Using credentials in Portlets and Servlets

How to use DILIGENT credentials in a Portlet / Servlet

Pre-development Actions

Patched Gridsphere

According to the DILIGENT requirements, the gridsphere portal needs to be customized in order to accomplish objectives not supported by the standard version of the gridpshere portal. We decided to perform this customization using ETICS tools: it create a new diligent-gridsphere starting from org.diligentproject.ext.gridsphere.2.2.7 configuration and applying on it all the patches developed and correctly inserted on the configuration, like for example org.diligentproject.portal.patch-VOMSintegration.

1. ETICS checkouts from org.diligentproject.ext.gridsphere the 2.2.7 configuration
2. ETICS checkouts also all the patches relied on the diligent-gridpshere configuration and apply them on it.Every patch needs a script executable to perform this action
3. a new version of gridsphere, called diligent-gridsphere is then ready to be used.

Downloading Gridsphere

In order to enable security aspects in your portal, you have first to download from ETICS system ([1]) the diligent-gridsphere.HEAD tgz (org.diligentproject.portal.diligent-gridsphere). This configuration contains a gridsphere-2.2.7 portal patched with the org.diligentproject.portal.patch-VOMSintegration subsystem.

Using Credentials API

Available Methods

ExtendedGSSCredential getCredentials(PortletSession session)

• You should use this method if you want to retrieve the credential from the portlet.
• It returns a grid credential that you should pass to DIS or every other service that you want to use.

ExtendedGSSCredential getCredentials(HttpSession session)

• You should use this method if you want to retrieve the credential from the servlet.
• It returns a grid credential that you should pass to DIS or every other service that you want to use.

String getHttpScheme(String sessionID)

• It takes as parameter the sessionID.
• It returns the schema that the user uses in order to communicate with the portal (http / https).

String getCurrentTab(String sessionID)

• It takes as parameter the sessionID.
• It returns the name of user's current tab.

HashMap<String, String> getUserInfo(String sessionID)

• It takes as parameter the sessionID.
• It returns a HashMap with all the userInfo

String getDN(String sessionID)

• It takes as parameter the sessionID.
• It returns the DN of the user credential.

String getCA(String sessionID)

• It takes as parameter the sessionID.
• It returns the CA of the user credential.

String getCN(String sessionID)

• It takes as parameter the sessionID.
• It returns the CN of the user credential.

Useful Information

1. The names of the tabs must be in the form of: /diligent/<VO name>/<DL name>. Otherwise the credential which will be retrieved won't be valid.
2. UserInfo class, which is defined in package org.diligentproject.dvos.portal, is a singleton. So, if you want to retrieve the instance of this class, you must call the getInstance() method.

Sample Code

//Retrieving UserInfo instance:
UserInfo userInfo = UserInfo.getInstance();
//Retrieving current tab info:
String currentTab = userInfo.getCurrentTab(session.getId());
ExtendedGSSCredential credential = null;
try { //Retrieving credential:
    credential = userInfo.getCredentials(session);
}
catch (Exception e) {
    e.printStackTrace();
}
//Initializing DHLSClient:
DISHLSClient.init(System.getProperty("GLOBUS_LOCATION") + "/etc/org_diligentproject_keeperservice_hnm/" + "DISQueries.xml");


Imports

import org.diligentproject.dvos.portal.UserInfo; //In gridsphere-portal-2.2.jar
import org.diligentproject.informationservice.dishlsclient.impl.DISHLSClient; // In dishlsclient jar-file
import org.gridforum.jgss.ExtendedGSSCredential; // In ws-core libraries


--Valia 17:42, 25 May 2007 (EEST)