issrg.utils.message
Interface Protocol

All Known Implementing Classes:
Handler

public interface Protocol

Author:
Linying Su

Method Summary
 org.w3c.dom.Element createRequestContext(java.lang.String DNIn)
          This method returns a simple WS-Trust request security token, which takes the given DNIn as the X509SubjectName value.
 org.w3c.dom.Element createRequestContext(java.lang.String DNIn, java.lang.String[] x509ACs, java.lang.String[] x509proxyCerts, org.w3c.dom.Element[] assertions, java.lang.String mode)
          this method is used to create a WS-Trust request for getting authorisation credentials.
 org.w3c.dom.Element createRequestContext(java.lang.String actionIn, java.lang.String resourceIn, org.w3c.dom.Element subject)
          this method returns an XACML request context, in which the given action and resource are used as the action-id and resource-id value, and the given subject is the Subject section in the context.
 org.w3c.dom.Element createSamlReuest(java.lang.String userDN, java.lang.String actionName, java.lang.String targetDN)
          this method create a SAML authz request including an authorisation decision query.
 org.w3c.dom.Element getAuthzDecision(org.w3c.dom.Element reqCtx)
          This method provides an XACML interface to call PERMIS PDP for authz decisions
 org.w3c.dom.Element getResourceCreds(org.w3c.dom.Element wst_request)
          This method returns a resource XACML request context by given a WS-Trust request
 org.w3c.dom.Element getSamlAuthzDecision(org.w3c.dom.Element samlRequest)
          This method provides a SAML interface to call PERMIS PDP for making authz decisions
 org.w3c.dom.Element getSamlAuthzDecision(org.w3c.dom.Element samlRequest, java.lang.String url, boolean grid)
          This method provides a SAML interface to call PERMIS PDP for making authz decisions via a saml service.
 org.w3c.dom.Element getSubjectCreds(org.w3c.dom.Element wst_request)
          This method returns a subject XACML request context by given a WS-Trust request
 

Method Detail

createRequestContext

org.w3c.dom.Element createRequestContext(java.lang.String DNIn,
                                         java.lang.String[] x509ACs,
                                         java.lang.String[] x509proxyCerts,
                                         org.w3c.dom.Element[] assertions,
                                         java.lang.String mode)
                                         throws HandlerServiceException
this method is used to create a WS-Trust request for getting authorisation credentials. it works in the pull and push mode.

Parameters:
DNIn - is the subject DN, can be an empty string representing anonymous subject.
x509ACs - is a set of X509 ACs base64 encoded, can be null.
x509proxyCerts - is a set of proxy certificates base64 encoded, e.g. VOMS ACs, can be null
assertions - is a set of SAML attribute assertions, can be null
mode - is a string, which specifies what mode the PERMIS CVS works in.
Throws:
HandlerServiceException

createRequestContext

org.w3c.dom.Element createRequestContext(java.lang.String DNIn)
                                         throws HandlerServiceException
This method returns a simple WS-Trust request security token, which takes the given DNIn as the X509SubjectName value. it works as the pull mode.

Parameters:
DNIn - - this is the LDAP DN
Throws:
HandlerServiceException

createRequestContext

org.w3c.dom.Element createRequestContext(java.lang.String actionIn,
                                         java.lang.String resourceIn,
                                         org.w3c.dom.Element subject)
                                         throws HandlerServiceException
this method returns an XACML request context, in which the given action and resource are used as the action-id and resource-id value, and the given subject is the Subject section in the context.

Parameters:
actionIn - will be the action-id value.
resourceIn - will be the resource-id value
subject - is the subject request context
Throws:
HandlerServiceException

createSamlReuest

org.w3c.dom.Element createSamlReuest(java.lang.String userDN,
                                     java.lang.String actionName,
                                     java.lang.String targetDN)
this method create a SAML authz request including an authorisation decision query.

Parameters:
userDN - is in the LDAP DN format
action - can be any string value, which names the action
targetDN - is either a LDAP DN or URL

getSubjectCreds

org.w3c.dom.Element getSubjectCreds(org.w3c.dom.Element wst_request)
                                    throws HandlerServiceException
This method returns a subject XACML request context by given a WS-Trust request

Parameters:
wstReq - represents the WS-Trust request.
Returns:
the XACML request context
Throws:
HandlerServiceException

getResourceCreds

org.w3c.dom.Element getResourceCreds(org.w3c.dom.Element wst_request)
                                     throws HandlerServiceException
This method returns a resource XACML request context by given a WS-Trust request

Parameters:
wstReq - represents the WS-Trust request.
Returns:
the XACML request context
Throws:
HandlerServiceException

getAuthzDecision

org.w3c.dom.Element getAuthzDecision(org.w3c.dom.Element reqCtx)
                                     throws HandlerServiceException
This method provides an XACML interface to call PERMIS PDP for authz decisions

Parameters:
reqCtx, - which is an XACML request context
Returns:
an XACML response context in the form of XML Element
Throws:
HandlerServiceException

getSamlAuthzDecision

org.w3c.dom.Element getSamlAuthzDecision(org.w3c.dom.Element samlRequest)
                                         throws HandlerServiceException
This method provides a SAML interface to call PERMIS PDP for making authz decisions

Parameters:
samlRequest, - which is a SAML authz request.
Returns:
a SAML authz response in the form of XML Element
Throws:
HandlerServiceException

getSamlAuthzDecision

org.w3c.dom.Element getSamlAuthzDecision(org.w3c.dom.Element samlRequest,
                                         java.lang.String url,
                                         boolean grid)
                                         throws HandlerServiceException
This method provides a SAML interface to call PERMIS PDP for making authz decisions via a saml service.

Parameters:
samlRequest, - which is a SAML authz request.
url - is the URL of the saml service.
grid - indicates the saml service is a globus one, if it is true.
Returns:
a SAML authz response in the form of XML Element
Throws:
HandlerServiceException