TDOutHandler (Unicore Atomic Services 1.3.2 API)

Overview

Package

Class

Use

Tree

Deprecated

Index

Help

PREV CLASS NEXT CLASS

FRAMES NO FRAMES

SUMMARY: NESTED | FIELD | CONSTR | METHOD

DETAIL: FIELD | CONSTR | METHOD

de.fzj.unicore.uas.security
Class TDOutHandler

java.lang.Object
  org.codehaus.xfire.handler.AbstractHandler
      eu.unicore.security.xfireutil.client.TDOutHandler
          de.fzj.unicore.uas.security.TDOutHandler

All Implemented Interfaces:: SecurityOutHandler, org.codehaus.xfire.handler.Handler

public class TDOutHandler
extends eu.unicore.security.xfireutil.client.TDOutHandler
implements SecurityOutHandler
extends eu.unicore.security.xfireutil.client.TDOutHandler
implements SecurityOutHandler

Trust delegation handler for outgoing messages. It extends generic TDOutHandler from secutils to make it configurable in UAS way. The implementation can configure underlying handler in two cases:

a (list of) trust delegation assertion(s) is passed on
if requested using the IUASSecurityProperties used to configure the handler, a new trust delegation assertion is generated (which may extend an existing one)

Author:: K. Benedyczak, schuller

Field Summary

Fields inherited from class eu.unicore.security.xfireutil.client.TDOutHandler
`WSSEC_COMPILANT_PROPERTY`

Fields inherited from interface org.codehaus.xfire.handler.Handler
`ROLE`

Constructor Summary
`TDOutHandler()`

Method Summary
`protected eu.unicore.security.etd.TrustDelegation`	`createAssertion(java.security.cert.X509Certificate[] custodian, java.security.PrivateKey pk, java.lang.String receiver, eu.unicore.security.etd.DelegationRestrictions restrictions)` create a new TD assertion
`void`	`doInit(IUASSecurityProperties sec)` Initialise the handler.
`protected java.util.List<eu.unicore.security.etd.TrustDelegation>`	`extendAssertion(java.util.List<eu.unicore.security.etd.TrustDelegation> tdList, java.security.cert.X509Certificate[] custodian, java.security.PrivateKey pk, java.lang.String receiver, eu.unicore.security.etd.DelegationRestrictions restrictions)` extend an existing the TD assertion
`java.util.List<eu.unicore.security.etd.TrustDelegation>`	`getAssertionList()`
`eu.unicore.security.user.UserAssertion`	`getUserAssertion()`

Methods inherited from class eu.unicore.security.xfireutil.client.TDOutHandler
`createUserAssertion, initJDOM, invoke, reinit, reinit, reinit, reinit, reinit`

Methods inherited from class org.codehaus.xfire.handler.AbstractHandler
`after, before, getAfter, getBefore, getPhase, getRoles, getUnderstoodHeaders, handleFault, setAfter, setBefore, setPhase`

Methods inherited from class java.lang.Object
`clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait`

Constructor Detail

TDOutHandler

public TDOutHandler()

Method Detail

doInit

public void doInit(IUASSecurityProperties sec)

Initialise the handler. The supplied security properties may contain an existing list of trust delegations.
If the IUASSecurityProperties.isTrustDelegationEnabled() returns true, a new assertion will be generated (and an existing chain will be extended.) In this case the security properties should contain the name of the receiver.
Else, the supplied TD chain will be used as-is.

Specified by:: doInit in interface SecurityOutHandler

See Also:: IUASSecurityProperties

createAssertion

protected eu.unicore.security.etd.TrustDelegation createAssertion(java.security.cert.X509Certificate[] custodian,
                                                                  java.security.PrivateKey pk,
                                                                  java.lang.String receiver,
                                                                  eu.unicore.security.etd.DelegationRestrictions restrictions)

create a new TD assertion

Parameters:: custodian - - the entity issuing the assertion; pk - - the private key to be used for signing; receiver - - the X500 name of the receiver; restrictions - - any restrictions on the assertion (e.g. max length of delegation chain)

extendAssertion

protected java.util.List<eu.unicore.security.etd.TrustDelegation> extendAssertion(java.util.List<eu.unicore.security.etd.TrustDelegation> tdList,
                                                                                  java.security.cert.X509Certificate[] custodian,
                                                                                  java.security.PrivateKey pk,
                                                                                  java.lang.String receiver,
                                                                                  eu.unicore.security.etd.DelegationRestrictions restrictions)

extend an existing the TD assertion

Parameters:: tdList - - the existing list (length must be larger than 0!); custodian - - the entity issuing the assertion; pk - - the private key to be used for signing; receiver - - the X500 name of the receiver; restrictions - - any restrictions on the assertion (e.g. max length of delegation chain)

getAssertionList

public java.util.List<eu.unicore.security.etd.TrustDelegation> getAssertionList()

getUserAssertion

public eu.unicore.security.user.UserAssertion getUserAssertion()