org.glite.security.voms.request
Class ConfirmedRequest

java.lang.Object
  extended byorg.glite.security.voms.request.Request
      extended byorg.glite.security.voms.request.CheckedRequest
          extended byorg.glite.security.voms.request.ConfirmedRequest
All Implemented Interfaces:
java.io.Serializable

public class ConfirmedRequest
extends CheckedRequest

A class implementing requests which have to be confirmed before they are submitted to the administrators. This is most useful for create user requests, where the email address given by the client must be confirmed before the request is accepted and presented to the administrators.

This class also serves as an example how a nontrivial request type (in this case, CheckedRequest) may be extended with new states.

States:
This request type has five possible states: NewState is a new state defined in this class; UndecidedState and DeniedState are inherited from CheckedRequest; TimedOutState, and DoneState are standard states in Request.
Transition diagram:
The diagram below is an overview of the workflow of a ConfirmedRequest. Complete states are marked with an asterisk (*). TimeoutEvents are not shown, but are accepted by all incomplete states.
     +--------+ ConfirmEvent  +--------------+ AllowEvent  +----------+
 --->|NewState|-------------->|UndecidedState|------------>|DoneState*|
     +--------+               +--------------+             +----------+
                                    |                        ^
                                    |DenyEvent               |
                                    |                        |
                                    V                        |
                               +------------+  AllowEvent    |
                               |DeniedState*|----------------+
                               +------------+
 
Security:
The transition from NewState to UndecidedState is protected with a random text string that is sent to the requester when she creates the request. The requester is expected to show the same cookie when she issues a ConfirmEvent. If the cookie does not match, or the cookie is submitted by a different client, then the transition to UndecidedState fails with an (unusually descriptive) VOMSSecurityException.

(Note that sending out the cookie requires the notification mechanism, which is not yet implemented.)

The rest of the state transition diagram is derived from the CheckedRequest request type, and behaves the same way: it always calls the requested action's Action.checkPermission() method before processing an AllowEvent or a DenyEvent. The intent is that only those administrators should be able to accept or deny a request who are able to perform its action.

Author:
Karoly Lorentey
See Also:
Request, Request.DoneState, Request.TimedOutState, CheckedRequest, CheckedRequest.UndecidedState, CheckedRequest.DeniedState, Serialized Form

Nested Class Summary
 class ConfirmedRequest.NewState
          The state of a new, unconfirmed request, waiting for a ConfirmEvent.
 
Nested classes inherited from class org.glite.security.voms.request.CheckedRequest
CheckedRequest.DeniedState, CheckedRequest.UndecidedState
 
Nested classes inherited from class org.glite.security.voms.request.Request
Request.ChronicleEntry, Request.DeletedState, Request.DoneState, Request.State, Request.TimedOutState
 
Field Summary
 
Fields inherited from class org.glite.security.voms.request.Request
action, chronicle, notifications, parameters, state
 
Constructor Summary
protected ConfirmedRequest(Action action, java.lang.String[] parameters)
          Creates a new request with the given action and client comment.
 
Method Summary
static Request createRequest(Action action, java.lang.String clientComment, java.lang.String[] parameters)
          Creates a new request with the given action and client comment.
 java.lang.String getCookie()
          Return the cookie that is emailed to the client.
 Request.State getNewState()
          Return a new instance of ConfirmedRequest.NewState.
 
Methods inherited from class org.glite.security.voms.request.CheckedRequest
getDeniedState, getUndecidedState
 
Methods inherited from class org.glite.security.voms.request.Request
addNotification, addParameter, addParameters, chronicle, chronicle, delete, getAction, getChronicle, getDeletedState, getDetailedRequest, getDoneState, getId, getInstance, getNotifications, getParameters, getRequester, getRequesterId, getRequests, getShortRequest, getShortRequests, getStateDescription, getStateName, getTimedOutState, isComplete, isInDatabase, isPendingNotification, printChronicle, processEvent, sendPendingNotifications, store, toString
 
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, wait, wait, wait
 

Constructor Detail

ConfirmedRequest

protected ConfirmedRequest(Action action,
                           java.lang.String[] parameters)
                    throws VOMSException
Creates a new request with the given action and client comment. The new request will be in ConfirmedRequest.NewState.

Method Detail

getCookie

public java.lang.String getCookie()
Return the cookie that is emailed to the client. The client is expected to return it in the confirmation.


getNewState

public Request.State getNewState()
Return a new instance of ConfirmedRequest.NewState.

Calling these get*State() functions is the only accepted method of creating state objects. By overriding these methods, derived classes may replace entire states with a new implementation without changing code in any of the neighbouring states.


createRequest

public static Request createRequest(Action action,
                                    java.lang.String clientComment,
                                    java.lang.String[] parameters)
                             throws VOMSException
Creates a new request with the given action and client comment. The new request will be in ConfirmedRequest.NewState.

Throws:
VOMSException