.x500.X500Principal
All Implemented Interfaces:
Serializable sample code for java.io.Serializable definition code for java.io.Serializable , Principal sample code for java.security.Principal definition code for java.security.Principal

public final class X500Principal
extends Object sample code for java.lang.Object definition code for java.lang.Object
implements Principal sample code for java.security.Principal definition code for java.security.Principal , Serializable sample code for java.io.Serializable definition code for java.io.Serializable

This class represents an X.500 Principal. X500Principals are represented by distinguished names such as "CN=Duke, OU=JavaSoft, O=Sun Microsystems, C=US".

This class can be instantiated by using a string representation of the distinguished name, or by using the ASN.1 DER encoded byte representation of the distinguished name. The current specification for the string representation of a distinguished name is defined in RFC 2253. This class, however, accepts string formats from both RFC 2253 and RFC 1779, and also recognizes attribute type keywords whose OIDs (Object Identifiers) are defined in RFC 2459.

The string representation for this X500Principal can be obtained by calling the getName methods.

Note that the getSubjectX500Principal and getIssuerX500Principal methods of X509Certificate return X500Principals representing the issuer and subject fields of the certificate.

Since:
1.4
See Also:
X509Certificate sample code for java.security.cert.X509Certificate definition code for java.security.cert.X509Certificate , Serialized Form

Field Summary
static String sample code for java.lang.String definition code for java.lang.String CANONICAL sample code for javax.security.auth.x500.X500Principal.CANONICAL definition code for javax.security.auth.x500.X500Principal.CANONICAL
          Canonical String format of Distinguished Names.
static String sample code for java.lang.String definition code for java.lang.String RFC1779 sample code for javax.security.auth.x500.X500Principal.RFC1779 definition code for javax.security.auth.x500.X500Principal.RFC1779
          RFC 1779 String format of Distinguished Names.
static String sample code for java.lang.String definition code for java.lang.String RFC2253 sample code for javax.security.auth.x500.X500Principal.RFC2253 definition code for javax.security.auth.x500.X500Principal.RFC2253
          RFC 2253 String format of Distinguished Names.
 
Constructor Summary
X500Principal sample code for javax.security.auth.x500.X500Principal.X500Principal(byte[]) definition code for javax.security.auth.x500.X500Principal.X500Principal(byte[]) (byte[] name)
          Creates an X500Principal from a distinguished name in ASN.1 DER encoded form.
X500Principal sample code for javax.security.auth.x500.X500Principal.X500Principal(java.io.InputStream) definition code for javax.security.auth.x500.X500Principal.X500Principal(java.io.InputStream) (InputStream sample code for java.io.InputStream definition code for java.io.InputStream  is)
          Creates an X500Principal from an InputStream containing the distinguished name in ASN.1 DER encoded form.
X500Principal sample code for javax.security.auth.x500.X500Principal.X500Principal(java.lang.String) definition code for javax.security.auth.x500.X500Principal.X500Principal(java.lang.String) (String sample code for java.lang.String definition code for java.lang.String  name)
          Creates an X500Principal from a string representation of an X.500 distinguished name (ex: "CN=Duke, OU=JavaSoft, O=Sun Microsystems, C=US").
 
Method Summary
 boolean equals sample code for javax.security.auth.x500.X500Principal.equals(java.lang.Object) definition code for javax.security.auth.x500.X500Principal.equals(java.lang.Object) (Object sample code for java.lang.Object definition code for java.lang.Object  o)
          Compares the specified Object with this X500Principal for equality.
 byte[] getEncoded sample code for javax.security.auth.x500.X500Principal.getEncoded() definition code for javax.security.auth.x500.X500Principal.getEncoded() ()
          Returns the distinguished name in ASN.1 DER encoded form.
 String sample code for java.lang.String definition code for java.lang.String getName sample code for javax.security.auth.x500.X500Principal.getName() definition code for javax.security.auth.x500.X500Principal.getName() ()
          Returns a string representation of the X.500 distinguished name using the format defined in RFC 2253.
 String sample code for java.lang.String definition code for java.lang.String getName sample code for javax.security.auth.x500.X500Principal.getName(java.lang.String) definition code for javax.security.auth.x500.X500Principal.getName(java.lang.String) (String sample code for java.lang.String definition code for java.lang.String  format)
          Returns a string representation of the X.500 distinguished name using the specified format.
 int hashCode sample code for javax.security.auth.x500.X500Principal.hashCode() definition code for javax.security.auth.x500.X500Principal.hashCode() ()
          Return a hash code for this X500Principal.
 String sample code for java.lang.String definition code for java.lang.String toString sample code for javax.security.auth.x500.X500Principal.toString() definition code for javax.security.auth.x500.X500Principal.toString() ()
          Return a user-friendly string representation of this X500Principal.
 
Methods inherited from class java.lang.Object sample code for java.lang.Object definition code for java.lang.Object
clone sample code for java.lang.Object.clone() definition code for java.lang.Object.clone() , finalize sample code for java.lang.Object.finalize() definition code for java.lang.Object.finalize() , getClass sample code for java.lang.Object.getClass() definition code for java.lang.Object.getClass() , notify sample code for java.lang.Object.notify() definition code for java.lang.Object.notify() , notifyAll sample code for java.lang.Object.notifyAll() definition code for java.lang.Object.notifyAll() , wait sample code for java.lang.Object.wait() definition code for java.lang.Object.wait() , wait sample code for java.lang.Object.wait(long) definition code for java.lang.Object.wait(long) , wait sample code for java.lang.Object.wait(long, int) definition code for java.lang.Object.wait(long, int)
 

Field Detail

RFC1779 sample code for javax.security.auth.x500.X500Principal.RFC1779

public static final String sample code for java.lang.String definition code for java.lang.String  RFC1779
RFC 1779 String format of Distinguished Names.

See Also:
Constant Field Values

RFC2253 sample code for javax.security.auth.x500.X500Principal.RFC2253

public static final String sample code for java.lang.String definition code for java.lang.String  RFC2253
RFC 2253 String format of Distinguished Names.

See Also:
Constant Field Values

CANONICAL sample code for javax.security.auth.x500.X500Principal.CANONICAL

public static final String sample code for java.lang.String definition code for java.lang.String  CANONICAL
Canonical String format of Distinguished Names.

See Also:
Constant Field Values
Constructor Detail

X500Principal sample code for javax.security.auth.x500.X500Principal(java.lang.String) definition code for javax.security.auth.x500.X500Principal(java.lang.String)

public X500Principal(String sample code for java.lang.String definition code for java.lang.String  name)
Creates an X500Principal from a string representation of an X.500 distinguished name (ex: "CN=Duke, OU=JavaSoft, O=Sun Microsystems, C=US"). The distinguished name must be specified using the grammar defined in RFC 1779 or RFC 2253 (either format is acceptable).

This constructor recognizes the attribute type keywords defined in RFC 1779 and RFC 2253 (and listed in getName(String format) sample code for javax.security.auth.x500.X500Principal.getName(java.lang.String) definition code for javax.security.auth.x500.X500Principal.getName(java.lang.String) ), as well as the T, DNQ or DNQUALIFIER, SURNAME, GIVENNAME, INITIALS, GENERATION, EMAILADDRESS, and SERIALNUMBER keywords whose OIDs are defined in RFC 2459 and its successor. Any other attribute type must be specified as an OID.

Parameters:
name - an X.500 distinguished name in RFC 1779 or RFC 2253 format
Throws:
NullPointerException sample code for java.lang.NullPointerException definition code for java.lang.NullPointerException - if the name is null
IllegalArgumentException sample code for java.lang.IllegalArgumentException definition code for java.lang.IllegalArgumentException - if the name is improperly specified

X500Principal sample code for javax.security.auth.x500.X500Principal(byte[]) definition code for javax.security.auth.x500.X500Principal(byte[])

public X500Principal(byte[] name)
Creates an X500Principal from a distinguished name in ASN.1 DER encoded form. The ASN.1 notation for this structure is as follows.

 Name ::= CHOICE {
   RDNSequence }

 RDNSequence ::= SEQUENCE OF RelativeDistinguishedName

 RelativeDistinguishedName ::=
   SET SIZE (1 .. MAX) OF AttributeTypeAndValue

 AttributeTypeAndValue ::= SEQUENCE {
   type     AttributeType,
   value    AttributeValue }

 AttributeType ::= OBJECT IDENTIFIER

 AttributeValue ::= ANY DEFINED BY AttributeType
 ....
 DirectoryString ::= CHOICE {
       teletexString           TeletexString (SIZE (1..MAX)),
       printableString         PrintableString (SIZE (1..MAX)),
       universalString         UniversalString (SIZE (1..MAX)),
       utf8String              UTF8String (SIZE (1.. MAX)),
       bmpString               BMPString (SIZE (1..MAX)) }
 

Parameters:
name - a byte array containing the distinguished name in ASN.1 DER encoded form
Throws:
IllegalArgumentException sample code for java.lang.IllegalArgumentException definition code for java.lang.IllegalArgumentException - if an encoding error occurs (incorrect form for DN)

X500Principal sample code for javax.security.auth.x500.X500Principal(java.io.InputStream) definition code for javax.security.auth.x500.X500Principal(java.io.InputStream)

public X500Principal(InputStream sample code for java.io.InputStream definition code for java.io.InputStream  is)
Creates an X500Principal from an InputStream containing the distinguished name in ASN.1 DER encoded form. The ASN.1 notation for this structure is supplied in the documentation for X500Principal(byte[] name) sample code for javax.security.auth.x500.X500Principal.X500Principal(byte[]) definition code for javax.security.auth.x500.X500Principal.X500Principal(byte[]) .

The read position of the input stream is positioned to the next available byte after the encoded distinguished name.

Parameters:
is - an InputStream containing the distinguished name in ASN.1 DER encoded form
Throws:
NullPointerException sample code for java.lang.NullPointerException definition code for java.lang.NullPointerException - if the InputStream is null
IllegalArgumentException sample code for java.lang.IllegalArgumentException definition code for java.lang.IllegalArgumentException - if an encoding error occurs (incorrect form for DN)
Method Detail

getName sample code for javax.security.auth.x500.X500Principal.getName() definition code for javax.security.auth.x500.X500Principal.getName()

public String sample code for java.lang.String definition code for java.lang.String  getName()
Returns a string representation of the X.500 distinguished name using the format defined in RFC 2253.

This method is equivalent to calling getName(X500Principal.RFC2253).

Specified by:
getName sample code for java.security.Principal.getName() definition code for java.security.Principal.getName() in interface Principal sample code for java.security.Principal definition code for java.security.Principal
Returns:
the distinguished name of this X500Principal

getName sample code for javax.security.auth.x500.X500Principal.getName(java.lang.String) definition code for javax.security.auth.x500.X500Principal.getName(java.lang.String)

public String sample code for java.lang.String definition code for java.lang.String  getName(String sample code for java.lang.String definition code for java.lang.String  format)
Returns a string representation of the X.500 distinguished name using the specified format. Valid values for the format are "RFC1779", "RFC2253", and "CANONICAL" (case insensitive).

If "RFC1779" is specified as the format, this method emits the attribute type keywords defined in RFC 1779 (CN, L, ST, O, OU, C, STREET). Any other attribute type is emitted as an OID.

If "RFC2253" is specified as the format, this method emits the attribute type keywords defined in RFC 2253 (CN, L, ST, O, OU, C, STREET, DC, UID). Any other attribute type is emitted as an OID. Under a strict reading, RFC 2253 only specifies a UTF-8 string representation. The String returned by this method is the Unicode string achieved by decoding this UTF-8 representation.

If "CANONICAL" is specified as the format, this method returns an RFC 2253 conformant string representation with the following additional canonicalizations:

  1. Leading zeros are removed from attribute types that are encoded as dotted decimal OIDs
  2. DirectoryString attribute values of type PrintableString and UTF8String are not output in hexadecimal format
  3. DirectoryString attribute values of types other than PrintableString and UTF8String are output in hexadecimal format
  4. Leading and trailing white space characters are removed from non-hexadecimal attribute values (unless the value consists entirely of white space characters)
  5. Internal substrings of one or more white space characters are converted to a single space in non-hexadecimal attribute values
  6. Relative Distinguished Names containing more than one Attribute Value Assertion (AVA) are output in the following order: an alphabetical ordering of AVAs containing standard keywords, followed by a numeric ordering of AVAs containing OID keywords.
  7. The only characters in attribute values that are escaped are those which section 2.4 of RFC 2253 states must be escaped (they are escaped using a preceding backslash character)
  8. The entire name is converted to upper case using String.toUpperCase(Locale.US)
  9. The entire name is converted to lower case using String.toLowerCase(Locale.US)
  10. The name is finally normalized using normalization form KD, as described in the Unicode Standard and UAX #15

Additional standard formats may be introduced in the future.

Parameters:
format - the format to use
Returns:
a string representation of this X500Principal using the specified format
Throws:
IllegalArgumentException sample code for java.lang.IllegalArgumentException definition code for java.lang.IllegalArgumentException - if the specified format is invalid

getEncoded sample code for javax.security.auth.x500.X500Principal.getEncoded() definition code for javax.security.auth.x500.X500Principal.getEncoded()

public byte[] getEncoded()
Returns the distinguished name in ASN.1 DER encoded form. The ASN.1 notation for this structure is supplied in the documentation for X500Principal(byte[] name) sample code for javax.security.auth.x500.X500Principal.X500Principal(byte[]) definition code for javax.security.auth.x500.X500Principal.X500Principal(byte[]) .

Note that the byte array returned is cloned to protect against subsequent modifications.

Returns:
a byte array containing the distinguished name in ASN.1 DER encoded form

toString sample code for javax.security.auth.x500.X500Principal.toString() definition code for javax.security.auth.x500.X500Principal.toString()

public String sample code for java.lang.String definition code for java.lang.String  toString()
Return a user-friendly string representation of this X500Principal.

Specified by:
toString sample code for java.security.Principal.toString() definition code for java.security.Principal.toString() in interface Principal sample code for java.security.Principal definition code for java.security.Principal
Overrides:
toString sample code for java.lang.Object.toString() definition code for java.lang.Object.toString() in class Object sample code for java.lang.Object definition code for java.lang.Object
Returns:
a string representation of this X500Principal

equals sample code for javax.security.auth.x500.X500Principal.equals(java.lang.Object) definition code for javax.security.auth.x500.X500Principal.equals(java.lang.Object)

public boolean equals(Object sample code for java.lang.Object definition code for java.lang.Object  o)
Compares the specified Object with this X500Principal for equality.

Specifically, this method returns true if the Object o is an X500Principal and if the respective canonical string representations (obtained via the getName(X500Principal.CANONICAL) method) of this object and o are equal.

This implementation is compliant with the requirements of RFC 2459.

Specified by:
equals sample code for java.security.Principal.equals(java.lang.Object) definition code for java.security.Principal.equals(java.lang.Object) in interface Principal sample code for java.security.Principal definition code for java.security.Principal
Overrides:
equals sample code for java.lang.Object.equals(java.lang.Object) definition code for java.lang.Object.equals(java.lang.Object) in class Object sample code for java.lang.Object definition code for java.lang.Object
Parameters:
o - Object to be compared for equality with this X500Principal
Returns:
true if the specified Object is equal to this X500Principal, false otherwise
See Also:
Object.hashCode() sample code for java.lang.Object.hashCode() definition code for java.lang.Object.hashCode() , Hashtable sample code for java.util.Hashtable definition code for java.util.Hashtable

hashCode sample code for javax.security.auth.x500.X500Principal.hashCode() definition code for javax.security.auth.x500.X500Principal.hashCode()

public int hashCode()
Return a hash code for this X500Principal.

The hash code is calculated via: getName(X500Principal.CANONICAL).hashCode()

Specified by:
hashCode sample code for java.security.Principal.hashCode() definition code for java.security.Principal.hashCode() in interface Principal sample code for java.security.Principal definition code for java.security.Principal
Overrides:
hashCode sample code for java.lang.Object.hashCode() definition code for java.lang.Object.hashCode() in class Object sample code for java.lang.Object definition code for java.lang.Object
Returns:
a hash code for this X500Principal
See Also:
Object.equals(java.lang.Object) sample code for java.lang.Object.equals(java.lang.Object) definition code for java.lang.Object.equals(java.lang.Object) , Hashtable sample code for java.util.Hashtable definition code for java.util.Hashtable