|
||||||||||
PREV CLASS NEXT CLASS | FRAMES NO FRAMES | |||||||||
SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD |
java.lang.Objectorg.glite.security.voms.service.InitSecurityContext
The InitSecurityContext is and AXIS handler that can be put in a request flow in front of an actual SOAP endpoint that it initializes the SecurityContext.
Currently, only the case of SOAP over HTTPS with client authentication is supported.
Configuration (Tomcat)
The handler is invoked by first defining a handler
in the .wsdd
file:
<handler name="initSC" type="java:org.glite.security.voms.service.InitSecurityContext"> </handler>For the servlet in question, a request flow is the defined:
<service name="TestService" ...> <requestFlow> <handler type="initSC"/> </requestFlow> ... </service>
Field Summary | |
protected static org.apache.log4j.Logger |
log
|
Constructor Summary | |
InitSecurityContext()
|
Method Summary | |
static void |
setClearContext()
Initialize a clear security context, which will fail on all security checks. |
static void |
setContextFromRequest(javax.servlet.ServletRequest req)
Sets up the client's credentials. |
static void |
setDelegatedContext(java.lang.String delegatedDN,
java.lang.String delegatedCA)
Initialize and set delegated admin's security context. |
static void |
setInternalContext()
Initialize and set internal admin's security context. |
static void |
setLocalContext(java.lang.String host)
Initialize and set local admin's security context. |
Methods inherited from class java.lang.Object |
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait |
Field Detail |
protected static org.apache.log4j.Logger log
Constructor Detail |
public InitSecurityContext()
Method Detail |
public static void setContextFromRequest(javax.servlet.ServletRequest req)
SecurityContext
to a new instance and initializes it from
the client's certificate. It also sets the remote IP address property.
If the certificate is invalid, or there is some other problem with
the client's credentials, then the distinguished name and CA will be set
to null
, unless the client is from localhost and the
configuration option voms.localhost.defaults.to.local.admin
is true. In this latter case, the credentials will be set to that of the
Local Database Administrator.
SecurityContext
public static void setDelegatedContext(java.lang.String delegatedDN, java.lang.String delegatedCA) throws VOMSSecurityException
voms.fully.trusted.client.for.delegation.dn
and voms.fully.trusted.client.for.delegation.ca
values to enable this functionality for one trusted
service.
VOMSSecurityException
public static void setLocalContext(java.lang.String host)
public static void setInternalContext()
public static void setClearContext()
|
||||||||||
PREV CLASS NEXT CLASS | FRAMES NO FRAMES | |||||||||
SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD |