I have a need for a application level Principal implementation that
treats user names as case-insensitive, e.g.
DatabasePrincipal("fred") and DatabasePrincipal("FRED")
are equal and both would return FRED for getName().
However it seems default Policy implementations (for RI & Harmony) that
read the policy file don't allow this. So while this grant does work
grant principal DatabasePrincipal "FRED"
this does not
grant principal DatabasePrincipal "fred"
even though by the rules of the DatabasePrincipal they are equal.
For Harmony I see it is due to UnresolvedPrincipal for two reasons:
1) (possibly) UnresolvedPrincipal is never re-resolved into
DatabasePrincipal like UnresolvedPermission is defined to act.
(on IBM's 1.5 vm I see instances of DatabasePrincipal being created
that correspond to entries in the policy file, so I'm assuming
re-resolving is taking place)
2) UnresolvedPrincipal.implies() works just uses the class name
(DatabasePrincipal) and getName() thus ignoring any semantics the
application's Principal class is using for name.
Is this the defined behaviour by the Java specifications, that the
principal_name in the policy_file must match exactly the name returned
by Principal.getName()? I can't see any justification for it from the
javadoc for the various classes.
Again to note Harmony matches the RI here, though it seems to get to the
same result by a different path. It seems as though on the RI and IBM's
vms that a map is set up from principal_name to Principal (but I'm
guessing here).
Thanks,
Dan.
