org.edg.security.authorization.repository
Class VOMS

java.lang.Object
  |
  +--org.edg.security.authorization.repository.VOMS
All Implemented Interfaces:
AttributeRepository, AttributeRepositoryCreator

public class VOMS
extends java.lang.Object
implements AttributeRepository, AttributeRepositoryCreator

Attribute repository that operates by parsing of VOMS extensions. The extensions are retrieved from the current SecurityContext.

Note: For this particular repository model, all identity arguments are ignored -- instead, information is retrieved

Note: This Example configuration:

 <repository type="voms">
    <vomsdir> [filter] </vomsdir>
    <vomsdir> [filter] </vomsdir>
    ...
    <refreshperiod>[seconds]</refreshperiod>
    <filter default=[deny|allow]>
         <allow name="VO alias" />
         ...
         <deny name="VO alias" />
         ...
    </filter>
 </repository>
 

Version:
$Id: VOMS.java,v 1.13 2003/12/01 15:50:35 mansikki Exp $
Author:
Olle Mulmo
See Also:
AttributeRepository, SecurityContext

Nested Class Summary
 class VOMS.AccessFilter
          Utility class for the access filter
 
Field Summary
protected  org.apache.log4j.Logger logger
           
protected  VOMS.AccessFilter myAccessFilter
           
protected  java.util.List myBaseDirs
           
protected  java.util.HashMap mySigners
           
protected  boolean mySilent
           
protected  java.util.Timer myTimer
           
protected static java.util.List theAllows
           
 
Constructor Summary
VOMS()
           
 
Method Summary
protected  boolean approve(SecurityContext sc, VOMSInfo v)
          Verifies the signature of a VOMSInfo
 AttributeRepository create(AttributeRepositoryFactory factory, org.w3c.dom.Element config)
          Creates and initializes an attribute repository according to the specified configuration.
 boolean evalAttributeBinding(java.lang.String identity, java.lang.String attribute)
          Note: The parameter identity is ignored.
 java.util.List findAllAttributesFor(java.lang.String identity)
          Note: The parameter identity is ignored.
 java.lang.String findFirstAttributeFor(java.lang.String identity)
          Note: The parameter identity is ignored.
protected  java.util.List getSigners(java.lang.String dn)
           
protected  java.util.HashMap loadCerts()
           
 void terminate()
          Terminate all Timer objects responsible for refreshing the content of the AttributeRepository.
 java.lang.String toString()
           
 
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, wait, wait, wait
 

Field Detail

theAllows

protected static java.util.List theAllows

logger

protected org.apache.log4j.Logger logger

myAccessFilter

protected VOMS.AccessFilter myAccessFilter

myBaseDirs

protected java.util.List myBaseDirs

mySigners

protected java.util.HashMap mySigners

myTimer

protected java.util.Timer myTimer

mySilent

protected boolean mySilent
Constructor Detail

VOMS

public VOMS()
Method Detail

getSigners

protected java.util.List getSigners(java.lang.String dn)

loadCerts

protected java.util.HashMap loadCerts()

create

public AttributeRepository create(AttributeRepositoryFactory factory,
                                  org.w3c.dom.Element config)
Description copied from interface: AttributeRepositoryCreator
Creates and initializes an attribute repository according to the specified configuration.

Specified by:
create in interface AttributeRepositoryCreator
Parameters:
factory - The factory to which this repository belongs
config - The XML snippet with the required configuration
Returns:
AttributeRepository The initialized instance
See Also:
AttributeRepositoryCreator.create(AttributeRepositoryFactory, Element)

approve

protected boolean approve(SecurityContext sc,
                          VOMSInfo v)
Verifies the signature of a VOMSInfo


findAllAttributesFor

public java.util.List findAllAttributesFor(java.lang.String identity)
Note: The parameter identity is ignored. Information is retrieved from the SecurityContext

Specified by:
findAllAttributesFor in interface AttributeRepository
Parameters:
identity - The subject in question.
Returns:
List of attributes.
See Also:
SecurityContext, AttributeRepository.findAllAttributesFor(String)

findFirstAttributeFor

public java.lang.String findFirstAttributeFor(java.lang.String identity)
Note: The parameter identity is ignored. Information is retrieved from the SecurityContext

Specified by:
findFirstAttributeFor in interface AttributeRepository
Parameters:
identity - The subject in question.
Returns:
String The first attribute found associated with the user, or null
See Also:
SecurityContext, AttributeRepository.findFirstAttributeFor(String)

evalAttributeBinding

public boolean evalAttributeBinding(java.lang.String identity,
                                    java.lang.String attribute)
Note: The parameter identity is ignored. Information is retrieved from the SecurityContext

Specified by:
evalAttributeBinding in interface AttributeRepository
Parameters:
identity - The subject in question.
attribute - The attribute asked for
Returns:
boolean If the subject can be associated with the attribute or not
See Also:
SecurityContext, AttributeRepository.evalAttributeBinding(String, String)

terminate

public void terminate()
Description copied from interface: AttributeRepository
Terminate all Timer objects responsible for refreshing the content of the AttributeRepository.

Specified by:
terminate in interface AttributeRepository
See Also:
AttributeRepository.terminate()

toString

public java.lang.String toString()
Overrides:
toString in class java.lang.Object