Difference between revisions of "DIS-IP"

From Gcube Wiki
Jump to: navigation, search
(Profile Manager)
m (Profile Manager)
Line 79: Line 79:
 
=== Profile Manager ===
 
=== Profile Manager ===
  
This class provides functionalities for DILIGENT Resource profile registation/unregistration on the DIS, and is used by the DIS-Registry to store resources on the DIS-IC, by using the aggregator framework sink/source mechanism
+
This class provides functionalities for DILIGENT Resource profile registation/unregistration on the DIS, and is used by the DIS-Registry to store resources on the DIS-IC, by using the aggregator framework sink/source mechanism.
  
 
It exposes the following public methods:
 
It exposes the following public methods:

Revision as of 14:32, 29 May 2007

Introduction

The DISIP is a static library that allows to create Managers for Profile/WS-resource-Properties/topics registration/unregistration to/from the DIS.

For further details about the Aggregator Framework, please see http://www.globus.org/toolkit/docs/development/4.1.0/info/aggregator/index.html

For information about the syntax of the registration file to use in pull mode, please see http://www.globus.org/toolkit/docs/development/4.1.0/info/aggregator/aggregator-sources-query.html

For information about the syntax of the registration file to use in push mode, please see http://www.globus.org/toolkit/docs/development/4.1.0/info/aggregator/aggregator-sources-subscription.html

Implentation Overview

The DISIP is a static class that creates "Managers" related to the VO the Service is acting. By using Credentials or service EPR it'is possible to instantiate the rigth Manager to use in the scope of a particular VO. In the case of a secure VO credentials ( of the caller or retreived by the Delegation Service Listener) have to be used. Otherwise the EPR of the Service has to be passed at manager creation time to select among different VO.

The manager that can be created are of 4 Types:

  • Resource Manager : Used to publish/remove on the DIS-IC WS-resource properties documents
  • DILIGENTProfile Manager : Used to Register/Unregister to/from DIS-Registry DILIGENT Resource Profiles
  • Profile Manager : Used internally by the DIS-Registry to register profiles on the DIS-IC
  • Broker Manager : Used by a Notification producer to register/unregister topics to/from DIS-Broker


the Source Javadoc documentation can be found here [1]

Resource Manager

This class manages registration of WS-Resource-Properties in the DIS. To deliver its functionality, it relies on the implementation of the WS-ServiceGroup specification provided by the MDS Aggregator Framework. After a registration, the group of registered properties becomes an aggregator source for one or more remote DIS-IC instances (acting as aggregator sinks) that collect the data and made them available to other DILIGENT services. If a WS-Resource implements the PersistentResource interface for persistence operations, the Registration has to be renewed in the load() method each time the resource is restored from its persistent state. The GT4 Aggregator Framework doesn't exploit Authentication mechanism for both Source/Sink, so credentials are only used to select among VO.

The method implemented are:

  • registerPullMode(org.apache.axis.message.addressing.EndpointReferenceType epr, java.lang.String xmlPullFile, org.diligentproject.common.provider.DILIGENTPropertySet propSet)

Registers and publishes a group of WS-Resource properties into the DIS using the Pull Mode by creating an Anonymous Registration.

  • registerPullMode(org.apache.axis.message.addressing.EndpointReferenceType epr, java.lang.String xmlPullFile, org.diligentproject.common.provider.DILIGENTPropertySet propSet, java.lang.String name)


  • registerPushMode(org.apache.axis.message.addressing.EndpointReferenceType epr, java.lang.String xmlPushFile, org.diligentproject.common.provider.DILIGENTPropertySet propSet)

This Method can be used to register *ONLY* a single WS-Resource-Properties on the DIS, cause the Globus AggregatorSubscriptionSink doesn't allows to retrieve more than one RP using push modality.

  • registerPushMode(org.apache.axis.message.addressing.EndpointReferenceType epr, java.lang.String xmlPushFile, org.diligentproject.common.provider.DILIGENTPropertySet propSet, java.lang.String name)

This Method can be used to register *ONLY* a single WS-Resource-Properties on the DIS, cause the Globus AggregatorSubscriptionSink doesn't allows to retrieve more than one RP using push modality.

  • remove(org.apache.axis.message.addressing.EndpointReferenceType epr)
  • remove(org.apache.axis.message.addressing.EndpointReferenceType epr, java.lang.String name)

DILIGENTProfile Manager

This Manager allows registration of DILIGENT Profiles into the DIS, hiding calls to DIS-Registry Stubs. The information about the DL context is extracted from the Credentials if the Manager has been created with credentials object. If the object has been created using the Service EPR, the DL is extracted from the RI profile of the caller.

It exposes the following public methods:

  • create(java.lang.String Profile)

This method allows registering a profile into DIS If the Manager has been created with credentials the DIS-Registry stubs are configured with the security enabled

  • remove(java.lang.String ID)

This method removes from the DIS the Profile corresponding to the given ID. If the Manager has been created with credentials the DIS-Registry stubs are configured with the security enabled

  • update(java.lang.String profile, java.lang.String ID)

This method updates the Profile given the ID and the new profile. If the Manager has been created with credentials the DIS-Registry stubs are configured with the security enabled

  • removeDL(java.lang.String ID)

This method removes the DL from the Profile represented by the ID. If the Manager has been created with credentials the DIS-Registry stubs are configured with the security enabled. The DL to add is extracted from the certificate or the EPR (by reading the Running Instance Profile)


  • addDL(java.lang.String ID)

This method adds the current DL to the Profile represented by the ID. If the Manager has been created with credentials the DIS-Registry stubs are configured with the security enabled. The DL to add is extracted from the certificate or the EPR (by reading the Running Instance Profile)

Profile Manager

This class provides functionalities for DILIGENT Resource profile registation/unregistration on the DIS, and is used by the DIS-Registry to store resources on the DIS-IC, by using the aggregator framework sink/source mechanism.

It exposes the following public methods:

  • registerPullMode(org.apache.axis.message.addressing.EndpointReferenceType epr, java.lang.String xmlPullFile, java.lang.String type)
  • registerPushMode(org.apache.axis.message.addressing.EndpointReferenceType epr, java.lang.String xmlPushFile, java.lang.String type)
  • remove(org.apache.axis.message.addressing.EndpointReferenceType epr)
  • remove(org.apache.axis.message.addressing.EndpointReferenceType epr, java.lang.String name)
  • remove(org.apache.axis.message.addressing.EndpointReferenceType epr, java.lang.String diligentID, java.lang.String type)

Broker Manager

The Broker Manager allows Notification Producers registering/unregistering topics to/from DIS-Broker of a particular VO. The following methods are both secure and unsecure ( in order to contact DIS-Broker of a secure/unsecure VO )

  • void registerToBroker(org.apache.axis.message.addressing.EndpointReferenceType sourceEpr, java.util.ArrayList<javax.xml.namespace.QName> topicsList)

Registers to DIS-Broker a list of topics to be used for brokered Notification

  • void registerToBroker(org.apache.axis.message.addressing.EndpointReferenceType sourceEpr, java.util.ArrayList<javax.xml.namespace.QName> topicsList, org.gridforum.jgss.ExtendedGSSCredential credential)

Registers to DIS-Broker a list of topics to be used for brokered Notification using AuthN/Authz

  • void unregisterToBroker(org.apache.axis.message.addressing.EndpointReferenceType sourceEpr, java.util.ArrayList<javax.xml.namespace.QName> topicsList)

Unregisters to DIS-Broker a list of topics to be used for brokered Notification

  • void unregisterToBroker(org.apache.axis.message.addressing.EndpointReferenceType sourceEpr, java.util.ArrayList<javax.xml.namespace.QName> topicsList, org.gridforum.jgss.ExtendedGSSCredential credential)

Unregisters to DIS-Broker a list of topics to be used for brokered Notification using AuthN/AuthZ

Dependencies

The DISIP exploits Authentication API functionalities to estract DL and VO info from Credentials. In order to parse EPR and retrieve the correct RI profile (In which are stored the info about the DL context), it exploits the NAL functionalities and the Profile Manager library.

Usage Example

Create a profile reading the info of the DL context and the VO from the EPR.


String profile =args[0];
BufferedReader in = new BufferedReader(new FileReader(profile));

String xmlfile ="";
while ((xmlfile = in.readLine()) != null ){                                                                                                                          
	file += xmlfile;                                                                                                                            
}
in.close();
EndpointReferenceType epr = new EndpointReferenceType();
epr.setAddress(new AttributedURI("http://dlib16.isti.cnr.it:8080/wsrf/services/diligentproject/informationservice/disregistry/DISRegistryFactoryService"));
System.out.println(DISIP.getDILIGENTProfileManager(null,epr).create(file));
	

How to disable Authentication on Providers operations

In order to let DIS-IC ( the Query Aggregator source that acts behind him) query for resource properties, is necessary disable authentication on GT4 providers oprations getMultipleResourceProperties and queryResourceProperties. If your Service acts also as a Notification Producer and registers topics on the DIS-Broker, the related GT4 providers operation subscribe and getCurrentMessage needs to be invoked withoud Authentication mechanism.

The following example shows how to disable authentication (and Authorization ) from the above operations in your Service Security Descriptor:


<?xml version="1.0" encoding="UTF-8"?>
<securityConfig xmlns="http://www.globus.org" >
<authz value="none"/>

<method name="getMultipleResourceProperties">
	<auth-method>
		<none/>
	</auth-method>

</method>

<method name="queryResourceProperties">
	<auth-method>
		<none/>
	</auth-method>

</method>

<method name="subscribe">
	<auth-method>
		<none/>
	</auth-method>
</method>

<method name="getCurrentMessage">
	<auth-method>
		<none/>
	</auth-method>
</method>


</securityConfig>

--Andrea 13:14, 19 March 2007 (EET)