|
|||||||||
PREV CLASS NEXT CLASS | FRAMES NO FRAMES | ||||||||
SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD |
java.lang.Object PersistentGridServiceImpl issrg.globus.PermisAuthzServiceImpl
public class PermisAuthzServiceImpl
This class is an implementation of Permis Authorization Service for Globus Toolkit v3.4. It can be deployed as a standalone service that serves SAML authorization requests (the format is specified by OGSA-Authz).
It can also be deployed as a ServiceAuthorization to get authorization decisions locally (and avoid SAML encoding/decoding and some network traffic).
Field Summary | |
---|---|
protected SamlADF |
adf
|
protected static java.util.Map |
adfs
|
Constructor Summary | |
---|---|
PermisAuthzServiceImpl()
|
Method Summary | |
---|---|
void |
authorize(javax.security.auth.Subject peerSubject,
ServiceProperties service,
MessageContext context)
This method will perform authorization of a call to a particular service. |
boolean |
checkSignature(byte[] Value,
byte[] Signature,
java.lang.String algorithmID,
TokenLocator Signer)
This method provides default signature verification - always returns true. |
protected PBAAPI |
getPBAAPI(ServiceProperties sp)
This method gets a PBA API, identified in the Service Properties. |
void |
postCreate(GridContext gc)
This method is invoked by GT3.4 after the service has been created. |
SAMLResponseType |
SAMLRequest(org.globus.ogsa.security.authorization.SAMLRequestType req)
This method will process a SAML request and return a SAML response. |
Methods inherited from class java.lang.Object |
---|
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait |
Methods inherited from interface issrg.globus.PermisAuthzServicePortType |
---|
destroy, findServiceData, requestTerminationAfter, requestTerminationBefore, setServiceData |
Field Detail |
---|
protected SamlADF adf
protected static java.util.Map adfs
Constructor Detail |
---|
public PermisAuthzServiceImpl()
Method Detail |
---|
public void postCreate(GridContext gc) throws GridServiceException
GridServiceException
protected PBAAPI getPBAAPI(ServiceProperties sp) throws GridServiceException, PbaException
sp
- the ServiceProperties, containing the configuration (Policy
OID,
SOA DN, LDAP URL, Root CA PKC, LDAP AC Attribute
GridServiceException
PbaException
public SAMLResponseType SAMLRequest(org.globus.ogsa.security.authorization.SAMLRequestType req) throws java.rmi.RemoteException
SAMLRequest
in interface PermisAuthzServicePortType
req
- - the SAMLRequest to be processed
java.rmi.RemoteException
public void authorize(javax.security.auth.Subject peerSubject, ServiceProperties service, MessageContext context) throws AuthorizationException
This method is invoked by GT3.4 directly.
AuthorizationException
public boolean checkSignature(byte[] Value, byte[] Signature, java.lang.String algorithmID, TokenLocator Signer)
checkSignature
in interface SignatureVerifier
Value
- is the byte array that had been signedSignature
- is the byte array of the resulting signaturealgorithmID
- is the String representation (dotted form) of the
object identifier of the algorithm used for signingSigner
- is the TokenLocator of the signer
|
|||||||||
PREV CLASS NEXT CLASS | FRAMES NO FRAMES | ||||||||
SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD |