eu.xtreemos.xati.API
Class XVOPS

java.lang.Object
  extended by eu.xtreemos.xati.API.XVOPS

public class XVOPS
extends java.lang.Object

Author:
gregor.pipan@xlab.si

Field Summary
static java.lang.String servicename
           
 
Constructor Summary
XVOPS()
           
 
Method Summary
static java.lang.Boolean addPolicy(java.lang.String __xacmlPolicy, java.security.cert.X509Certificate __userCtx)
          Adds XACML policy into policy storage.
static java.lang.String addRule(java.lang.String __ruleXML, java.lang.String __policyId)
          Adds rule which is passed as XML string to the policy identified by policyId.
static java.lang.String addXACMLRule(java.lang.String __ruleXACML, java.lang.String __policyId, java.security.cert.X509Certificate __userCtx)
          Adds rule which is passed as XML string in XACML format to the policy identified by policyId.Returns rule created as String object.
static java.lang.String createPolicy(java.lang.String __policyID, java.lang.String __description)
          Deprecated.  
static java.lang.String createPolicyWithTarget(java.lang.String __policyID, java.lang.String __description, java.lang.String __target)
          Creates an empty policy containing target as provided.
static java.lang.String evaluateRequest(java.lang.String __xacmlRequest)
          Method constructs XACML request from XML passed as request and applies xacml request against policies stored in policy storage @see PolicyFactory.
static java.lang.String generateRequest(java.security.cert.X509Certificate __targetSubjectCertificate)
           
static java.util.ArrayList<java.lang.String> getActionAttributes()
          These attributes can be used in XACML policies, requests and rules.
static java.util.ArrayList<CommunicationAddress> getFilteredResources()
          Deprecated.  
static java.util.ArrayList<java.lang.String> getResourceAttributes()
          These attributes can be used in XACML policies, requests and rules.
static java.util.ArrayList<java.lang.String> getSubjectAttributes()
          These attributes can be used in XACML policies, requests and rules.
static java.lang.String listFilteredPolicy(java.lang.String __xacmlRequest)
          Returns a policy comprising rules which comply with the request passed as an argument.
static java.lang.String listFilteredPolicyCert(java.security.cert.X509Certificate __targetSubjectCertificate)
          Lists policies which apply to certificate provided.
static java.util.ArrayList<java.lang.String> listPolicies(java.security.cert.X509Certificate __userCtx)
          Note that list of all policies can be very large.
static java.lang.String listPolicy(java.lang.String __policyId, java.security.cert.X509Certificate __userCtx)
          Lists specific policy with policyId.
static java.lang.String listVoAdmins()
          Lists registered VO administrators.
static java.lang.String obtainFilterPolicyAEM(java.lang.Object __xosUserCert, java.lang.String __jsdlContent, java.lang.String __action)
           
static java.lang.Boolean registerVoAdmin(java.security.cert.X509Certificate __voAdminsCert)
          Adds certificate passed as an argument into a list of trusted certificates (VO admins list).
static java.lang.Boolean registerVOPSToGlobalVOPS(CommunicationAddress __address, java.security.cert.X509Certificate __certificate)
          This registers VOPS to global VOPS service where decisions are made.
static java.lang.Boolean reloadVOPS(java.security.cert.X509Certificate __userCtx)
          Reloads all policies stored in policy storage.
static java.lang.Boolean removePolicy(java.lang.String __policyId, java.security.cert.X509Certificate __userCtx)
          Policy with policyId will be removed from policy storage.
static java.lang.Boolean removeRuleFromPolicy(java.lang.String __ruleId, java.lang.String __policyId, java.security.cert.X509Certificate __userCtx)
          Removes rule from policy with specified policyId.
static java.lang.Boolean unregisterVoAdmin(java.lang.Integer __index)
          Removes certificate with specified index from a list of trusted certificates.
static ResourceMatching verifyPolicyAEM(java.lang.Object __xos_cert, ResourceMatching __resources, java.lang.String __action)
          Used by AEM framework to check if resources listed in comply with policies stored in VO policy storage PolicyFactory#listPolicies().
static ResourceMatching verifyPolicyCertRes(java.security.cert.X509Certificate __xos_cert, ResourceMatching __resources)
          This method is called by consequence of the VOPS#verifyPolicyAEM(Object, ResourceMatching, String) method.
static java.lang.Boolean writeBack(java.security.cert.X509Certificate __userCtx)
          Writes back policies from policy storage in PolicyFactory on to local disk.
 
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
 

Field Detail

servicename

public static java.lang.String servicename
Constructor Detail

XVOPS

public XVOPS()
Method Detail

registerVoAdmin

public static java.lang.Boolean registerVoAdmin(java.security.cert.X509Certificate __voAdminsCert)
                                         throws java.lang.Exception
Adds certificate passed as an argument into a list of trusted certificates (VO admins list). This method is used as a base of access control.

Parameters:
voAdminsCert - certificate to add into a list of trusted certificates. See also X509Certificate.
Returns:
true on success.
Throws:
java.lang.Exception

unregisterVoAdmin

public static java.lang.Boolean unregisterVoAdmin(java.lang.Integer __index)
                                           throws java.lang.Exception
Removes certificate with specified index from a list of trusted certificates.

Parameters:
voAdminsCert -
Returns:
true on success
Throws:
java.lang.Exception

listVoAdmins

public static java.lang.String listVoAdmins()
                                     throws java.lang.Exception
Lists registered VO administrators.

Returns:
list in a instance of String.
Throws:
java.lang.Exception

obtainFilterPolicyAEM

public static java.lang.String obtainFilterPolicyAEM(java.lang.Object __xosUserCert,
                                                     java.lang.String __jsdlContent,
                                                     java.lang.String __action)
                                              throws java.lang.Exception
Throws:
java.lang.Exception

verifyPolicyAEM

public static ResourceMatching verifyPolicyAEM(java.lang.Object __xos_cert,
                                               ResourceMatching __resources,
                                               java.lang.String __action)
                                        throws java.lang.Exception
Used by AEM framework to check if resources listed in comply with policies stored in VO policy storage PolicyFactory#listPolicies().

Parameters:
xos_cert - instance of X509Certificate.
resources - list of potential compliant resource, see also ResourceMathching class.
action - String used to denote the action taken by the user over resources. Use constants declared inside XACMLConstants#Action.
Returns:
instance of ResourceMatching, also includes digital signature, see ResourceMatching.setSignature(byte[])and ResourceMatching.getSignature().
Throws:
java.lang.Exception

verifyPolicyCertRes

public static ResourceMatching verifyPolicyCertRes(java.security.cert.X509Certificate __xos_cert,
                                                   ResourceMatching __resources)
                                            throws java.lang.Exception
This method is called by consequence of the VOPS#verifyPolicyAEM(Object, ResourceMatching, String) method. Enforces policies - generates XACML request for each of the resource and checks it against policies residing in policy storage, see PolicyFactory#listPolicies().

Parameters:
xos_cert - User certificate which has been stored in VOPSStorage
resources - are collection from process of resource mathcing, see ResourceMatching.
Returns:
instance of the ResourceMatching object. It contains a list of all potential resource nodes.
Throws:
java.lang.Exception

createPolicy

public static java.lang.String createPolicy(java.lang.String __policyID,
                                            java.lang.String __description)
                                     throws java.lang.Exception
Deprecated. 

A new policy file is created in policy storage using static PolicyFactory class. Policy has policyID, description.

Parameters:
policyID - Id of new policy created
description - of new policy
Returns:
String policy as String instance.
Throws:
java.lang.Exception

createPolicyWithTarget

public static java.lang.String createPolicyWithTarget(java.lang.String __policyID,
                                                      java.lang.String __description,
                                                      java.lang.String __target)
                                               throws java.lang.Exception
Creates an empty policy containing target as provided.

Parameters:
policyID - policy's id
description - description of the policy
target - target upon whom this policy apply
Returns:
policy created
Throws:
java.lang.Exception

removePolicy

public static java.lang.Boolean removePolicy(java.lang.String __policyId,
                                             java.security.cert.X509Certificate __userCtx)
                                      throws java.lang.Exception
Policy with policyId will be removed from policy storage.

Parameters:
policyId -
userCtx - certificate of the subject executing this call.
Returns:
true on success
Throws:
instance - of Exception, error from PolicyFactory#removePolicy(String).
java.lang.Exception

listPolicies

public static java.util.ArrayList<java.lang.String> listPolicies(java.security.cert.X509Certificate __userCtx)
                                                          throws java.lang.Exception
Note that list of all policies can be very large. See also VOPS#listFilteredPolicy(String) and VOPS#listPolicy(String).

Parameters:
userCtx - certificate of the subject executing this call.
Returns:
ArrayList of XACML policies as ArrayList of strings.
Throws:
java.lang.Exception

listPolicy

public static java.lang.String listPolicy(java.lang.String __policyId,
                                          java.security.cert.X509Certificate __userCtx)
                                   throws java.lang.Exception
Lists specific policy with policyId. Returns XACML policy as String object.

Parameters:
policy - id.
userCtx - certificate of the subject executing this call.
Returns:
XACML policy as a string.
Throws:
java.lang.Exception

addPolicy

public static java.lang.Boolean addPolicy(java.lang.String __xacmlPolicy,
                                          java.security.cert.X509Certificate __userCtx)
                                   throws java.lang.Exception
Adds XACML policy into policy storage.

Parameters:
Policy - in XML passed as string (XACML format).
userCtx - certificate of the subject executing this call.
Returns:
true on success.
Throws:
java.lang.Exception

addRule

public static java.lang.String addRule(java.lang.String __ruleXML,
                                       java.lang.String __policyId)
                                throws java.lang.Exception
Adds rule which is passed as XML string to the policy identified by policyId. Returns rule as String object. See also VOPS#addXACMLRule(String, String), where rule is passed in a XACML format.

Parameters:
ruleXML - description of the rule.
policyId - defines destination policy.
Returns:
XACML rule as a string.
Throws:
java.lang.Exception

addXACMLRule

public static java.lang.String addXACMLRule(java.lang.String __ruleXACML,
                                            java.lang.String __policyId,
                                            java.security.cert.X509Certificate __userCtx)
                                     throws java.lang.Exception
Adds rule which is passed as XML string in XACML format to the policy identified by policyId.Returns rule created as String object.

Parameters:
ruleXACML - XACML string presenting rule to be added to policy
policyId - identifies to which type of policies are we this rule.
userCtx - certificate of the subject executing this call.
Returns:
rule in a XACML format as a String.
Throws:
java.lang.Exception

listFilteredPolicy

public static java.lang.String listFilteredPolicy(java.lang.String __xacmlRequest)
                                           throws java.lang.Exception
Returns a policy comprising rules which comply with the request passed as an argument.

Parameters:
xacmlRequest - XACML request which is applied to policies residing in PolicyFactory.
Returns:
XACML Policy comprising rules, which apply to xacmlReqeust.
Throws:
java.lang.Exception

listFilteredPolicyCert

public static java.lang.String listFilteredPolicyCert(java.security.cert.X509Certificate __targetSubjectCertificate)
                                               throws java.lang.Exception
Lists policies which apply to certificate provided.

Parameters:
targetSubject -
Returns:
Throws:
java.lang.Exception

generateRequest

public static java.lang.String generateRequest(java.security.cert.X509Certificate __targetSubjectCertificate)
                                        throws java.lang.Exception
Throws:
java.lang.Exception

evaluateRequest

public static java.lang.String evaluateRequest(java.lang.String __xacmlRequest)
                                        throws java.lang.Exception
Method constructs XACML request from XML passed as request and applies xacml request against policies stored in policy storage @see PolicyFactory.

Parameters:
request - String presenting XACMl request
Returns:
XML file presenting XACML reply (see XACML 1.0 core specifications for more details ).
Throws:
java.lang.Exception

removeRuleFromPolicy

public static java.lang.Boolean removeRuleFromPolicy(java.lang.String __ruleId,
                                                     java.lang.String __policyId,
                                                     java.security.cert.X509Certificate __userCtx)
                                              throws java.lang.Exception
Removes rule from policy with specified policyId.

Parameters:
ruleId - Rule which will be removed from policy.
policyId - policy from which this rule is removed.
userCtx - certificate of the subject executing this call.
Returns:
true on success.
Throws:
java.lang.Exception

writeBack

public static java.lang.Boolean writeBack(java.security.cert.X509Certificate __userCtx)
                                   throws java.lang.Exception
Writes back policies from policy storage in PolicyFactory on to local disk.

Parameters:
userCtx - certificate of the subject executing this call.
Returns:
true on success.
Throws:
java.lang.Exception

reloadVOPS

public static java.lang.Boolean reloadVOPS(java.security.cert.X509Certificate __userCtx)
                                    throws java.lang.Exception
Reloads all policies stored in policy storage.

Parameters:
userCtx - certificate of the subject executing this call.
Returns:
true on success
Throws:
java.lang.Exception

getFilteredResources

public static java.util.ArrayList<CommunicationAddress> getFilteredResources()
                                                                      throws java.lang.Exception
Deprecated. 

Return list of filtered addresses where execution is permitted.

Returns:
list of addressses
Throws:
java.lang.Exception

registerVOPSToGlobalVOPS

public static java.lang.Boolean registerVOPSToGlobalVOPS(CommunicationAddress __address,
                                                         java.security.cert.X509Certificate __certificate)
                                                  throws java.lang.Exception
This registers VOPS to global VOPS service where decisions are made.

Parameters:
address - VOPS address to register
certificate - of the VOPS
Returns:
Throws:
java.lang.Exception

getSubjectAttributes

public static java.util.ArrayList<java.lang.String> getSubjectAttributes()
                                                                  throws java.lang.Exception
These attributes can be used in XACML policies, requests and rules.

Returns:
an ArrayList containing subject attributes.
Throws:
java.lang.Exception

getResourceAttributes

public static java.util.ArrayList<java.lang.String> getResourceAttributes()
                                                                   throws java.lang.Exception
These attributes can be used in XACML policies, requests and rules.

Returns:
an ArrayList containing resource attributes.
Throws:
java.lang.Exception

getActionAttributes

public static java.util.ArrayList<java.lang.String> getActionAttributes()
                                                                 throws java.lang.Exception
These attributes can be used in XACML policies, requests and rules.

Returns:
an ArrayList containing action attributes.
Throws:
java.lang.Exception