|
|||||||||
PREV CLASS NEXT CLASS | FRAMES NO FRAMES | ||||||||
SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD |
java.lang.Object issrg.gt4Plus.pdp.PermisPDP
public class PermisPDP
Field Summary | |
---|---|
static java.lang.String |
GSP_LDAP_AC_KEY
|
static java.lang.String |
GSP_USE_GRID_SHIB
|
static java.lang.String |
IDP_PROVIDER_ID_KEY
|
Constructor Summary | |
---|---|
PermisPDP()
Creates a new instance of PermisPDP |
Method Summary | |
---|---|
Decision |
canAccess(RequestEntities requestEntities,
NonRequestEntities nonReqEntities)
this method is used to decide whether the requestor can access the resource. |
Decision |
canAdminister(RequestEntities requestEntities,
NonRequestEntities nonReqEntities)
this method is used to decide whether the requestor can administer the resource. |
boolean |
checkSignature(byte[] Value,
byte[] Signature,
java.lang.String algorithmID,
TokenLocator Signer)
This is a simple signature verification - always returns true. |
void |
close()
this method is not used. |
protected PBAAPI |
getADF(java.lang.String soa,
java.lang.String oid,
java.lang.String ldapURL,
java.lang.String uRL,
java.lang.String ldapAC_attribute,
java.lang.String ldapPKC_attribute,
java.lang.String rootCA)
This method retrieves an instance of PBAAPI for a given configuration. |
org.w3c.dom.Element |
getAttributes()
Return the environment attributes of the policy |
org.w3c.dom.Element |
getResponse()
Return the response from the decision making |
void |
initialize(java.lang.String chainName,
java.lang.String prefix,
ChainConfig config)
this method is used to initialise the Permis PDP. |
boolean |
signingPKCValidation(java.security.cert.X509Certificate cert)
|
Methods inherited from class java.lang.Object |
---|
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait |
Field Detail |
---|
public static final java.lang.String GSP_LDAP_AC_KEY
public static final java.lang.String GSP_USE_GRID_SHIB
public static final java.lang.String IDP_PROVIDER_ID_KEY
Constructor Detail |
---|
public PermisPDP()
Method Detail |
---|
public boolean checkSignature(byte[] Value, byte[] Signature, java.lang.String algorithmID, TokenLocator Signer)
checkSignature
in interface SignatureVerifier
Value
- is the byte array that had been signedSignature
- is the byte array of the resulting signaturealgorithmID
- is the String representation (dotted form) of the
object identifier of the algorithm used for signingSigner
- is the TokenLocator of the signer
protected PBAAPI getADF(java.lang.String soa, java.lang.String oid, java.lang.String ldapURL, java.lang.String uRL, java.lang.String ldapAC_attribute, java.lang.String ldapPKC_attribute, java.lang.String rootCA) throws InitializeException
soa
- - the SOA name (LDAP DN)oid
- - the OID of the policyldapURL
- - the URL of the LDAP repository to use to retrieve
the policy and user ACsuRL
- - the URL of another repository where the user ACs are
stored (this may be different from the policy LDAP)ldapAC_attribute
- - the attribute name of the ACs in the
repositoriesldapPKC_attribute
- - the attribute name of the PKCs in the
repositoriesrootCA
- - the filename of the Root CA PKC; can be null, if no
signature verification is required (NOT RECOMMENDED FOR PRODUCTION
DEPLOYMENTS!)
InitializeException
public Decision canAccess(RequestEntities requestEntities, NonRequestEntities nonReqEntities) throws AuthorizationException
requestEntities
- represents the request attributes.nonReqEntities
- represents none request attributes.
AuthorizationException
public Decision canAdminister(RequestEntities requestEntities, NonRequestEntities nonReqEntities) throws AuthorizationException
requestEntities
- represents the request attributes.nonReqEntities
- represents none request attributes.
AuthorizationException
public void initialize(java.lang.String chainName, java.lang.String prefix, ChainConfig config) throws InitializeException
chainName
- denotes the service name, which is protected by the PDP.prefix
- denotes the scope of the Permis PDP.config
- passes the properties which are configured in the security descriptor
InitializeException
public void close() throws CloseException
CloseException
public org.w3c.dom.Element getResponse()
public org.w3c.dom.Element getAttributes() throws InitializeException
InitializeException
public boolean signingPKCValidation(java.security.cert.X509Certificate cert)
|
|||||||||
PREV CLASS NEXT CLASS | FRAMES NO FRAMES | ||||||||
SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD |