001    /* GSSException.java -- a general exception in GSS.
002       Copyright (C) 2004, 2005 Free Software Foundation, Inc.
003    
004    This file is part of GNU Classpath.
005    
006    GNU Classpath is free software; you can redistribute it and/or modify
007    it under the terms of the GNU General Public License as published by
008    the Free Software Foundation; either version 2, or (at your option)
009    any later version.
010    
011    GNU Classpath is distributed in the hope that it will be useful, but
012    WITHOUT ANY WARRANTY; without even the implied warranty of
013    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
014    General Public License for more details.
015    
016    You should have received a copy of the GNU General Public License
017    along with GNU Classpath; see the file COPYING.  If not, write to the
018    Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
019    02110-1301 USA.
020    
021    Linking this library statically or dynamically with other modules is
022    making a combined work based on this library.  Thus, the terms and
023    conditions of the GNU General Public License cover the whole
024    combination.
025    
026    As a special exception, the copyright holders of this library give you
027    permission to link this library with independent modules to produce an
028    executable, regardless of the license terms of these independent
029    modules, and to copy and distribute the resulting executable under
030    terms of your choice, provided that you also meet, for each linked
031    independent module, the terms and conditions of the license of that
032    module.  An independent module is a module which is not derived from
033    or based on this library.  If you modify this library, you may extend
034    this exception to your version of the library, but you are not
035    obligated to do so.  If you do not wish to do so, delete this
036    exception statement from your version.
037    
038       The documentation comments of this class are derived from the text
039       of RFC 2853:  Generic Security Service API Version 2: Java Bindings.
040       That document is covered under the following license notice:
041    
042    Copyright (C) The Internet Society (2000).  All Rights Reserved.
043    
044    This document and translations of it may be copied and furnished to
045    others, and derivative works that comment on or otherwise explain it
046    or assist in its implementation may be prepared, copied, published and
047    distributed, in whole or in part, without restriction of any kind,
048    provided that the above copyright notice and this paragraph are
049    included on all such copies and derivative works.  However, this
050    document itself may not be modified in any way, such as by removing
051    the copyright notice or references to the Internet Society or other
052    Internet organizations, except as needed for the purpose of developing
053    Internet standards in which case the procedures for copyrights defined
054    in the Internet Standards process must be followed, or as required to
055    translate it into languages other than English.
056    
057    The limited permissions granted above are perpetual and will not be
058    revoked by the Internet Society or its successors or assigns.
059    
060    This document and the information contained herein is provided on an
061    "AS IS" basis and THE INTERNET SOCIETY AND THE INTERNET ENGINEERING
062    TASK FORCE DISCLAIMS ALL WARRANTIES, EXPRESS OR IMPLIED, INCLUDING BUT
063    NOT LIMITED TO ANY WARRANTY THAT THE USE OF THE INFORMATION HEREIN
064    WILL NOT INFRINGE ANY RIGHTS OR ANY IMPLIED WARRANTIES OF
065    MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE. */
066    
067    
068    package org.ietf.jgss;
069    
070    import java.util.PropertyResourceBundle;
071    import java.util.ResourceBundle;
072    
073    /**
074     * This exception is thrown whenever a fatal GSS-API error occurs
075     * including mechanism specific errors.  It may contain both, the major
076     * and minor, GSS-API status codes.  The mechanism implementers are
077     * responsible for setting appropriate minor status codes when throwing
078     * this exception.  Aside from delivering the numeric error code(s) to
079     * the caller, this class performs the mapping from their numeric values
080     * to textual representations.  All Java GSS-API methods are declared
081     * throwing this exception.
082     *
083     * @specnote Some of the constant values defined in this class were
084     * chosen to be compatible with J2SE 1.4, and not with RFC 2853.
085     */
086    public class GSSException extends Exception
087    {
088      /**
089       * For compatability with Sun's JDK 1.4.2 rev. 5
090       */
091      private static final long serialVersionUID = -2706218945227726672L;
092    
093      // Constants and fields.
094      // -------------------------------------------------------------------------
095    
096      /**
097       * Channel bindings mismatch error.
098       * @specnote Should be 4 according to RFC 2853.
099       */
100      public static final int BAD_BINDINGS = 1;
101    
102      /**
103       * Unsupported mechanism requested error.
104       * @specnote Should be 1 according to RFC 2853.
105       */
106      public static final int BAD_MECH = 2;
107    
108      /**
109       * Invalid name provided error.
110       * @specnote Should be 2 according to RFC 2853.
111       */
112      public static final int BAD_NAME = 3;
113    
114      /**
115       * Name of unsupported type provided error.
116       * @specnote Should be 3 according to RFC 2853.
117       */
118      public static final int BAD_NAMETYPE = 4;
119    
120      /**
121       * Invalid status code error - this is the default status value.
122       */
123      public static final int BAD_STATUS = 5;
124    
125      /**
126       * Token had invalid integrity check error.
127       */
128      public static final int BAD_MIC = 6;
129    
130      /**
131       * Specified security context expired error.
132       * @specnote Should be 12 according to RFC 2853.
133       */
134      public static final int CONTEXT_EXPIRED = 7;
135    
136      /**
137       * Expired credentials detected error.
138       * @specnote Should be 11 according to RFC 2853.
139       */
140      public static final int CREDENTIALS_EXPIRED = 8;
141    
142      /**
143       * Defective credential error.
144       * @specnote Should be 10 according to RFC 2853.
145       */
146      public static final int DEFECTIVE_CREDENTIAL = 9;
147    
148      /**
149       * Defective token error.
150       * @specnote Should be 9 according to RFC 2853.
151       */
152      public static final int DEFECTIVE_TOKEN = 10;
153    
154      /**
155       * General failure, unspecified at GSS-API level.
156       * @specnote Should be 13 according to RFC 2853.
157       */
158      public static final int FAILURE = 11;
159    
160      /**
161       * Invalid security context error.
162       * @specnote Should be 8 according to RFC 2853.
163       */
164      public static final int NO_CONTEXT = 12;
165    
166      /**
167       * Invalid credentials error.
168       * @specnote Should be 7 according to RFC 2853.
169       */
170      public static final int NO_CRED = 13;
171    
172      /**
173       * Unsupported QOP value error.
174       */
175      public static final int BAD_QOP = 14;
176    
177      /**
178       * Operation unauthorized error.
179       */
180      public static final int UNAUTHORIZED = 15;
181    
182      /**
183       * Operation unavailable error.
184       */
185      public static final int UNAVAILABLE = 16;
186    
187      /**
188       * Duplicate credential element requested error.
189       */
190      public static final int DUPLICATE_ELEMENT = 17;
191    
192      /**
193       * Name contains multi-mechanism elements error.
194       */
195      public static final int NAME_NOT_MN = 18;
196    
197      /**
198       * The token was a duplicate of an earlier token.  This is a fatal error
199       * code that may occur during context establishment.  It is not used to
200       * indicate supplementary status values.  The MessageProp object is used
201       * for that purpose.
202       * @specnote Should be 20 according to RFC 2853.
203       */
204      public static final int DUPLICATE_TOKEN = 19;
205    
206      /**
207       * The token's validity period has expired.  This is a fatal error code
208       * that may occur during context establishment.  It is not used to
209       * indicate supplementary status values.  The MessageProp object is used
210       * for that purpose.
211       * @specnote Should be 19 according to RFC 2853.
212       */
213      public static final int OLD_TOKEN = 20;
214    
215      /**
216       * A later token has already been processed.  This is a fatal error code
217       * that may occur during context establishment.  It is not used to
218       * indicate supplementary status values.  The MessageProp object is used
219       * for that purpose.
220       */
221      public static final int UNSEQ_TOKEN = 21;
222    
223      /**
224       * An expected per-message token was not received.  This is a fatal
225       * error code that may occur during context establishment.  It is not
226       * used to indicate supplementary status values.  The MessageProp object
227       * is used for that purpose.
228       */
229      public static final int GAP_TOKEN = 22;
230    
231      private final int major;
232      private int minor;
233      private String minorString;
234    
235      private ResourceBundle messages;
236    
237      // Constructors.
238      // -------------------------------------------------------------------------
239    
240      /**
241       * Create a new GSS exception with the given major code.
242       *
243       * @param major The major GSS error code.
244       */
245      public GSSException(int major)
246      {
247        this(major, 0, null);
248      }
249    
250      /**
251       * Create a new GSS exception with the given major and minor codes, and a
252       * minor explanation string.
253       *
254       * @param major The major GSS error code.
255       * @param minor The minor application-specific error code.
256       * @param minorString An explanation of the minor error code.
257       */
258      public GSSException(int major, int minor, String minorString)
259      {
260        this.major = major;
261        this.minor = minor;
262        this.minorString = minorString;
263        try
264          {
265            messages = PropertyResourceBundle.getBundle("org/ietf/jgss/MessagesBundle");
266          }
267        catch (Exception e)
268          {
269            messages = null;
270          }
271      }
272    
273      // Instance methods.
274      // -------------------------------------------------------------------------
275    
276      /**
277       * Returns the major code representing the GSS error code that caused
278       * this exception to be thrown.
279       *
280       * @return The major error code.
281       */
282      public int getMajor()
283      {
284        return major;
285      }
286    
287      /**
288       * Returns the mechanism error code that caused this exception.  The
289       * minor code is set by the underlying mechanism.  Value of 0 indicates
290       * that mechanism error code is not set.
291       *
292       * @return The minor error code, or 0 if not set.
293       */
294      public int getMinor()
295      {
296        return minor;
297      }
298    
299      /**
300       * Returns a string explaining the GSS major error code causing this
301       * exception to be thrown.
302       *
303       * @return The major error string.
304       */
305      public String getMajorString()
306      {
307        switch (major)
308          {
309          case BAD_MECH:
310            return getMsg("GSSException.BAD_MECH",
311                          "An unsupported mechanism was requested.");
312          case BAD_NAME:
313            return getMsg("GSSException.BAD_NAME",
314                          "An invalid name was supplied.");
315          case BAD_NAMETYPE:
316            return getMsg("GSSException.BAD_NAMETYPE",
317                          "A supplied name was of an unsupported type.");
318          case BAD_BINDINGS:
319            return getMsg("GSSException.BAD_BINDINGS",
320                          "Incorrect channel bindings were supplied.");
321          case BAD_STATUS:
322            return getMsg("GSSException.BAD_STATUS",
323                          "An invalid status code was supplied.");
324          case BAD_MIC:
325            return getMsg("GSSException.BAD_MIC",
326                          "A token had an invalid MIC.");
327          case NO_CRED:
328            return getMsg("GSSException.NO_CRED",
329                          "No credentials were supplied, or the credentials were "+
330                          "unavailable or inaccessible.");
331          case NO_CONTEXT:
332            return getMsg("GSSException.NO_CONTEXT",
333                          "Invalid context has been supplied.");
334          case DEFECTIVE_TOKEN:
335            return getMsg("GSSException.DEFECTIVE_TOKEN",
336                          "A supplied token was invalid.");
337          case DEFECTIVE_CREDENTIAL:
338            return getMsg("GSSException.DEFECTIVE_CREDENTIAL",
339                          "A supplied credential was invalid.");
340          case CREDENTIALS_EXPIRED:
341            return getMsg("GSSException.CREDENTIALS_EXPIRED",
342                          "The referenced credentials have expired.");
343          case CONTEXT_EXPIRED:
344            return getMsg("GSSException.CONTEXT_EXPIRED",
345                          "The context has expired.");
346          case FAILURE:
347            return getMsg("GSSException.FAILURE",
348                          "Miscellaneous failure.");
349          case BAD_QOP:
350            return getMsg("GSSException.BAD_QOP",
351                          "The quality-of-protection requested could not be provided.");
352          case UNAUTHORIZED:
353            return getMsg("GSSException.UNAUTHORIZED",
354                          "The operation is forbidden by local security policy.");
355          case UNAVAILABLE:
356            return getMsg("GSSException.UNAVAILABLE",
357                          "The operation or option is unavailable.");
358          case DUPLICATE_ELEMENT:
359            return getMsg("GSSException.DUPLICATE_ELEMENT",
360                          "The requested credential element already exists.");
361          case NAME_NOT_MN:
362            return getMsg("GSSException.NAME_NOT_MN",
363                          "The provided name was not a mechanism name.");
364          case OLD_TOKEN:
365            return getMsg("GSSException.OLD_TOKEN",
366                          "The token's validity period has expired.");
367          case DUPLICATE_TOKEN:
368            return getMsg("GSSException.DUPLICATE_TOKEN",
369                          "The token was a duplicate of an earlier version.");
370          case UNSEQ_TOKEN:
371            return getMsg("GSSException.UNSEQ_TOKEN",
372                          "A later token has already been processed.");
373          case GAP_TOKEN:
374            return getMsg("GSSException.GAP_TOKEN",
375                          "An expected per-message token was not received.");
376          default: return "Unknown or invalid error code.";
377          }
378      }
379    
380      /**
381       * Returns a string explaining the mechanism specific error code.
382       * <code>null</code> will be returned when no mechanism error code has
383       * been set.
384       *
385       * @return The minor error string, or <code>null</code>.
386       */
387      public String getMinorString()
388      {
389        return minorString;
390      }
391    
392      /**
393       * Used internally by the GSS-API implementation and the underlying
394       * mechanisms to set the minor code and its textual representation.
395       *
396       * @param minorCode The mechanism specific error code.
397       * @param message   A textual explanation of the mechanism error code.
398       */
399      public void setMinor(int minorCode, String message)
400      {
401        this.minor = minorCode;
402        this.minorString = message;
403      }
404    
405      /**
406       * Returns a textual representation of both the major and minor status
407       * codes.
408       *
409       * @return The textual representation.
410       */
411      public String toString()
412      {
413        return GSSException.class.getName() + ": " + getMessage();
414      }
415    
416      /**
417       * Returns a detailed message of this exception.  Overrides {@link
418       * Throwable#getMessage()}. It is customary in Java to use this method to
419       * obtain exception information.
420       *
421       * @return The detail message.
422       */
423      public String getMessage()
424      {
425        if (minor == 0)
426          return getMajorString();
427        else
428          return getMajorString() + " (" + minorString + ")";
429      }
430    
431      // Own methods.
432      // -------------------------------------------------------------------------
433    
434      private String getMsg(String key, String defaultText)
435      {
436        if (messages != null)
437          {
438            try
439              {
440                return messages.getString(key);
441              }
442            catch (Exception e)
443              {
444              }
445          }
446        return defaultText;
447      }
448    }