O'Reilly logo

Java Distributed Computing by Jim Farley

Stay ahead with the world's most comprehensive technology and business learning platform.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, tutorials, and more.

Start Free Trial

No credit card required

Identities and Access Control

The Identity class represents an agent within the Security API. Identity implements the Principal interface, which is a generic representation of a person, group, or other named entity. An Identity has a name, which it inherits from the Principal interface, and other information that verifies the identity of the agent (a public key and assorted certificates, for example). A Signer is a subclass of Identity that also includes a private key that can be used to sign data. We’ll discuss public and private keys and how they are created in more detail later in the chapter.

An Identity is created using a name for the agent being represented:

Identity fredsID = new Identity("Fred");

A public key and any available certificates can be added to Fred’s identity to support the validity of his identity:

PublicKey fredsKey = ... // Get Fred's key
Certificate fredsCert = ... // Get Fred's certificate
Certificate fredsRSACert = ... // Get another certificate for Fred
fredsID.setPublicKey(fredsKey);
fredsID.addCertificate(fredsCert);
fredsID.addCertificate(fredsRSACert);

If we are also able to sign data using Fred’s identity, then we’ll also have a private key for Fred, and we can create a Signer object for him:

Signer signingFred = new Signer("Fred");
PrivateKey fredsSigningKey = ... // Get Fred's private key
PublicKey fredsPublicKey = ... // Get Fred's public key
signingFred.setKeyPair(new KeyPair(fredsPublicKey, fredsSigning Key));;

Access Control Lists

The java.security.acl ...

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, interactive tutorials, and more.

Start Free Trial

No credit card required