|
|||||||||||
PREV CLASS NEXT CLASS | FRAMES NO FRAMES | ||||||||||
SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD |
java.lang.Object org.opensciencegrid.authz.service.SAMLAuthZServiceBase
Common implementation for a SAML authorization service: parses the requests, and performs the authorization through an abstract method, to be implemented by the AuthZ service. Status: untested TODO: retrieving the caller identity from the trustmanager
Nested Class Summary | |
protected class |
SAMLAuthZServiceBase.AuthzDecision
This inner class is used as return value from the authorize method |
protected class |
SAMLAuthZServiceBase.FQAN
the Fully Qualified Attribute Name (FQAN) = the VOMS VO-membership/role attribute |
Constructor Summary | |
SAMLAuthZServiceBase()
|
Method Summary | |
protected abstract SAMLAuthZServiceBase.AuthzDecision |
authorize(org.opensaml.SAMLSubject subject,
java.lang.String resource,
java.util.Iterator actions,
java.util.Iterator evidence)
Performs the authorization of the request. |
protected SAMLAuthZServiceBase.FQAN |
findFQANinSubjectEvidence(java.util.Iterator evidenceIterator,
org.opensaml.SAMLSubject querySubject)
Searches the Evidence elements for FQAN attributes. |
protected java.lang.String |
getFQAN(org.opensaml.SAMLAttributeStatement stmt)
checks if a specific SAMLAttributeStatement holds a FQAN, and returns that FQAN attribute in form of a string returns null if no FQAN (string) attribute could be located |
protected java.util.ArrayList |
locatePermissibleActions(java.util.Iterator requestedActions,
java.util.ArrayList permissibleActionsList)
returns the subset of the requestedActions that are present in the permissibleActions parameter |
SAMLResponseType |
SAMLRequest(SAMLRequestType samlRequestType)
Main function, recives SAMLRequest and response with a SAMLResponse 1. |
Methods inherited from class java.lang.Object |
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait |
Constructor Detail |
public SAMLAuthZServiceBase()
Method Detail |
protected abstract SAMLAuthZServiceBase.AuthzDecision authorize(org.opensaml.SAMLSubject subject, java.lang.String resource, java.util.Iterator actions, java.util.Iterator evidence) throws org.opensaml.SAMLException
org.opensaml.SAMLException
public SAMLResponseType SAMLRequest(SAMLRequestType samlRequestType) throws java.rmi.RemoteException
SAMLRequest
in interface SAMLRequestPortType
java.rmi.RemoteException
protected java.lang.String getFQAN(org.opensaml.SAMLAttributeStatement stmt) throws org.opensaml.SAMLException
org.opensaml.SAMLException
protected SAMLAuthZServiceBase.FQAN findFQANinSubjectEvidence(java.util.Iterator evidenceIterator, org.opensaml.SAMLSubject querySubject) throws org.opensaml.SAMLException
org.opensaml.SAMLException
protected java.util.ArrayList locatePermissibleActions(java.util.Iterator requestedActions, java.util.ArrayList permissibleActionsList)
|
|||||||||||
PREV CLASS NEXT CLASS | FRAMES NO FRAMES | ||||||||||
SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD |