issrg.test.pmi
Class XMLAuthTokenParser

java.lang.Object
  extended by issrg.test.pmi.XMLAuthTokenParser
All Implemented Interfaces:
AuthzTokenParser, RoleBasedAuthzTokenParser

public class XMLAuthTokenParser
extends java.lang.Object
implements RoleBasedAuthzTokenParser


Field Summary
protected static Credentials NullCreds
           
 
Constructor Summary
XMLAuthTokenParser()
           
 
Method Summary
 ParsedToken decode(java.lang.Object at)
          Decoding happens like this:
  • at must be a ParsedToken or a org.w3c.dom.Element
  • extract "dn" attribute from "holder" element
  • extract "dn" attribute from "issuer" element
  • build subjectDomain that includes the whole world, but excludes the holder of the ParsedToken; this is for use in DelegatableParsedToken
  • extract "notBefore" and "notAfter" attributes from "validity" element
  • look up a role for each "attribute" element, using the values of its "type" and "value" attributes; an ExpirableCredentials is built using that role and the validity period
  • go through the "extension" elements
  • if an "extension" element has "type" attribute set to "NoAssertion" the assertableCreds will be set to NullCreds
  • if an "extension" element has "type" attribute set to "BasicAttConstaint", the value of its "depth" attribute is used to set the delegation depth
  • if an "extension" element has "type" attribute that does not match either of the above and contains an attribute "critical" with value "true", delegatableCredentials and assertableCredentials are null
  • construct a DelegatableParsedToken with delegatableCredentials, if they are specified; otherwise, construct ParsedToken with assertableCredentials only
  •  java.util.Map getAuthzTokenParsingRules()
              This method returns the Auth Token parsing rules currently used by the parser.
     SignatureVerifier getSignatureVerifier()
              This method gets the Signature Verifier used by the Token Parser.
     void setAuthzTokenParsingRules(java.util.Map rules)
              This method sets the Auth Token parsing rules.
     void setRoleHierarchy(RoleHierarchyPolicy rhp)
              Sets the Role Hierarchy Policy.
     void setSignatureVerifier(SignatureVerifier signatureVerifier)
              This method sets the Signature Verifier to be used by the Token Parser.
     
    Methods inherited from class java.lang.Object
    clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
     

    Field Detail

    NullCreds

    protected static final Credentials NullCreds
    Constructor Detail

    XMLAuthTokenParser

    public XMLAuthTokenParser()
    Method Detail

    setRoleHierarchy

    public void setRoleHierarchy(RoleHierarchyPolicy rhp)
    Description copied from interface: RoleBasedAuthzTokenParser
    Sets the Role Hierarchy Policy. The policy defines the types of the roles, the values of the roles of each type, and the hierarchical relationship between them.

    Specified by:
    setRoleHierarchy in interface RoleBasedAuthzTokenParser
    Parameters:
    rhp - is a reference to the Role Hierarchy

    decode

    public ParsedToken decode(java.lang.Object at)
                       throws PbaException
    Decoding happens like this:

    Specified by:
    decode in interface AuthzTokenParser
    Parameters:
    at - - implementation-specific object returned by the Repository; it is the authorisation token to be decoded
    Returns:
    ParsedToken - implementation-independent representation of the Authorization token
    Throws:
    PbaException - if any error occurs; for example, the given object is not a proper Authorisation Token that the implementation can handle

    getAuthzTokenParsingRules

    public java.util.Map getAuthzTokenParsingRules()
    Description copied from interface: AuthzTokenParser
    This method returns the Auth Token parsing rules currently used by the parser.

    Specified by:
    getAuthzTokenParsingRules in interface AuthzTokenParser

    setAuthzTokenParsingRules

    public void setAuthzTokenParsingRules(java.util.Map rules)
    Description copied from interface: AuthzTokenParser
    This method sets the Auth Token parsing rules.

    Specified by:
    setAuthzTokenParsingRules in interface AuthzTokenParser

    setSignatureVerifier

    public void setSignatureVerifier(SignatureVerifier signatureVerifier)
    Description copied from interface: AuthzTokenParser
    This method sets the Signature Verifier to be used by the Token Parser. Token Parsers for tokens that do not have signatures may ignore this method call.

    Specified by:
    setSignatureVerifier in interface AuthzTokenParser

    getSignatureVerifier

    public SignatureVerifier getSignatureVerifier()
    Description copied from interface: AuthzTokenParser
    This method gets the Signature Verifier used by the Token Parser. Token Parsers for tokens that do not have signatures may return null. If the Signature Verifier has not been set yet, the method may return null.

    Specified by:
    getSignatureVerifier in interface AuthzTokenParser