Changeset 2455

Timestamp:

09/17/08 13:07:31 (4 months ago)

Author:

dbuss

Message:

#642 added remote provision/deprovision

Location:

trunk/otis

Files:

• config/otis-config.server.xml (modified) (1 diff)
• src/org/bandit/otis/impl/RemoteAuthSession.java (modified) (2 diffs)
• src/org/bandit/otis/server/RoleHandler.java (modified) (3 diffs)

trunk/otis/config/otis-config.server.xml

@@ -71 +71 @@
                                         <Setting Name="Noun5" Type="xsd:string">AuthenticatedSession/*/AssumableRoles</Setting>
                                         <Setting Name="Noun6" Type="xsd:string">AssumableRoles</Setting>
+                                        <Setting Name="Noun7" Type="xsd:string">AuthenticatedSession/*/ProvisionRole/*/*</Setting>
+                                        <Setting Name="Noun8" Type="xsd:string">ProvisionRole/*</Setting>
+                                        <Setting Name="Noun9" Type="xsd:string">AuthenticatedSession/*/DeprovisionRole/*/*</Setting>
+                                        <Setting Name="Noun10" Type="xsd:string">DeprovisionRole/*</Setting>
                                 </Setting>
                                 <Setting Name="GET_TemplateFile" Type="xsd:string">GET_RoleResponse.xml</Setting>

trunk/otis/src/org/bandit/otis/impl/RemoteAuthSession.java

@@ -715 +715 @@
                         
                         String []                       nouns = {noun, entityId, roleId};
-                        IEndPointResponse       response = m_endPoint.send( Constants.RESOURCE_READ, this.getSessionSecret(), this.getSessionURL(), nouns, null);
+                        IEndPointResponse       response = m_endPoint.send( Constants.RESOURCE_UPDATE, this.getSessionSecret(), this.getSessionURL(), nouns, null);
                         
                         if (response.getStatus() != HttpServletResponse.SC_OK)
@@ -723 +723 @@
                         
                         // Parse the Obligation
-                        
                         Document        responseDoc = response.getResponseBodyDoc();
                         if (responseDoc != null)

trunk/otis/src/org/bandit/otis/server/RoleHandler.java

@@ -19 +19 @@
 import java.util.Iterator;
 
+import org.bandit.otis.api.IObligation;
 import org.bandit.otis.api.IRole;
 import org.bandit.otis.impl.LocalAuthSession;
@@ -74 +75 @@
         {
                 OtisServlet.throwException( m_log, errMsg, e, iHttpResponseCode, responseMap);
+        }
+        
+        private void provisionRole(
+                LocalAuthSession        localAuthSession,
+                String                          strSessionID,
+                String                          strEntityID,
+                String                          strRoleID,
+                Map                                     responseMap) throws OtisException
+        {
+                try
+                {
+                        IObligation ob = localAuthSession.provisionEntityInRole(strEntityID, strRoleID);
+                }
+                catch (AuthSessionException e)
+                {
+                        throwException( new OtisErrMsg( "RoleHandler(PUT): Exception " + e.getClass().getName() + " calling activateRole",
+                                OtisErrMsg.OPTIONAL_STR( "('" + strRoleID + "')"),
+                                " for session",
+                                OtisErrMsg.OPTIONAL_STR( " '" + strSessionID + "': " + e.getMessage())),
+                                e, HttpServletResponse.SC_INTERNAL_SERVER_ERROR, responseMap);
+                }
+        }
+        private void deprovisionRole(
+                LocalAuthSession        localAuthSession,
+                String                          strSessionID,
+                String                          strEntityID,
+                String                          strRoleID,
+                Map                                     responseMap) throws OtisException
+        {
+                try
+                {
+                        IObligation ob = localAuthSession.deProvisionEntityInRole(strEntityID, strRoleID);
+                }
+                catch (AuthSessionException e)
+                {
+                        throwException( new OtisErrMsg( "RoleHandler(PUT): Exception " + e.getClass().getName() + " calling activateRole",
+                                OtisErrMsg.OPTIONAL_STR( "('" + strRoleID + "')"),
+                                " for session",
+                                OtisErrMsg.OPTIONAL_STR( " '" + strSessionID + "': " + e.getMessage())),
+                                e, HttpServletResponse.SC_INTERNAL_SERVER_ERROR, responseMap);
+                }
         }
         
@@ -540 +582 @@
                                         }
                                         strRoleType = (String)nounList.get( iMainNounPos);
-                                        if (!strRoleType.equals( Constants.NOUN_ACTIVE_ROLES))
+                                        if ( strRoleType.equals( Constants.NOUN_ACTIVE_ROLES))
+                                        {
+                                                if (nounList.size() > iMainNounPos + 1)
+                                                {
+                                                        throwException( new OtisErrMsg( "RoleHandler(PUT): Cannot PUT on noun specified in URL",
+                                                                OtisErrMsg.OPTIONAL_STR( " '" + request.getRequestURL().toString() + "'")),
+                                                                null, HttpServletResponse.SC_METHOD_NOT_ALLOWED, responseMap);
+                                                }
+                                                activateRole( localAuthSession, strSessionID, requestDoc, responseMap);                                 
+                                        }
+                                        else if ( strRoleType.equals( Constants.NOUN_DEPROVISION_ROLE))
+                                        {
+                                                if (nounList.size() < iMainNounPos + 3)
+                                                {
+                                                        throwException( new OtisErrMsg( "RoleHandler(PUT): No role subnoun specified after the session ID in URL",
+                                                                OtisErrMsg.OPTIONAL_STR( " '" + request.getRequestURL().toString() + "'")),
+                                                                null, HttpServletResponse.SC_NOT_FOUND, responseMap);
+                                                }
+                                                String entityId = (String)nounList.get( iMainNounPos+1);
+                                                String roleId = (String)nounList.get( iMainNounPos+2);
+                                                deprovisionRole(localAuthSession, strSessionID, entityId, roleId, responseMap);
+                                        }
+                                        else if ( strRoleType.equals( Constants.NOUN_PROVISION_ROLE))
+                                        {
+                                                if (nounList.size() < iMainNounPos + 3)
+                                                {
+                                                        throwException( new OtisErrMsg( "RoleHandler(PUT): No role subnoun specified after the session ID in URL",
+                                                                OtisErrMsg.OPTIONAL_STR( " '" + request.getRequestURL().toString() + "'")),
+                                                                null, HttpServletResponse.SC_NOT_FOUND, responseMap);
+                                                }
+                                                String entityId = (String)nounList.get( iMainNounPos+1);
+                                                String roleId = (String)nounList.get( iMainNounPos+2);
+                                                provisionRole(localAuthSession, strSessionID, entityId, roleId, responseMap);
+                                        }
+                                        else
                                         {
                                                 throwException( new OtisErrMsg( "RoleHandler(PUT): Can only PUT on subnoun '" + Constants.NOUN_ACTIVE_ROLES + "' after the session ID in URL",
                                                         OtisErrMsg.OPTIONAL_STR( " '" + request.getRequestURL().toString() + "'")),
-                                                        null, HttpServletResponse.SC_METHOD_NOT_ALLOWED, responseMap);
-                                        }
-                                        if (nounList.size() > iMainNounPos + 1)
-                                        {
-                                                throwException( new OtisErrMsg( "RoleHandler(PUT): Cannot PUT on noun specified in URL",
-                                                        OtisErrMsg.OPTIONAL_STR( " '" + request.getRequestURL().toString() + "'")),
-                                                        null, HttpServletResponse.SC_METHOD_NOT_ALLOWED, responseMap);
-                                        }
-                                        activateRole( localAuthSession, strSessionID, requestDoc, responseMap);
+                                                        null, HttpServletResponse.SC_METHOD_NOT_ALLOWED, responseMap);  
+                                        }
+
                                         strTemplateFile = null;
                                         break;