eu.xtreemos.xosd.vops
Class VOPS

java.lang.Object
  extended by eu.xtreemos.system.eventmachine.stage.AbstractStage
      extended by eu.xtreemos.system.eventmachine.stage.AbstractReceivingStage
          extended by eu.xtreemos.system.eventmachine.stage.Abstract2wayStage
              extended by eu.xtreemos.xosd.vops.VOPS
All Implemented Interfaces:
eu.xtreemos.system.eventmachine.queue.IEventHandler, eu.xtreemos.system.eventmachine.stage.IStage

public class VOPS
extends eu.xtreemos.system.eventmachine.stage.Abstract2wayStage

VO Policy Service: this class provides basic functions which provide capabilities to manipulate with policy rules, obtain information about policies and execution of queries over policies.

Author:
ales.cernivec@xlab.si

Field Summary
private  java.lang.String delim
           
private  boolean isGlobalVOPS
           
private  boolean isUpToDate
           
private  java.util.HashMap<eu.xtreemos.system.communication.net.CommunicationAddress,java.security.cert.X509Certificate> listOfRegisteredVOPS
           
private  java.util.ArrayList<java.security.cert.X509Certificate> listOfVoAdminCerts
           
(package private) static org.apache.log4j.Logger logger
           
(package private)  org.bouncycastle.openssl.PasswordFinder myPass
           
private  SimplePDP pdp
          Policy Decision Point
private  CVOPSConfig vopsConfig
           
 
Fields inherited from class eu.xtreemos.system.eventmachine.stage.Abstract2wayStage
context, counter, curContext, sink
 
Fields inherited from class eu.xtreemos.system.eventmachine.stage.AbstractReceivingStage
queue
 
Fields inherited from class eu.xtreemos.system.eventmachine.stage.AbstractStage
handlerChain, handlerGroup, handlerThreads, name, running
 
Constructor Summary
VOPS()
           
 
Method Summary
 java.lang.Object addRule(java.lang.String ruleXML, java.lang.String policyId)
          Adds rule which is passed as XML string to the policy identified by policyId.
 java.lang.Object addXACMLRule(java.lang.String ruleXACML, java.lang.String policyId)
          Adds rule which is passed as XML string in XACML format to the policy identified by policyId.
 java.lang.Object createPolicy(java.lang.String policyID, java.lang.String description)
          A new policy file is created in policy storage using static PolicyFactory class.
 java.lang.Object evaluateRequest(java.lang.String xacmlRequest)
           
 java.lang.Object generateRequest(java.lang.String jsdlQuery)
          Generates XACML request based on provided jsdlQuery
 Policy getFilteredPolicy(java.security.cert.X509Certificate cert)
          Deprecated.  
 java.lang.Object getFilteredResources()
          Return list of filtered addresses where execution is permitted.
 java.lang.String getHandledEventType()
           
 java.lang.Object getResultFromResMngProcess(eu.xtreemos.xosd.vops.ReturnMessage retMsg)
          Get answers from other nodes.
 java.lang.Object getResultsFromResMng(java.util.ArrayList<eu.xtreemos.system.communication.net.CommunicationAddress> list)
          Callback function: catches results from resource manager.
 void handleEvent(java.lang.Object event)
           
 void init()
          Initialization of Policy Decision Point
 java.lang.Object listFilteredPolicy(java.lang.String xacmlRequest)
           
 java.lang.Object listPolicies()
          Returns policyIds and for which resource this policy applies to.
 java.lang.Object listPoliciesHandler(java.util.ArrayList<java.lang.String> alPolicies)
          Catches global VOPS' reply of the policies and returns it to the client side.
 java.lang.Object listPolicy(java.lang.String policyId)
          Lists specific policy with policyId.
 java.lang.Object listVoAdmins()
          Lists a list of registered VO administrators.
 java.lang.Object policyEnforceRequestCertificateCatcher(java.util.Hashtable<eu.xtreemos.system.communication.net.CommunicationAddress,java.security.cert.X509Certificate> retFromService)
           
 java.lang.Object policyEnforceRequestCertificateCatcherFailure(java.lang.Exception err)
          Catches failures of CDAMng.getResourceCertificate call.
 java.lang.Object registerVoAdmin(java.security.cert.X509Certificate voAdminsCert)
          Adds certificate passed as an argument into a list of trusted certificates (VO admins list).
 java.lang.Object registerVOPSToGlobalVOPS(eu.xtreemos.system.communication.net.CommunicationAddress address, java.security.cert.X509Certificate certificate)
          This registers VOPS to global VOPS service where decisions are made.
 java.lang.Object registerXOSDToVOPS(eu.xtreemos.system.communication.net.CommunicationAddress address, java.security.cert.X509Certificate certificate)
          Deprecated. This method is no longer used!
 java.lang.Object reloadVOPS()
          Reloads all policies stored in policy storage.
 java.lang.Object removePolicy(java.lang.String policyId)
          Policy with policyId will be removed from policy storage.
 java.lang.Object removeRuleFromPolicy(java.lang.String ruleId, java.lang.String policyId)
          Removes rule from policy with specified policyId.
 java.lang.Object unregisterVoAdmin(java.lang.Integer index)
          Removes certificate with specified index from a list of trusted certificates.
 java.lang.Object verifyPolicyAEM(java.lang.Object xos_cert, eu.xtreemos.xosd.resmng.data.ResourceMatching resources, java.lang.String action)
           
 java.lang.Object verifyPolicyCertRes(java.lang.Object xos_cert, eu.xtreemos.xosd.resmng.data.ResourceMatching resources)
          Method queries PDP for verification of the
 java.lang.Object verifyPolicyCertResHandle(eu.xtreemos.xosd.resmng.data.ResourceMatching returnedResMatching)
          This callback gets filtered resources based on query which was submitted by verifyPolicyCertRes
 java.lang.Object writeBack()
          Writes back policies from policy storage in PolicyFactory on to local disk.
 
Methods inherited from class eu.xtreemos.system.eventmachine.stage.Abstract2wayStage
getContext, removeContext, SendException, SendReply, setSink
 
Methods inherited from class eu.xtreemos.system.eventmachine.stage.AbstractReceivingStage
dequeue, getSource
 
Methods inherited from class eu.xtreemos.system.eventmachine.stage.AbstractStage
addHandler, addHandler, getName, getShortName, getThreadCount, processEvent, removeHandler, setThreadCount, start, stop
 
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
 

Field Detail

delim

private java.lang.String delim

logger

static final org.apache.log4j.Logger logger

listOfVoAdminCerts

private java.util.ArrayList<java.security.cert.X509Certificate> listOfVoAdminCerts

isGlobalVOPS

private boolean isGlobalVOPS

listOfRegisteredVOPS

private java.util.HashMap<eu.xtreemos.system.communication.net.CommunicationAddress,java.security.cert.X509Certificate> listOfRegisteredVOPS

vopsConfig

private CVOPSConfig vopsConfig

isUpToDate

private boolean isUpToDate

pdp

private SimplePDP pdp
Policy Decision Point


myPass

org.bouncycastle.openssl.PasswordFinder myPass
Constructor Detail

VOPS

public VOPS()
Method Detail

registerVoAdmin

public java.lang.Object registerVoAdmin(java.security.cert.X509Certificate voAdminsCert)
Adds certificate passed as an argument into a list of trusted certificates (VO admins list).

Parameters:
voAdminsCert - certificate to add into a list of trusted certificates.
Returns:
true on success.

unregisterVoAdmin

public java.lang.Object unregisterVoAdmin(java.lang.Integer index)
Removes certificate with specified index from a list of trusted certificates.

Parameters:
voAdminsCert -
Returns:
true on success

listVoAdmins

public java.lang.Object listVoAdmins()
Lists a list of registered VO administrators.

Returns:
list in a instance of String.

verifyPolicyAEM

public java.lang.Object verifyPolicyAEM(java.lang.Object xos_cert,
                                        eu.xtreemos.xosd.resmng.data.ResourceMatching resources,
                                        java.lang.String action)

policyEnforceRequestCertificateCatcherFailure

public java.lang.Object policyEnforceRequestCertificateCatcherFailure(java.lang.Exception err)
Catches failures of CDAMng.getResourceCertificate call.

Parameters:
err -
Returns:

policyEnforceRequestCertificateCatcher

public java.lang.Object policyEnforceRequestCertificateCatcher(java.util.Hashtable<eu.xtreemos.system.communication.net.CommunicationAddress,java.security.cert.X509Certificate> retFromService)

verifyPolicyCertRes

public java.lang.Object verifyPolicyCertRes(java.lang.Object xos_cert,
                                            eu.xtreemos.xosd.resmng.data.ResourceMatching resources)
Method queries PDP for verification of the

Parameters:
xos_cert -
resources -
Returns:

verifyPolicyCertResHandle

public java.lang.Object verifyPolicyCertResHandle(eu.xtreemos.xosd.resmng.data.ResourceMatching returnedResMatching)
This callback gets filtered resources based on query which was submitted by verifyPolicyCertRes

Parameters:
returnedResMatching -
Returns:

createPolicy

public java.lang.Object createPolicy(java.lang.String policyID,
                                     java.lang.String description)
A new policy file is created in policy storage using static PolicyFactory class. Policy has policyID, description and resource as provided with parameters

Parameters:
policyID - Id of new policy created
description - of new policy
Returns:
String policy as String instance.

removePolicy

public java.lang.Object removePolicy(java.lang.String policyId)
Policy with policyId will be removed from policy storage.

Parameters:
policyId -
Returns:
true on success

listPolicies

public java.lang.Object listPolicies()
Returns policyIds and for which resource this policy applies to. For more info of policy, use command listPolicy ( policyId )

Returns:
ArrayList of policies as ArrayList of strings.

listPoliciesHandler

public java.lang.Object listPoliciesHandler(java.util.ArrayList<java.lang.String> alPolicies)
Catches global VOPS' reply of the policies and returns it to the client side.

Parameters:
alPolicies -
Returns:

listPolicy

public java.lang.Object listPolicy(java.lang.String policyId)
Lists specific policy with policyId. Returns policy as String object.

Parameters:
policyId -
Returns:
Policy in string

addRule

public java.lang.Object addRule(java.lang.String ruleXML,
                                java.lang.String policyId)
Adds rule which is passed as XML string to the policy identified by policyId. Returns rule as String object.

Parameters:
ruleXML - description of the rule
policyId - defines destination policy
Returns:

addXACMLRule

public java.lang.Object addXACMLRule(java.lang.String ruleXACML,
                                     java.lang.String policyId)
                              throws java.lang.Exception
Adds rule which is passed as XML string in XACML format to the policy identified by policyId. Returns rule created as String object.

Parameters:
ruleXACML - XACML string presenting rule to be added to policy
policyId - defines destination policy (to which policy this rule will be added)
Returns:
Throws:
java.lang.Exception

listFilteredPolicy

public java.lang.Object listFilteredPolicy(java.lang.String xacmlRequest)

evaluateRequest

public java.lang.Object evaluateRequest(java.lang.String xacmlRequest)

removeRuleFromPolicy

public java.lang.Object removeRuleFromPolicy(java.lang.String ruleId,
                                             java.lang.String policyId)
Removes rule from policy with specified policyId.

Parameters:
ruleId - Rule which will be removed from policy.
policyId - policy from which this rule is removed.
Returns:

writeBack

public java.lang.Object writeBack()
Writes back policies from policy storage in PolicyFactory on to local disk.

Returns:
true on success.

reloadVOPS

public java.lang.Object reloadVOPS()
Reloads all policies stored in policy storage.

Returns:

generateRequest

public java.lang.Object generateRequest(java.lang.String jsdlQuery)
Generates XACML request based on provided jsdlQuery

Parameters:
jsdlQuery -

getResultsFromResMng

public java.lang.Object getResultsFromResMng(java.util.ArrayList<eu.xtreemos.system.communication.net.CommunicationAddress> list)
Callback function: catches results from resource manager.

Parameters:
list -
Returns:

getResultFromResMngProcess

public java.lang.Object getResultFromResMngProcess(eu.xtreemos.xosd.vops.ReturnMessage retMsg)
Get answers from other nodes. Store answer into current context as pairs (address,isPermitted).

Parameters:
retMsg -
Returns:

getFilteredResources

public java.lang.Object getFilteredResources()
Return list of filtered addresses where execution is permitted.

Returns:
list of addressses

registerXOSDToVOPS

public java.lang.Object registerXOSDToVOPS(eu.xtreemos.system.communication.net.CommunicationAddress address,
                                           java.security.cert.X509Certificate certificate)
Deprecated. This method is no longer used!

This method is used to register resource node to VOPS. Certificate has to be provided. Certificate has essential information of organization and organizational unit. When checking whether resource is suitable (enforces policy decision) this resource certificates are used as source of information.

Parameters:
address - source address
certificate - which is used as resource info
Returns:

getFilteredPolicy

public Policy getFilteredPolicy(java.security.cert.X509Certificate cert)
Deprecated. 

Returns Policy comprising PolicyRules that correspond to provided certificate. Certificate is used to create request context (subject part is filled in with certificate data).

Parameters:
cert - Certificate used to construct request.
Returns:
filtered policy

registerVOPSToGlobalVOPS

public java.lang.Object registerVOPSToGlobalVOPS(eu.xtreemos.system.communication.net.CommunicationAddress address,
                                                 java.security.cert.X509Certificate certificate)
This registers VOPS to global VOPS service where decisions are made.

Parameters:
address - VOPS address to register
certificate - of the VOPS
Returns:

init

public void init()
Initialization of Policy Decision Point

Specified by:
init in interface eu.xtreemos.system.eventmachine.stage.IStage
Overrides:
init in class eu.xtreemos.system.eventmachine.stage.AbstractStage

getHandledEventType

public java.lang.String getHandledEventType()
Specified by:
getHandledEventType in class eu.xtreemos.system.eventmachine.stage.AbstractReceivingStage

handleEvent

public void handleEvent(java.lang.Object event)
                 throws java.lang.Exception
Specified by:
handleEvent in interface eu.xtreemos.system.eventmachine.queue.IEventHandler
Specified by:
handleEvent in class eu.xtreemos.system.eventmachine.stage.AbstractReceivingStage
Throws:
java.lang.Exception