Difference between revisions of "VOMS-API"

From Gcube Wiki
Jump to: navigation, search
(Usage Examples)
Line 20: Line 20:
  
 
If the user choose to instantiate a ''VOMSAdminImpl'' object specifying client credentials, this will overwrite the host certificate set by default.
 
If the user choose to instantiate a ''VOMSAdminImpl'' object specifying client credentials, this will overwrite the host certificate set by default.
 
  
 
====Usage Examples====
 
====Usage Examples====
Line 46: Line 45:
 
====CredentialsManagerImpl====
 
====CredentialsManagerImpl====
 
This class provides a method to retrieve user's credentials. It manages communication with MyProxyCA server to generate simple credentials for  the username provided and some operations are overloaded in order to simplify management of the users with a proxy certificate provided by gCube SimpleCA.
 
This class provides a method to retrieve user's credentials. It manages communication with MyProxyCA server to generate simple credentials for  the username provided and some operations are overloaded in order to simplify management of the users with a proxy certificate provided by gCube SimpleCA.
 +
 +
====Usage Examples====
 +
 +
<source lang="java5">
 +
 +
//Retrieves ExtendedGSSCredential from MyProxy server with VOMS Attributes (roles, groups) attached
 +
    System.out.print("Retrieve Credentials:");
 +
    ExtendedGSSCredential cred;
 +
    try {
 +
cred = manager.getCredentials(userName, pwd, groupName);
 +
if (cred != null) {
 +
    byte[] data = cred.export(ExtendedGSSCredential.IMPEXP_OPAQUE);
 +
    File file = new File(proxyFile);
 +
    file.createNewFile();
 +
    FileOutputStream out = new FileOutputStream(proxyFile, false);
 +
    out.write(data);
 +
    out.close();
 +
    System.out.println("Time needed to retrieve credentials " + (end - start) + " milliseconds.");
 +
    System.out.println();
 +
 +
    System.out.println("Credentials for " + userName + " are correctly retrieved and stored in ");
 +
    System.out.println("\t" + proxyFile + ".");
 +
}
 +
    } catch (Exception e) {
 +
e.printStackTrace();
 +
    }
 +
</source>

Revision as of 13:05, 6 February 2009

The VOMS-API library

The library offers a number of facilities for interacting with VOMS server. [Read More]

Sample usage

The VOMS-API SA ships also a voms-api-test-suite where it is possible to use two sample classes:

  • VOMSTest
  • CredTest

These two classes are, respectively, a usage example of VOMSAdminImpl class and CredentialsManagerImpl.

VOMSAdminImpl

This class provides a subset of VOMS operations. We can manage VOMS users, groups and roles. Some operations are overloaded in order to simplify management of the users with a proxy certificate provided by gCube SimpleCA.

This utility can be instantiate in three different ways: by default VOMSAdminImpl will use host credentials contained in /etc/grid-security/hostpubliccert.pem and /etc/grid-security/hostprivatekey.pem.

Alternatively a user can specify his own credentials:

  • a user can specify CLIENT creds by indicating the triple (CLIENT_CERT, CLIENT_KEY, CLIENT_PWD) or
  • a user can specify CLIENT creds by indicating a CLIENT_PROXY, that's a proxy certificate of the pem cerficates.

If the user choose to instantiate a VOMSAdminImpl object specifying client credentials, this will overwrite the host certificate set by default.

Usage Examples

//construct a new VOMSAdminImpl using the default settings.
 
// Lists VO name
try { 
     VOMSAdminImpl vomsAdmin = new VOMSAdminImpl();
     System.out.println("VO: " + vomsAdmin.getVO());
} catch (Exception e) {
     e.printStackTrace();
}
 
// Lists VOMS groups
String[] groups = vomsAdmin.listGroups();
for (int i = 0; i < groups.length; i++) {
     System.out.println("\t" + groups[i]);
}
...

CredentialsManagerImpl

This class provides a method to retrieve user's credentials. It manages communication with MyProxyCA server to generate simple credentials for the username provided and some operations are overloaded in order to simplify management of the users with a proxy certificate provided by gCube SimpleCA.

Usage Examples

//Retrieves ExtendedGSSCredential from MyProxy server with VOMS Attributes (roles, groups) attached
	    System.out.print("Retrieve Credentials:");
	    ExtendedGSSCredential cred;
	    try {
		cred = manager.getCredentials(userName, pwd, groupName);
		if (cred != null) {
		    byte[] data = cred.export(ExtendedGSSCredential.IMPEXP_OPAQUE);
		    File file = new File(proxyFile);
		    file.createNewFile();
		    FileOutputStream out = new FileOutputStream(proxyFile, false);
		    out.write(data);
		    out.close();
		    System.out.println("Time needed to retrieve credentials " + (end - start) + " milliseconds.");
		    System.out.println();
 
		    System.out.println("Credentials for " + userName + " are correctly retrieved and stored in ");
		    System.out.println("\t" + proxyFile + ".");
		}
	    } catch (Exception e) {
		e.printStackTrace();
	    }
Retrieved from "https://wiki.gcube-system.org/index.php?title=VOMS-API&oldid=5916"