|
|||||||||
PREV CLASS NEXT CLASS | FRAMES NO FRAMES | ||||||||
SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD |
java.lang.Object issrg.globus.SamlADF
public class SamlADF
This is a standalone ADF. It runs on port 80 and listens for SAML requests on input. It is also used in issrg.globus.impl.PermisAuthzImpl, which is a Grid Service.
The ADF understands SAML requests and sends SAML responses valid for 1 Hour (this will be made configurable).
Field Summary | |
---|---|
static java.lang.String |
AC_STRING
|
static java.lang.String |
HELP_SCREEN
|
static java.lang.String |
LDAP_AC_ATTRIBUTE_STRING
|
static java.lang.String |
LDAP_PKC_ATTRIBUTE_STRING
|
static java.lang.String |
LDAP_URL_STRING
|
static java.lang.String |
LOG_STRING
|
static java.lang.String |
OID_STRING
|
static java.lang.String |
PKC_STRING
|
static java.lang.String |
ROOT_CA_STRING
|
static java.lang.String |
SOA_STRING
|
static java.lang.String |
URL_STRING
|
Constructor Summary | |
---|---|
SamlADF(PBAAPI pbaApi)
This constructor wraps SamlADF around a given PBAAPI. |
Method Summary | |
---|---|
void |
authenticate(java.security.Principal user)
This method checks that the user has been authenticated. |
boolean |
execute(java.security.Principal user,
Action action,
Target target)
This method checks that the user is authenticated and then gets the user's credentials and makes a decision using those credentials. |
static PBAAPI |
getPBAAPI(java.lang.String oid,
java.lang.String soa,
java.util.Vector ldapURL,
java.util.Vector url,
java.lang.String rootCA,
SignatureVerifier sv,
java.lang.String ac_attribute,
java.lang.String pkc_attribute)
This method gets an instance of PBAAPI given a bunch of configuration parameters. |
static void |
loadAC(VirtualRepository vr,
java.lang.String filename)
This method loads an X.509 Attribute Certificate into a given VirtualRepository. |
static void |
loadPKC(VirtualRepository vr,
java.lang.String filename)
This method loads an X.509 Public Key Certificate into a given VirtualRepository. |
static void |
main(java.lang.String[] args)
This method starts up a standalone SamlADF - a standalone SAML Authorisation server. |
static void |
print(java.lang.String s)
This method outputs a String to the standard output. |
static void |
println(java.lang.String s)
This method outputs a String and a new line to the standard output. |
SAMLResponse |
process(SAMLRequest request)
This method processes a SAMLRequest and returns a reply as a SAMLResponse. |
Methods inherited from class java.lang.Object |
---|
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait |
Field Detail |
---|
public static final java.lang.String SOA_STRING
public static final java.lang.String OID_STRING
public static final java.lang.String LDAP_URL_STRING
public static final java.lang.String URL_STRING
public static final java.lang.String LDAP_AC_ATTRIBUTE_STRING
public static final java.lang.String LDAP_PKC_ATTRIBUTE_STRING
public static final java.lang.String ROOT_CA_STRING
public static final java.lang.String AC_STRING
public static final java.lang.String PKC_STRING
public static final java.lang.String LOG_STRING
public static final java.lang.String HELP_SCREEN
Constructor Detail |
---|
public SamlADF(PBAAPI pbaApi)
pbaApi
- - the PBAAPI to wrap aroundMethod Detail |
---|
public static void main(java.lang.String[] args)
public static void loadAC(VirtualRepository vr, java.lang.String filename)
vr
- - the VirtualRepository to load the AC intofilename
- - the filename of the X.509 AC; if it is a malformed
AC or an IOException occurs while reading the file, no AC will
be loaded (and stack trace will be printed onto System.err)public static void loadPKC(VirtualRepository vr, java.lang.String filename)
vr
- - the VirtualRepository to load the PKC intofilename
- - the filename of the X.509 PKC; if it is a malformed
PKC or an IOException occurs while reading the file, no PKC will
be loaded (and stack trace will be printed onto System.err)public static void print(java.lang.String s)
s
- - the String to outputpublic static void println(java.lang.String s)
s
- - the String to outputpublic boolean execute(java.security.Principal user, Action action, Target target) throws PbaException
user
- - the Principal of the useraction
- - the action the user wants to performtarget
- - the target on which the action is to be performed
PbaException
- if there was a problem during evaluation of
authorisation decisionpublic void authenticate(java.security.Principal user) throws PbaException
PbaException
public static PBAAPI getPBAAPI(java.lang.String oid, java.lang.String soa, java.util.Vector ldapURL, java.util.Vector url, java.lang.String rootCA, SignatureVerifier sv, java.lang.String ac_attribute, java.lang.String pkc_attribute) throws PbaException
oid
- - the OID of the PERMIS Policysoa
- - the SOA name (LDAP DN)ldapURL
- - the URLs of the LDAP repository to use to retrieve
the policy and user ACsurl
- - the URLs of another repository where the user ACs are
stored (this may be different from the policy LDAP)rootCA
- - the filename of the Root CA PKC; can be null, if no
signature verification is requiredsv
- - the SignatureVerifier to use; if rootCA is not null
SignatureVerifier is ignored; both cannot be nullac_attribute
- - the attribute name of the ACs in the
repositoriespkc_attribute
- - the attribute name of the PKCs in the
repositories
PbaException
public SAMLResponse process(SAMLRequest request) throws PbaException
request
- is the SAMLRequest to process
PbaException
|
|||||||||
PREV CLASS NEXT CLASS | FRAMES NO FRAMES | ||||||||
SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD |