gCubeSystem
/
aslcore
16
1
Fork 0
Code Issues Pull Requests Releases Wiki Activity
aslcore/src/main/java/org/gcube/application/framework/core/cache/factories/ApplicationCredentials.java

114 lines
4.1 KiB
Java
Raw Blame History

package org.gcube.application.framework.core.cache.factories;
import java.util.HashMap;
import org.gcube.application.framework.core.security.PortalSecurityManager;
import org.gcube.application.framework.core.security.VOMSAdminManager;
import org.gcube.application.framework.core.util.UserCredential;
import org.gcube.common.core.scope.GCUBEScope;
import org.gcube.common.core.security.utils.VOMSAttributesReader;
import org.gcube.common.core.utils.logging.GCUBELog;
import org.gcube.vomanagement.vomsapi.VOMSAdmin;
import org.gcube.vomanagement.vomsapi.impl.VOMSAPIFactory;
import org.glite.wsdl.services.org_glite_security_voms.User;
import org.gridforum.jgss.ExtendedGSSCredential;
/**
* This class is used for retrieving and updating the portal credential that is needed by the caches in order to retrieve information form gCube services
* @author Valia Tsagkalidou (NKUA)
*
*/
public class ApplicationCredentials {
private static ApplicationCredentials applCredentials = new ApplicationCredentials();
private HashMap<String, ExtendedGSSCredential> creds;
protected static String userDN = "/O=Grid/OU=GlobusTest/OU=simpleCA-gauss.eng.it/OU=eng.it/CN=";
protected static String userCA = "/O=Grid/OU=GlobusTest/OU=simpleCA-gauss.eng.it/CN=Globus Simple CA";
/** Object logger. */
protected final GCUBELog logger = new GCUBELog(this);
/**
* The basic constructor
*/
protected ApplicationCredentials()
{
creds = new HashMap<String, ExtendedGSSCredential>();
}
/**
* @return the sigleton of ApplicationCredentials
*/
public static ApplicationCredentials getInstance()
{
return applCredentials;
}
/**
* @param VREname the of the VRE for which you want to get the "portal" credential
* @return the grid credential
*/
public ExtendedGSSCredential getCredential(String VREname)
{
PortalSecurityManager secMan = new PortalSecurityManager(GCUBEScope.getScope(VREname));
if(!secMan.isSecurityEnabled())
return null;
ExtendedGSSCredential cred = creds.get(VREname);
if(cred == null)
{
// If the credential is not available, it retrieves it from myProxy
cred = UserCredential.getCredential("application", VREname);
if(cred == null)
{
//user "application" does not exist on this VRE, so we add him and try to get credential again
VOMSAdmin vomsA;
VOMSAPIFactory factory;
try {
factory = VOMSAdminManager.getVOMSFactory();
vomsA = factory.getVOMSAdmin();
// String[] roles = vomsA.listRoles();
// vomsA.createUser("application", userDN+"application", userCA, "application@gcube.org");
// vomsA.addMember(VREname, userDN+"application", userCA);
// vomsA.assignRole(VREname, roles[0], userDN+"application", userCA);
// vomsA = new VOMSAdminImpl();
String[] roles = vomsA.listRoles();
User myUser = new User();
myUser.setCN("application");
myUser.setDN(userDN+"application");
myUser.setCA(userCA);
myUser.setMail("application@gcube.org");
//vomsA.getExtendedPortType().createUser("application", userDN+"application", userCA, "application@gcube.org");
vomsA.createUser(myUser);
//vomsA.getExtendedPortType().addOnlineCAMember(VREname, userDN+"application");
//vomsA.getExtendedPortType().assignOnlineCARole(VREname, roles[0], userDN+"application");
vomsA.addMember(VREname, userDN + "application", userCA);
vomsA.assignRole(VREname, roles[0], userDN + "application", userCA);
}
catch (Exception e) {
vomsA = null;
logger.error("", e);
}
cred = UserCredential.getCredential("application", VREname);
}
creds.put(VREname, cred);
}
else
{
// credential already available
VOMSAttributesReader vomsReader = null;
try {
vomsReader = new VOMSAttributesReader(cred);
//Check if it's gonna expire in the next minute, and refresh it
if(vomsReader.getRefreshPeriod() < 60000)
{
cred = UserCredential.getCredential("application", VREname);
creds.put(VREname, cred);
}
} catch (Exception e1) {
logger.error("", e1);
}
}
return cred;
}
}
Reference in New Issue View Git Blame Copy Permalink