102 lines
3.6 KiB
Java
102 lines
3.6 KiB
Java
package org.gcube.application.framework.core.cache.factories;
|
|
|
|
import java.util.HashMap;
|
|
|
|
import org.gcube.application.framework.core.security.PortalSecurityManager;
|
|
import org.gcube.application.framework.core.security.VOMSAdminManager;
|
|
import org.gcube.application.framework.core.util.UserCredential;
|
|
import org.gcube.common.core.scope.GCUBEScope;
|
|
import org.gcube.common.core.security.utils.VOMSAttributesReader;
|
|
import org.gcube.common.core.utils.logging.GCUBELog;
|
|
import org.gcube.vomanagement.vomsAdmin.impl.VOMSAdminImpl;
|
|
import org.gridforum.jgss.ExtendedGSSCredential;
|
|
|
|
/**
|
|
* This class is used for retrieving and updating the portal credential that is needed by the caches in order to retrieve information form gCube services
|
|
* @author Valia Tsagkalidou (NKUA)
|
|
*
|
|
*/
|
|
public class ApplicationCredentials {
|
|
private static ApplicationCredentials applCredentials = new ApplicationCredentials();
|
|
private HashMap<String, ExtendedGSSCredential> creds;
|
|
protected static String userDN = "/O=Grid/OU=GlobusTest/OU=simpleCA-gauss.eng.it/OU=eng.it/CN=";
|
|
protected static String userCA = "/O=Grid/OU=GlobusTest/OU=simpleCA-gauss.eng.it/CN=Globus Simple CA";
|
|
|
|
|
|
/** Object logger. */
|
|
protected final GCUBELog logger = new GCUBELog(this);
|
|
|
|
/**
|
|
* The basic constructor
|
|
*/
|
|
protected ApplicationCredentials()
|
|
{
|
|
creds = new HashMap<String, ExtendedGSSCredential>();
|
|
}
|
|
|
|
/**
|
|
* @return the sigleton of ApplicationCredentials
|
|
*/
|
|
public static ApplicationCredentials getInstance()
|
|
{
|
|
return applCredentials;
|
|
}
|
|
|
|
/**
|
|
* @param VREname the of the VRE for which you want to get the "portal" credential
|
|
* @return the grid credential
|
|
*/
|
|
public ExtendedGSSCredential getCredential(String VREname)
|
|
{
|
|
PortalSecurityManager secMan = new PortalSecurityManager(GCUBEScope.getScope(VREname));
|
|
if(!secMan.isSecurityEnabled())
|
|
return null;
|
|
ExtendedGSSCredential cred = creds.get(VREname);
|
|
if(cred == null)
|
|
{
|
|
// If the creedential is not available, it retrieves it from myProxy
|
|
cred = UserCredential.getCredential("application", VREname);
|
|
if(cred == null)
|
|
{
|
|
//user "application" does not exist on this VRE, so we add him and try to get credential again
|
|
VOMSAdminImpl vomsA;
|
|
try {
|
|
// vomsA = VOMSAdminManager.getVOMSAdmin();
|
|
// String[] roles = vomsA.listRoles();
|
|
// vomsA.createUser("application", userDN+"application", userCA, "application@gcube.org");
|
|
// vomsA.addMember(VREname, userDN+"application", userCA);
|
|
// vomsA.assignRole(VREname, roles[0], userDN+"application", userCA);
|
|
vomsA = new VOMSAdminImpl();
|
|
String[] roles = vomsA.getPortType().listRoles();
|
|
vomsA.getExtendedPortType().createUser("application", userDN+"application", userCA, "application@gcube.org");
|
|
vomsA.getExtendedPortType().addOnlineCAMember(VREname, userDN+"application");
|
|
vomsA.getExtendedPortType().assignOnlineCARole(VREname, roles[0], userDN+"application");
|
|
}
|
|
catch (Exception e) {
|
|
vomsA = null;
|
|
logger.error("", e);
|
|
}
|
|
cred = UserCredential.getCredential("application", VREname);
|
|
}
|
|
creds.put(VREname, cred);
|
|
}
|
|
else
|
|
{
|
|
// credential already available
|
|
VOMSAttributesReader vomsReader = null;
|
|
try {
|
|
vomsReader = new VOMSAttributesReader(cred);
|
|
//Check if it's gonna expire in the next minute, and refresh it
|
|
if(vomsReader.getRefreshPeriod() < 60000)
|
|
{
|
|
cred = UserCredential.getCredential("application", VREname);
|
|
creds.put(VREname, cred);
|
|
}
|
|
} catch (Exception e1) {
|
|
logger.error("", e1);
|
|
}
|
|
}
|
|
return cred;
|
|
}
|
|
}
|