IMapCredentialsClient.java example

Explorer
dcache-master
- archetypes
  - dcache-nearline-plugin-archetype
    - src
      - main
        resources
        archetype-resources
        src
        main
        java
        PluginNearlineStorage.java
        PluginNearlineStorageProvider.java
- modules
package org.dcache.gplazma.plugins;

import org.apache.axis.EngineConfiguration;
import org.opensaml.xacml.XACMLConstants;
import org.opensciencegrid.authz.xacml.client.MapCredentialsClient;
import org.opensciencegrid.authz.xacml.common.LocalId;

import java.util.Properties;

import org.dcache.gplazma.AuthenticationException;

/**
 * Exports the relevant methods on the privilege {@link MapCredentialsClient}.
 * This wrapper is used to provide the ability to swap in a custom
 * implementation of the client (e.g., for local stand-alone testing).
 *
 * @author arossi
 */
public interface IMapCredentialsClient {

    /**
     * This method should always be called post-construction, as it is
     * responsible for any special set-up on the client.
     *
     * @param properties
     */
    void configure(Properties properties);

    /**
     * Does the actual mapping work based on the various attributes set on the
     * client.
     *
     * @param mappingServiceURL
     *            may be <code>null</code> or unused if the client is a test
     *            delegate; otherwise gives service endpoint.
     * @return local id to which the attributes and DN are mapped, or
     *         <code>null</code> if no match
     * @throws AuthenticationException
     */
    LocalId mapCredentials(String mappingServiceURL)
                    throws AuthenticationException;

    /**
     * @param name
     *            a VOMS fully qualified attribute name
     */
    void setFqan(String name);

    /**
     * @param action
     *            usually XACMLConstants.ACTION_ACCESS (
     *            <code>http://authz-interop.org/xacml/action/action-type/access</code>
     *            ), access permission)
     *            {@link XACMLConstants}
     */
    void setRequestedaction(String action);

    /**
     * @param resourceDNSHostName
     *            usually determined by the plugin
     */
    void setResourceDNSHostName(String resourceDNSHostName);

    /**
     * @param type
     *            usually XACMLConstants.RESOURCE_SE (
     *            <code>http://authz-interop.org/xacml/resource/resource-type/se</code>
     *            ), storage resource) {@link XACMLConstants}
     */
    void setResourceType(String type);

    /**
     * @param targetServiceName
     *            usually determined by the plugin from host certificate
     */
    void setResourceX509ID(String targetServiceName);

    /**
     * @param targetServiceIssuer
     *            usually determined by the plugin from host certificate
     */
    void setResourceX509Issuer(String targetServiceIssuer);

    /**
     * @param vo
     *            (extended VOMS certificate attribute)
     */
    void setVO(String vo);

    /**
     * @param vomsSigningIssuer
     *            (extended VOMS certificate attribute)
     */
    void setVOMSSigningIssuer(String vomsSigningIssuer);

    /**
     * @param vomsSigningSubject
     *            (extended VOMS certificate attribute)
     */
    void setVOMSSigningSubject(String vomsSigningSubject);

    /**
     * @param subject
     *            the user DN
     */
    void setX509Subject(String subject);

    /**
     * @param x509SubjectIssuer
     *            , authority for the user DN
     */
    void setX509SubjectIssuer(String x509SubjectIssuer);

    void setAxisConfiguration(EngineConfiguration axisConfiguration);
}