Package org.oa4mp.myproxy.servlet

Class MyProxyServlet

  • All Implemented Interfaces:
    edu.uiuc.ncsa.security.core.Logable, Serializable, javax.servlet.Servlet, javax.servlet.ServletConfig, TransactionFilter
    Direct Known Subclasses:
    ACS2, AuthorizedServlet
    public abstract class MyProxyServlet
extends org.oa4mp.server.api.storage.servlet.OA4MPServlet
    This is the super class of the servlet that is supposed to retrieve a cert. This happens at different times in different protocols. This will retrieve the cert and assumes that there is an MyProxyConnectable that has been found and is cached. This will close the connection at the end of the request. If the client should get a limited proxy, that will be done here as well.
    Finally, if the DN from the cert is to be returned as the username in the final call to the service, that will be set here.

    Created by Jeff Gaynor
    on 2/6/14 at 11:30 AM

    See Also:
    Serialized Form

    • Field Summary

      Fields 
      Modifier and Type Field Description
      static edu.uiuc.ncsa.security.core.cache.Cache myproxyConnectionCache  
      static edu.uiuc.ncsa.security.core.cache.Cleanup<edu.uiuc.ncsa.security.core.Identifier,​edu.uiuc.ncsa.security.core.cache.CachedObject> myproxyConnectionCleanup  

      • Fields inherited from class org.oa4mp.server.api.storage.servlet.OA4MPServlet

        caThread, kpt, lastAccessedThread, transactionCleanup

      • Fields inherited from class org.oa4mp.server.api.storage.servlet.EnvServlet

        ERROR_NOTIFICATION_BODY_KEY, ERROR_NOTIFICATION_SUBJECT_KEY, notificationListeners, storeUpdatesDone

      • Fields inherited from class edu.uiuc.ncsa.security.servlet.AbstractServlet

        environment, initialization, IP_HEADERS, PING_PARAMETER

    • Constructor Summary

      Constructors 
      Constructor Description
      MyProxyServlet()  

    • Method Summary

      All Methods Static Methods Instance Methods Abstract Methods Concrete Methods 
      Modifier and Type Method Description
      protected edu.uiuc.ncsa.myproxy.MyProxyConnectable createMPConnection​(edu.uiuc.ncsa.security.core.Identifier identifier, String userName, String password, long lifetime)
      Returns a working MyProxy connection or it fails.
      protected edu.uiuc.ncsa.myproxy.MyProxyConnectable createMPConnection​(edu.uiuc.ncsa.security.core.Identifier identifier, String userName, String password, long lifetime, String loa)  
      void destroy()  
      protected void doCertRequest​(ServiceTransaction trans, String statusString)  
      protected abstract void doRealCertRequest​(ServiceTransaction trans, String statusString)
      Indirection call.
      protected abstract AccessToken getAccessToken​(javax.servlet.http.HttpServletRequest request)
      There are various requirements for transmitting the access token, so specific methods have to be used.
      protected edu.uiuc.ncsa.myproxy.MyProxyConnectable getMPConnection​(edu.uiuc.ncsa.security.core.Identifier identifier)  
      protected edu.uiuc.ncsa.myproxy.MyProxyConnectable getMPConnection​(ServiceTransaction transaction)  
      static edu.uiuc.ncsa.security.core.cache.Cache getMyproxyConnectionCache()  
      protected LinkedList<X509Certificate> getX509Certificates​(ServiceTransaction transaction, edu.uiuc.ncsa.security.util.crypto.MyPKCS10CertRequest localCertRequest, String statusString)
      Loops through the facade looking for the active connection and calls it.
      protected boolean hasMPConnection​(edu.uiuc.ncsa.security.core.Identifier identifier)  
      protected boolean hasMPConnection​(ServiceTransaction transaction)  

      • Methods inherited from class org.oa4mp.server.api.storage.servlet.OA4MPServlet

        checkAdminClientStatus, checkClientApproval, createDebugger, getAGI, getATI, getClient, getClient, getClient, getFirstParameters, getFirstParameterValue, getGrantIDFromRequest, getServiceEnvironment, getTransaction, getTransactionByGrantID, getTransactionStore, isEmpty, loadProperties2, newTransaction, postprocess, preprocess, realStoreUpdates, say, shutdownCleanup, storeUpdates, verifyAndGet

      • Methods inherited from class org.oa4mp.server.api.storage.servlet.EnvServlet

        addNotificationListener, loadEnvironment, processStoreCheck, removeNotificationListener

      • Methods inherited from class edu.uiuc.ncsa.security.servlet.AbstractServlet

        checkContentType, CONST, debug, doGet, doIt, doPing, doPost, error, error, getConfigurationLoader, getEnvironment, getExceptionHandler, getInitialization, getMyLogger, getRequestIPAddress, handleException, info, init, isDebugOn, logOK, logOK, printAllParameters, printAllParameters, resetState, setConfigurationLoader, setDebugOn, setEnvironment, setExceptionHandler, setInitialization, warn

      • Methods inherited from class javax.servlet.http.HttpServlet

        doDelete, doHead, doOptions, doPut, doTrace, getLastModified, service, service

      • Methods inherited from class javax.servlet.GenericServlet

        getInitParameter, getInitParameterNames, getServletConfig, getServletContext, getServletInfo, getServletName, init, log, log

    • Field Detail

      • myproxyConnectionCache

        public static edu.uiuc.ncsa.security.core.cache.Cache myproxyConnectionCache

      • myproxyConnectionCleanup

        public static edu.uiuc.ncsa.security.core.cache.Cleanup<edu.uiuc.ncsa.security.core.Identifier,​edu.uiuc.ncsa.security.core.cache.CachedObject> myproxyConnectionCleanup

    • Constructor Detail

      • MyProxyServlet

        public MyProxyServlet()

    • Method Detail

      • doRealCertRequest

        protected abstract void doRealCertRequest​(ServiceTransaction trans,
                                          String statusString)
                                   throws Throwable
        Indirection call. If your extension to this class needs to do any prep work before calling doCertRequest(ServiceTransaction, String) put it here. And this should contain the actual call to that method. This is called in the authorization leg and the getCert call. You should point this at the doCertRequest(ServiceTransaction, String) method here which does all the dirty work of tracking down the connection and getting the cert. So, depending on your protocol you will have only one of two places where this is fully implemented.
        Throws:
        Throwable

      • getAccessToken

        protected abstract AccessToken getAccessToken​(javax.servlet.http.HttpServletRequest request)
        There are various requirements for transmitting the access token, so specific methods have to be used.
        Parameters:
        request -
        Returns:

      • getMyproxyConnectionCache

        public static edu.uiuc.ncsa.security.core.cache.Cache getMyproxyConnectionCache()

      • hasMPConnection

        protected boolean hasMPConnection​(edu.uiuc.ncsa.security.core.Identifier identifier)

      • getMPConnection

        protected edu.uiuc.ncsa.myproxy.MyProxyConnectable getMPConnection​(ServiceTransaction transaction)

      • getMPConnection

        protected edu.uiuc.ncsa.myproxy.MyProxyConnectable getMPConnection​(edu.uiuc.ncsa.security.core.Identifier identifier)

      • getX509Certificates

        protected LinkedList<X509Certificate> getX509Certificates​(ServiceTransaction transaction,
                                                          edu.uiuc.ncsa.security.util.crypto.MyPKCS10CertRequest localCertRequest,
                                                          String statusString)
        Loops through the facade looking for the active connection and calls it.
        Parameters:
        transaction -
        localCertRequest -
        statusString -
        Returns:

      • createMPConnection

        protected edu.uiuc.ncsa.myproxy.MyProxyConnectable createMPConnection​(edu.uiuc.ncsa.security.core.Identifier identifier,
                                                                      String userName,
                                                                      String password,
                                                                      long lifetime)
                                                               throws GeneralSecurityException
        Returns a working MyProxy connection or it fails.
        Parameters:
        identifier -
        userName -
        password -
        Returns:
        Throws:
        GeneralSecurityException

      • destroy

        public void destroy()
        Specified by:
        destroy in interface javax.servlet.Servlet
        Overrides:
        destroy in class org.oa4mp.server.api.storage.servlet.OA4MPServlet