issrg.pba.rbac
Class LDAPURLHandler

java.lang.Object
  extended by issrg.pba.rbac.URLHandler
      extended by issrg.pba.rbac.LDAPURLHandler

public class LDAPURLHandler
extends URLHandler

This class handles LDAP URLs. It can create LDAPDNPrincipals, LDAPEntries DITSubtrees and LDAPRepositories given a URL.


Field Summary
static int LDAP_PORT
           
static java.lang.String LDAP_PROTOCOL
           
 
Fields inherited from class issrg.pba.rbac.URLHandler
defaultPort, FILE_PORT, FILE_PROTOCOL, HTTP_PORT, HTTP_PROTOCOL, HTTPS_PORT, HTTPS_PROTOCOL, protocol, VOMS_SAML_PROTOCOL
 
Constructor Summary
LDAPURLHandler()
           
 
Method Summary
 int getDefaultPort()
          This method returns the number of the defaul port that the protocol listens on
 Entry getEntry(java.lang.String url)
          This method builds an Entry object given a LDAP URL.
 java.security.Principal getPrincipal(java.lang.String url)
          Not implemented yet.
 java.lang.String getProtocol()
          This method returns the string name of the protocol (without the trailing colon).
 AttributeRepository getRepository(java.lang.String url)
          This method builds a LDAPRepository from the given URL, if it is a LDAP URL.
 Subtree getSubtree(java.lang.String url, int min, int max, Subtree[] exclude)
          This method builds a LDAP subtree (DITSubtree) starting at the node specified by an LDAP URL, min and max, and an array of excluded subtrees.
 
Methods inherited from class issrg.pba.rbac.URLHandler
addProtocol, getEntryByURL, getPrincipalByURL, getProtocolName, getRepositoryByURL, getSubtreeByURL, getURLHandler, removeProtocol
 
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
 

Field Detail

LDAP_PROTOCOL

public static final java.lang.String LDAP_PROTOCOL
See Also:
Constant Field Values

LDAP_PORT

public static final int LDAP_PORT
See Also:
Constant Field Values
Constructor Detail

LDAPURLHandler

public LDAPURLHandler()
Method Detail

getProtocol

public java.lang.String getProtocol()
Description copied from class: URLHandler
This method returns the string name of the protocol (without the trailing colon). The protocol is in lowercase letters.

Overrides:
getProtocol in class URLHandler
Returns:
string name of the protocol in lowercase characters

getDefaultPort

public int getDefaultPort()
Description copied from class: URLHandler
This method returns the number of the defaul port that the protocol listens on

Overrides:
getDefaultPort in class URLHandler
Returns:
integer number of the port on which the protocol listens by default

getPrincipal

public java.security.Principal getPrincipal(java.lang.String url)
                                     throws BadURLException
Not implemented yet. Always throws a BadURLException.

Overrides:
getPrincipal in class URLHandler
Parameters:
url - the string representation of the HTTP URL (including the protocol name part) (the actual protocol name is checked with the string returned by getProtocol, but the format of the rest of the URL is as specified in HTTP RFC)
Returns:
Principal of the corresponding URL
Throws:
BadURLException - if the URL is malformed

getEntry

public Entry getEntry(java.lang.String url)
               throws BadURLException
This method builds an Entry object given a LDAP URL. The entry identifies the LDAP entry by its name.

Overrides:
getEntry in class URLHandler
Parameters:
url - - the LDAP URL pointing to an entry in LDAP
Returns:
Entry identified by the URL
Throws:
BadURLException, - if it is a malformed LDAP URL.
BadURLException - if the URL is malformed

getSubtree

public Subtree getSubtree(java.lang.String url,
                          int min,
                          int max,
                          Subtree[] exclude)
                   throws BadURLException
This method builds a LDAP subtree (DITSubtree) starting at the node specified by an LDAP URL, min and max, and an array of excluded subtrees. Note that the host part of the URL is ignored.

The LDAP URL points to the root entry of the subtree. The min and max identify where the tree starts and ends, as defined in the subtree specification in X.500 standard: if the tree is represented as a collection of paths from the root entry to the leaf nodes, then min tells how many hops down the path the tree starts, and the max tells how many hops down the path the tree ends. The excluded subtrees are the subtrees excluded from the root. The method does not check if the excluded subtrees are actually contained in the subtree.

Example:

root="o=permis,c=gb", min=0, max=-1

- any entry in the subtree starting at the entry "o=permis,c=gb" is included, including the "o=permis,c=gb" entry itself.

root="o=permis,c=gb", min=1, max=2, excludes={root="ou=test,o=permis,c=gb", min=0, max=-1}

- any entry in the subtree starting at the entry "o=permis,c=gb" (excluding the entry itself, because min=1), and no deeper than 2 levels down from the root entry (max=2) is included, except for any entries in "ou=test,o=permis,c=gb". So
"o=permis,c=gb" is not included (min=1),
"cn=David Chadwick,ou=test,o=permis,c=gb" is not included (it is in the excluded subtree),
"cn=Linying,ou=demo,ou=trustcom,o=permis,c=gb" is not included (max=2),
"cn=Romain,ou=trustcom,o=permis,c=gb" and "cn=Sassa,o=permis,c=gb" areincluded (between 1 and 2 hops from the root and not in the excluded subtree).

Overrides:
getSubtree in class URLHandler
Parameters:
url - - the URL identifying the entry of the root of the subtree
min - - the integer specifying how many hops down the tree from the root entry the subtree starts; must be non-negative
max - - the integer specifying how many hops down the tree from the root entry the subtree ends; if less than zero, then no constraint on the maximum height of the tree is specified
exclude - - an array of excluded Subtrees
Throws:
BadURLException - if the URL is malformed
See Also:
Subtree

getRepository

public AttributeRepository getRepository(java.lang.String url)
                                  throws BadURLException
This method builds a LDAPRepository from the given URL, if it is a LDAP URL. It specifies that the attributes for AttributeCertificateAttribute and UserCertificate use binary transfer. The names of these attributes are obtained from CustomisePERMIS.

Overrides:
getRepository in class URLHandler
Parameters:
url - - the URL of the repository
Returns:
the AttributeRepository
Throws:
BadURLException