java.security
Class CodeSource

java.lang.Object
  extended by java.security.CodeSource
All Implemented Interfaces:
Serializable

public class CodeSource
extends Object
implements Serializable

This class represents a location from which code is loaded (as represented by a URL), and the list of certificates that are used to check the signatures of signed code loaded from this source.

Since:
1.1
See Also:
Serialized Form

Constructor Summary
CodeSource(URL location, Certificate[] certs)
          This creates a new instance of CodeSource that loads code from the specified URL location and which uses the specified certificates for verifying signatures.
 
Method Summary
 boolean equals(Object obj)
          This method tests the specified Object for equality with this object.
 Certificate[] getCertificates()
          This method returns the list of digital certificates that can be used to verify the signatures of code loaded under this CodeSource.
 URL getLocation()
          This method returns the URL specifying the location from which code will be loaded under this CodeSource.
 int hashCode()
          This method returns a hash value for this object.
 boolean implies(CodeSource cs)
          This method tests to see if a specified CodeSource is implied by this object.
 String toString()
          This method returns a String that represents this object.
 
Methods inherited from class java.lang.Object
clone, finalize, getClass, notify, notifyAll, wait, wait, wait
 

Constructor Detail

CodeSource

public CodeSource(URL location,
                  Certificate[] certs)
This creates a new instance of CodeSource that loads code from the specified URL location and which uses the specified certificates for verifying signatures.

Parameters:
location - the location from which code will be loaded
certs - the list of certificates
Method Detail

hashCode

public int hashCode()
This method returns a hash value for this object.

Overrides:
hashCode in class Object
Returns:
a hash value for this object
See Also:
Object.equals(Object), System.identityHashCode(Object)

equals

public boolean equals(Object obj)
This method tests the specified Object for equality with this object. This will be true if and only if the locations are equal and the certificate sets are identical (ignoring order).

Overrides:
equals in class Object
Parameters:
obj - the Object to test against
Returns:
true if the specified object is equal to this one
See Also:
Object.hashCode()

getLocation

public final URL getLocation()
This method returns the URL specifying the location from which code will be loaded under this CodeSource.

Returns:
the code location for this CodeSource

getCertificates

public final Certificate[] getCertificates()
This method returns the list of digital certificates that can be used to verify the signatures of code loaded under this CodeSource.

Returns:
the certifcate list for this CodeSource

implies

public boolean implies(CodeSource cs)
This method tests to see if a specified CodeSource is implied by this object. Effectively, to meet this test, the specified object must have all the certifcates this object has (but may have more), and must have a location that is a subset of this object's. In order for this object to imply the specified object, the following must be true:
  1. codesource must not be null.
  2. If codesource has a certificate list, all of it's certificates must be present in the certificate list of this code source.
  3. If this object does not have a null location, then the following addtional tests must be passed.
    1. codesource must not have a null location.
    2. codesource's location must be equal to this object's location, or
      • codesource's location protocol, port, and ref (aka, anchor) must equal this objects
      • codesource's location host must imply this object's location host, as determined by contructing SocketPermission objects from each with no action list and using that classes's implies method
      • If this object's location file ends with a '/', then the specified object's location file must start with this object's location file. Otherwise, the specified object's location file must start with this object's location file with the '/' character appended to it.

For example, each of these locations imply the location "http://java.sun.com/classes/foo.jar":

 http:
 http://*.sun.com/classes/*
 http://java.sun.com/classes/-
 http://java.sun.com/classes/foo.jar
 

Note that the code source with null location and null certificates implies all other code sources.

Parameters:
cs - the CodeSource to test against this object
Returns:
true if this specified CodeSource is implied

toString

public String toString()
This method returns a String that represents this object. The result is in the format "(" + getLocation() followed by a space separated list of certificates (or "<no certificates>"), followed by ")".

Overrides:
toString in class Object
Returns:
a String for this object
See Also:
Object.getClass(), Object.hashCode(), Class.getName(), Integer.toHexString(int)