OSGAuthorizationConstants xref

View Javadoc

1   package org.opensciencegrid.authz.common;
2   
3   /*
4   
5   Class to hold Authorization Constants
6   
7   Author:  Markus Lorch
8   Project: OpenScienceGrid Privilege 
9   Date:    2004-11-29
10  
11  */
12  
13  import org.opensaml.v1_0_1.QName;
14  
15  
16  public class OSGAuthorizationConstants {
17  
18      /* general authorization */
19   
20      final public static String AUTHZ_NS = "opensciencegrid:authorization";
21  
22      /* GUMS mapping request */
23  
24      final public static String ACCESS_AS_LOCAL_ID = "access_as_local_identity";
25  
26      /* XACML constants for obligation processing */
27  
28      /* the userid obligation holds a single string attribute with the local user name */
29      final public static String USERIDOBLIGATION      = "opensciencegrid:authorization:UserIdObligation";
30      final public static String USERIDATTRIBUTE       = "opensciencegrid:authorization:attribute:UserId";
31      /* the groupid obligation holds a single string attribute with the local primary group name */
32      final public static String GROUPIDOBLIGATION     = "opensciencegrid:authorization:GroupIdObligation";
33      final public static String GROUPIDATTRIBUTE      = "opensciencegrid:authorization:attribute:GroupId";
34      /* the supplemental group id obligation holds a single string attribute with a space delimited list of
35         local group names */
36      final public static String SUPGROUPIDSOBLIGATION = "opensciencegrid:authorization:SupGroupIdsObligation";
37      final public static String SUPGROUPIDSATTRIBUTE  = "opensciencegrid:authorization:attribute:SupGroupIds";
38      /* the root path obligation holds a single string attribute with the root path to be chrooted to */
39      final public static String ROOTPATHOBLIGATION    = "opensciencegrid:authorization:RootPathObligation";
40      final public static String ROOTPATHATTRIBUTE     = "opensciencegrid:authorization:attribute:RootPath";
41      /* the relative home path obligation holds a single string attribute with the home path relative to the root path */
42      final public static String RELHOMEPATHOBLIGATION = "opensciencegrid:authorization:RelHomePathObligation";
43      final public static String RELHOMEPATHATTRIBUTE  = "opensciencegrid:authorization:attribute:RelHomePath";
44  
45      final public static String STRINGDATATYPE   = "http://www.w3.org/2001/XMLSchema#string";
46  
47  
48  
49      /* Authorization statements */
50    
51      public static QName AUTHZDECISIONSTATEMENT = 
52          new org.opensaml.v1_0_1.QName("urn:oasis:names:tc:SAML:1.0:assertion","AuthorizationDecisionStatement");
53  
54      public static QName OBLIGATEDAUTHZDECISIONSTATEMENT = 
55          new org.opensaml.v1_0_1.QName("opensciencegrid:authorization:saml","ObligatedAuthorizationDecisionStatement");
56  
57  
58  } // end class OSGAuthorizationConstants
59