nsIPrincipal

IID:fb9ddeb9-26f9-46b8-85d5-3978aaee05aa
Inherits From:nsISerializable

Constants

Values of capabilities for each principal. Order is significant: if an operation is performed on a set of capabilities, the minimum is computed.
PRInt16 ENABLE_DENIED = 1
PRInt16 ENABLE_UNKNOWN = 2
PRInt16 ENABLE_WITH_USER_PERMISSION = 3
PRInt16 ENABLE_GRANTED = 4

Properties

readonly nsISupports certificate

The certificate associated with this principal, if any. If there isn't one, this will return null. Getting this attribute never throws.

nsIURI domain

The domain URI to which this principal pertains. This is congruent with HTMLDocument.domain, and may be null. Setting this has no effect on the URI.

readonly AUTF8String fingerprint

The fingerprint ID of this principal's certificate. Throws if there is no certificate associated with this principal.

readonly PRBool hasCertificate

Whether this principal is associated with a certificate.

readonly PRUint32 hashValue

Returns a hash value for the principal.

readonly char* origin

The origin of this principal's domain, if non-null, or its codebase URI otherwise. An origin is defined as: scheme + host + port.

readonly AUTF8String prettyName

The pretty name for the certificate. This sort of (but not really) identifies the subject of the certificate (the entity that stands behind the certificate). Note that this may be empty; prefer to get the certificate itself and get this information from it, since that may provide more information.

Throws if there is no certificate associated with this principal.

voidPtr* securityPolicy

The domain security policy of the principal.

readonly AUTF8String subjectName

The subject name for the certificate. This actually identifies the subject of the certificate. This may well not be a string that would mean much to a typical user on its own (e.g. it may have a number of different names all concatenated together with some information on what they mean in between).

Throws if there is no certificate associated with this principal.

readonly nsIURI URI

The codebase URI to which this principal pertains. This is generally the document URI.


Methods

PRInt16 canEnableCapability ( char* capability ) void disableCapability ( char* capability , inout voidPtr* annotation ) void enableCapability ( char* capability , inout voidPtr* annotation ) PRBool equals ( nsIPrincipal other ) JSPrincipals* getJSPrincipals ( JSContext* cx ) void getPreferences ( out char* prefBranch , out char* id , out char* subjectName , out char* grantedList , out char* deniedList ) PRBool isCapabilityEnabled ( char* capability , voidPtr* annotation ) void revertCapability ( char* capability , inout voidPtr* annotation ) void setCanEnableCapability ( char* capability , PRInt16 canEnable ) PRBool subsumes ( nsIPrincipal other )

PRInt16 canEnableCapability ( char* capability )

Arguments:
capability

void disableCapability ( char* capability , inout voidPtr* annotation )

Arguments:
capability
annotation

void enableCapability ( char* capability , inout voidPtr* annotation )

Arguments:
capability
annotation

PRBool equals ( nsIPrincipal other )

Returns whether the other principal is equivalent to this principal. Principals are considered equal if they are the same principal, they have the same origin, or have the same certificate fingerprint ID

Arguments:
other

JSPrincipals* getJSPrincipals ( JSContext* cx )

Returns the JS equivalent of the principal.

Arguments:
cx

void getPreferences ( out char* prefBranch , out char* id , out char* subjectName , out char* grantedList , out char* deniedList )

Returns the security preferences associated with this principal. prefBranch will be set to the pref branch to which these preferences pertain. id is a pseudo-unique identifier, pertaining to either the fingerprint or the origin. subjectName is a name that identifies the entity this principal represents (may be empty). grantedList and deniedList are space-separated lists of capabilities which were explicitly granted or denied by a pref.

Arguments:
prefBranch
id
subjectName
grantedList
deniedList

PRBool isCapabilityEnabled ( char* capability , voidPtr* annotation )

Arguments:
capability
annotation

void revertCapability ( char* capability , inout voidPtr* annotation )

Arguments:
capability
annotation

void setCanEnableCapability ( char* capability , PRInt16 canEnable )

Arguments:
capability
canEnable

PRBool subsumes ( nsIPrincipal other )

Returns whether the other principal is equal to or weaker than this principal. Principals are equal if they are the same object, they have the same origin, or they have the same certificate ID.

Thus a principal subsumes itself if it is equal to itself.

The system principal subsumes itself and all other principals except the non-principal.

The non-principal is not equal to itself or any other principal, and therefore does not subsume itself.

Both codebase and certificate principals are subsumed by the system principal, but no codebase or certificate principal yet subsumes any other codebase or certificate principal. This may change in a future release; note that nsIPrincipal is unfrozen, not slated to be frozen.

Arguments:
other

References

This interface is passed as an argument to the following methods:

nsIJAR.getCertificatePrincipal, nsIPrincipal.equals, nsIPrincipal.subsumes, nsIScriptSecurityManager.canExecuteScripts, nsIScriptSecurityManager.checkLoadURIWithPrincipal, nsIScriptSecurityManager.checkSameOriginPrincipal, nsIScriptSecurityManager.requestCapability, nsPICertNotification.onCertAvailable

This interface is returned from the following methods:

nsIJVMManager.isAppletTrusted, nsIScriptSecurityManager.getCertificatePrincipal, nsIScriptSecurityManager.getCodebasePrincipal, nsIScriptSecurityManager.getObjectPrincipal, nsIScriptSecurityManager.getPrincipalFromContext, nsIScriptSecurityManager.getSubjectPrincipal, nsIScriptSecurityManager.getSystemPrincipal, nsISignatureVerifier.verifySignature

Reference documentation is generated from Mozilla's source.

Add a note User Contributed Notes
No comments available

Copyright © 1999 - 2005 XULPlanet.com