1
2
3
4
5
6
7 package org.opensciencegrid.authz.service;
8
9 import org.opensciencegrid.authz.common.GridId;
10 import org.opensciencegrid.authz.common.LocalId;
11
12 /*** A service that maps a grid credential to a local site identity.
13 *
14 * @author Gabriele Carcassi
15 */
16 public interface GRIDIdentityMappingService {
17 /***
18 * Returns the local identity to be used for the GRID identity.
19 * There are 3 different kind of return decision:
20 * <ul>
21 * <li>PERMIT: whenever mapCredentials returns a LocalId object, the
22 * service will allow access. Even if all the properties of the object
23 * are set to null.</li>
24 * <li>DENY: when the return value is null, access will be denied.</li>
25 * <li>INDETERMINATE: whenever the method throws an exception, the
26 * service will return an indeterminate decsion.</li>
27 * </ul>
28 * @param gridID The GRID identity to map
29 * @return A local identity or null, if no local identity could be found.
30 * @throws RuntimeException If any problem occurs such that the mapping couldn't be performed correctly.
31 */
32 LocalId mapCredentials(GridId gridID);
33 }