View Javadoc

1   /*
2    * GRIDIdentityMappingServiceClient.java
3    *
4    */
5   
6   package org.opensciencegrid.authz.client;
7   
8   import java.net.URL;
9   import java.util.ArrayList;
10  import java.rmi.RemoteException;
11  import javax.xml.rpc.ServiceException;
12  import org.opensciencegrid.authz.common.GridId;
13  import org.opensciencegrid.authz.common.LocalId;
14  import org.opensciencegrid.authz.service.GRIDIdentityMappingService;
15  import org.opensciencegrid.authz.stubs.AuthorizationServiceLocator;
16  import org.opensciencegrid.authz.stubs.SAMLRequestPortType;
17  import org.opensciencegrid.authz.stubs.SAMLRequestType;
18  import org.opensciencegrid.authz.stubs.SAMLResponseType;
19  import org.opensaml.v1_0_1.SAMLSubject;
20  import org.opensaml.v1_0_1.SAMLAuthorizationDecisionStatement;
21  import org.apache.log4j.Category;
22  
23  
24  /*** Client for a GRID identity mapping service. It converts the GridId to a 
25   * SAML request, contact the AuthZ service, and converts the SAML response to a
26   * LocalID.
27   *
28   * @author Markus Lorch, Gabriele Carcassi
29   */
30  public class GRIDIdentityMappingServiceClient extends SAMLAuthZClientBase implements GRIDIdentityMappingService {
31      
32      URL serviceLocation;
33      static Category log = Category.getInstance(GRIDIdentityMappingServiceClient.class.getName());    
34  
35      public GRIDIdentityMappingServiceClient(URL serviceLocation) throws ServiceException {
36            this.serviceLocation = serviceLocation;
37      }
38  
39  
40      /*** returns null if no mapping could be retrieved */
41  
42      public LocalId mapCredentials(GridId gridID) {
43  
44        LocalId id = null;
45        
46        if ((gridID.getUserFQAN() != null) && (gridID.getUserFQANIssuer() == null)) {
47            throw new RuntimeException("userFQAN and userFQANIssuer must both be set.");
48        }
49        
50        try {
51           
52          String      requestedServiceName = gridID.getHostDN();
53          SAMLSubject samlSubject = getSAMLSubjectFromString(gridID.getUserDN());
54          ArrayList   samlEvidence = createFQANEvidenceFromString(samlSubject, gridID.getUserFQANIssuer(), gridID.getUserFQAN());
55          ArrayList   samlActions = createMappingActions();
56  
57           
58          SAMLAuthorizationDecisionStatement stmt = queryAuthZService(	samlSubject, 
59  									samlEvidence, 
60  									samlActions, 
61  									requestedServiceName,
62  									serviceLocation);
63  
64          if(stmt!=null) {
65            id = processAuthzStmt(stmt, requestedServiceName, samlActions, samlSubject);
66          }
67          
68        } catch (Exception e) {
69          log.error(e);
70          id=null;
71        }
72  
73        return id;
74      }
75      
76  }