Difference between revisions of "DIS-HLS-Client"
(→VO selection and DL context filtering) |
|||
(19 intermediate revisions by 5 users not shown) | |||
Line 1: | Line 1: | ||
+ | [[Category:TO BE REMOVED]] | ||
+ | |||
=== Introduction === | === Introduction === | ||
− | The | + | The IS-Client is a Java library that allows to query the IS in order to retrieve any information handled there. |
− | + | ||
− | + | ||
− | + | ||
− | + | ||
− | + | === Implementation Overview === | |
− | The | + | The IS-Client implements a set of query to retrieve the GCube Resources. |
+ | The implemented queries are separated in two category: Profile and WS-ResourceProperties. | ||
+ | Query on profiles returns a | ||
− | * ''' | + | * '''GCUBECollectionQuery''' |
*''' CSInstanceManager ''' | *''' CSInstanceManager ''' | ||
* '''CSManager ''' | * '''CSManager ''' | ||
Line 28: | Line 28: | ||
The Source Javadoc documentation can be found here | The Source Javadoc documentation can be found here | ||
[[http://dlib-services.isti.cnr.it/DILIGENT/software/DIS-docs/dis-hlsclient/beta/doc/]] | [[http://dlib-services.isti.cnr.it/DILIGENT/software/DIS-docs/dis-hlsclient/beta/doc/]] | ||
− | |||
=== VO selection and DL context filtering === | === VO selection and DL context filtering === | ||
− | All DISHLSClient Query Managers has to be created a parameter instance of org.gridforum.jgss.ExtendedGSSCredential and a parameter instance of org.apache.axis.message.addressing.EndpointReferenceType. At Query Manager creation time, the ExtendedGSSCredential object is checked and using | + | All DISHLSClient Query Managers has to be created a parameter instance of org.gridforum.jgss.ExtendedGSSCredential and a parameter instance of org.apache.axis.message.addressing.EndpointReferenceType. At Query Manager creation time, the ExtendedGSSCredential object is checked and using Authentication API the current VO and DL are extracted: |
* the VO is used to select the right VOMap to use (that contains the addresses of the DIS-IC instances to contact) | * the VO is used to select the right VOMap to use (that contains the addresses of the DIS-IC instances to contact) | ||
Line 42: | Line 41: | ||
These page show how to provide credentials to your service. [[How_To_Configure_Service_Security#Provide_your_service_with_credentials|Provide_your_service_with_credentials]] | These page show how to provide credentials to your service. [[How_To_Configure_Service_Security#Provide_your_service_with_credentials|Provide_your_service_with_credentials]] | ||
− | In case of Credentials that contains roles related to a DL, a filter over the DILIGENT Resources and WS-Properties | + | In case of Credentials that contains roles related to a DL, a filter over the DILIGENT Resources and WS-Resource Properties queries is applied. This means checks if the DL the service is acting is contained inside the AuthorizationPolicies element of a Profile or a DLs WS-Resource-Properties ( added by the DILIGENTProvider) of a WS-Resource. |
+ | The Filter over DL context is not applied queryng for a Service Profile ( that is not related to a particular DL). | ||
+ | |||
+ | An xQuery parsers has also been implemented to set automatically filters to Custom xQuery ( Queries created by developers | ||
+ | |||
+ | === Dependencies === | ||
+ | |||
+ | These are the dependencies of the Library : | ||
+ | |||
+ | * DVOS Authentication API | ||
+ | * DVOS Common | ||
+ | * WS-core 4.0.4 | ||
+ | * DIS-IC Stubs | ||
+ | * DIS-Broker Stubs | ||
+ | * DIS util library | ||
+ | * NAL library | ||
=== Usage Examples === | === Usage Examples === | ||
− | In order to test DIS-HLS-Client without credentials and EPR, it'possible to create a manager with null parameters. By default the | + | In order to test DIS-HLS-Client without credentials and EPR, it'possible to create a manager with null parameters. By default, the queries will be sent to the diligent VO (i.e. to the DIS-IC instance deployed with its scope) without any DL restriction. |
Line 69: | Line 83: | ||
String test= null; | String test= null; | ||
try { | try { | ||
− | riManager.getEPRsRIFromClassAndName("InformationSystem", "DIS-Registry", "dililigentproject/informationservice/disregistry/DISRegistryFactoryService", null,null); | + | riManager.getEPRsRIFromClassAndName("InformationSystem", "DIS-Registry", |
+ | "dililigentproject/informationservice/disregistry/DISRegistryFactoryService", null,null); | ||
test= pMan.getAllPublishedEntries(cred, null); | test= pMan.getAllPublishedEntries(cred, null); | ||
} catch (DISHLSClientException e) { | } catch (DISHLSClientException e) { | ||
Line 79: | Line 94: | ||
</pre> | </pre> | ||
+ | |||
+ | It's possible (like the Alpha version of the component) to prepare and execute a custom xQuery. | ||
+ | |||
+ | <pre> | ||
+ | import org.apache.axis.MessageContext; | ||
+ | import org.diligentproject.informationservice.dishlsclient.impl.DISHLSClient; | ||
+ | import org.diligentproject.informationservice.dishlsclient.impl.DISHLSClientException; | ||
+ | import org.diligentproject.informationservice.dishlsclient.impl.DISHLSCredentialException; | ||
+ | import org.diligentproject.informationservice.dishlsclient.impl.GeneralQueryManager; | ||
+ | |||
+ | |||
+ | import org.diligentproject.dvos.authentication.util.*; | ||
+ | import org.diligentproject.dvos.delegation.api.MultipleCredentialsListener; | ||
+ | import org.diligentproject.dvos.exception.DVOSException; | ||
+ | import org.gridforum.jgss.ExtendedGSSCredential; | ||
+ | |||
+ | import org.globus.gsi.jaas.JaasSubject; | ||
+ | |||
+ | ......... | ||
+ | |||
+ | private MultipleCredentialsListener credentialsListener; | ||
+ | .......... | ||
+ | |||
+ | this.credentialsListener = new MultipleCredentialsListener(); | ||
+ | |||
+ | DelegationLocalInterface.registerCredentialsListener(this.credentialsListener); | ||
+ | |||
+ | String customXquery = "declare namespace = dis=\'http://diligentproject.org/namespaces/informationservice/disregistry/DISRegistryService'; "+ | ||
+ | " for $resource in collection('/db/Profiles/RunningInstance')//Document/Data/dis:Profile/DILIGENTResource "+ | ||
+ | " where $resource/UniqueID/string() eq '*UNIQUEID*'"+ | ||
+ | " let $accessPoint := $resource/Profile/AccessPoint" + | ||
+ | "return <RESULT>{$uniqueID}{$serviceName}{$serviceClass}{$dhnid}{$accessPoint}</RESULT>"; | ||
+ | |||
+ | customXquery= customXquery.replace("*UNIQUEID*", "4242424234-4-23432"); | ||
+ | |||
+ | //get DL from the caller | ||
+ | VOMSAttributesReader reader = null; | ||
+ | try { | ||
+ | reader = new VOMSAttributesReader(JaasSubject.getCurrentSubject(),MessageContext.getCurrentContext()); | ||
+ | } catch (DVOSException e) { | ||
+ | e.printStackTrace(); | ||
+ | } catch (IOException e) { | ||
+ | e.printStackTrace(); | ||
+ | } | ||
+ | |||
+ | String dlName = reader.getAbsoluteDLName(); | ||
+ | |||
+ | |||
+ | ExtendedGSSCredential creds = credentialsListener.getCredentials(dlName); | ||
+ | |||
+ | GeneralQueryManager manager = null; | ||
+ | try { | ||
+ | manager = DISHLSClient.getGeneralQueryManager(creds, null); | ||
+ | } catch (DISHLSClientException e) { | ||
+ | e.printStackTrace(); | ||
+ | } | ||
+ | String result= ""; | ||
+ | try { | ||
+ | result = manager.queryDISIC(customXquery, creds, null); | ||
+ | } catch (DISHLSClientException e) { | ||
+ | e.printStackTrace(); | ||
+ | } catch (DISHLSCredentialException e) { | ||
+ | e.printStackTrace(); | ||
+ | } | ||
+ | System.out.println(result); | ||
+ | |||
+ | } | ||
+ | } | ||
+ | </pre> | ||
+ | |||
+ | In order to use DISHLSClient Managers outside a WSRF Service ( i.e. inside a portlet, or in a client), is necessary to initialize the DISHLSClient static class with the DISQueries.xml file path. Despite the Alpha version of the component is necessary also deployed on the same node of a portal the new version of the DHN. | ||
=== How to adapt the existing xQuery to eXist 1.1 === | === How to adapt the existing xQuery to eXist 1.1 === | ||
Line 92: | Line 178: | ||
.../Endpoint[@EntryName="*ENTRYNAME*"] ==> ../Endpoint[string(@EntryName) eq "*ENTRYNAME*"] | .../Endpoint[@EntryName="*ENTRYNAME*"] ==> ../Endpoint[string(@EntryName) eq "*ENTRYNAME*"] | ||
+ | * to check the namspace-uri of a node | ||
+ | |||
+ | [namespace-uri()="*NAMESPACE*"] ==> [namespace-uri(.)="*NAMESPACE*"] | ||
+ | |||
+ | |||
+ | * to check value of a node | ||
+ | |||
+ | where $doc/Profile[ServiceName ='Name'] ==> where $doc/Profile[ServiceName/string() eq 'Name'] | ||
+ | |||
+ | * the contains function has also to include string() method | ||
+ | |||
+ | contains($doc/Profile/Name,'Operator')==> contains($doc/Profile/Name/string(),'Operator') | ||
--[[User:Andrea|Andrea]] 14:08, 19 March 2007 (EET) | --[[User:Andrea|Andrea]] 14:08, 19 March 2007 (EET) |
Latest revision as of 18:55, 6 July 2016
Contents
Introduction
The IS-Client is a Java library that allows to query the IS in order to retrieve any information handled there.
Implementation Overview
The IS-Client implements a set of query to retrieve the GCube Resources. The implemented queries are separated in two category: Profile and WS-ResourceProperties. Query on profiles returns a
- GCUBECollectionQuery
- CSInstanceManager
- CSManager
- DHNManager
- DISBrokerManager
- ExternalRunningInstanceManager
- GeneralQueryManager
- GLiteManager
- MetadataCollectionManager
- PropertiesManager
- RunningInstanceManager
- ServiceManager
- TransformationProgramManager
The Source Javadoc documentation can be found here
[[1]]
VO selection and DL context filtering
All DISHLSClient Query Managers has to be created a parameter instance of org.gridforum.jgss.ExtendedGSSCredential and a parameter instance of org.apache.axis.message.addressing.EndpointReferenceType. At Query Manager creation time, the ExtendedGSSCredential object is checked and using Authentication API the current VO and DL are extracted:
- the VO is used to select the right VOMap to use (that contains the addresses of the DIS-IC instances to contact)
- the DL is used to filter queries towards DILIGENT Profiles and WS-Resources.
If the ExtendedGSSCredential object passed at Manager creation time is null, the EndpointReferenceType instance is checked to extract VO and DL information. The use of the EndpointReferenceType to check the Running Instance DL context, can be done only if the Running Instance is acting in only one DL.
These page show how to provide credentials to your service. Provide_your_service_with_credentials
In case of Credentials that contains roles related to a DL, a filter over the DILIGENT Resources and WS-Resource Properties queries is applied. This means checks if the DL the service is acting is contained inside the AuthorizationPolicies element of a Profile or a DLs WS-Resource-Properties ( added by the DILIGENTProvider) of a WS-Resource. The Filter over DL context is not applied queryng for a Service Profile ( that is not related to a particular DL).
An xQuery parsers has also been implemented to set automatically filters to Custom xQuery ( Queries created by developers
Dependencies
These are the dependencies of the Library :
- DVOS Authentication API
- DVOS Common
- WS-core 4.0.4
- DIS-IC Stubs
- DIS-Broker Stubs
- DIS util library
- NAL library
Usage Examples
In order to test DIS-HLS-Client without credentials and EPR, it'possible to create a manager with null parameters. By default, the queries will be sent to the diligent VO (i.e. to the DIS-IC instance deployed with its scope) without any DL restriction.
ExtendedGSSCredential cred=null; try { cred = ProxyUtil.loadProxyCredentials("certWithDLRoles"); } catch (IOException e) { e.printStackTrace(); } catch (GSSException e) { e.printStackTrace(); } RunningInstanceManager riManager=null; PropertiesManager pMan =null; try { //null credential and null EPR riManager=DISHLSClient.getRunningInstanceManager(null, null); pMan= DISHLSClient.getPropertiesManager(cred, null); } catch (DISHLSClientException e) { e.printStackTrace(); } String test= null; try { riManager.getEPRsRIFromClassAndName("InformationSystem", "DIS-Registry", "dililigentproject/informationservice/disregistry/DISRegistryFactoryService", null,null); test= pMan.getAllPublishedEntries(cred, null); } catch (DISHLSClientException e) { e.printStackTrace(); } catch (DISHLSCredentialException e) { //community changed e.printStackTrace(); }
It's possible (like the Alpha version of the component) to prepare and execute a custom xQuery.
import org.apache.axis.MessageContext; import org.diligentproject.informationservice.dishlsclient.impl.DISHLSClient; import org.diligentproject.informationservice.dishlsclient.impl.DISHLSClientException; import org.diligentproject.informationservice.dishlsclient.impl.DISHLSCredentialException; import org.diligentproject.informationservice.dishlsclient.impl.GeneralQueryManager; import org.diligentproject.dvos.authentication.util.*; import org.diligentproject.dvos.delegation.api.MultipleCredentialsListener; import org.diligentproject.dvos.exception.DVOSException; import org.gridforum.jgss.ExtendedGSSCredential; import org.globus.gsi.jaas.JaasSubject; ......... private MultipleCredentialsListener credentialsListener; .......... this.credentialsListener = new MultipleCredentialsListener(); DelegationLocalInterface.registerCredentialsListener(this.credentialsListener); String customXquery = "declare namespace = dis=\'http://diligentproject.org/namespaces/informationservice/disregistry/DISRegistryService'; "+ " for $resource in collection('/db/Profiles/RunningInstance')//Document/Data/dis:Profile/DILIGENTResource "+ " where $resource/UniqueID/string() eq '*UNIQUEID*'"+ " let $accessPoint := $resource/Profile/AccessPoint" + "return <RESULT>{$uniqueID}{$serviceName}{$serviceClass}{$dhnid}{$accessPoint}</RESULT>"; customXquery= customXquery.replace("*UNIQUEID*", "4242424234-4-23432"); //get DL from the caller VOMSAttributesReader reader = null; try { reader = new VOMSAttributesReader(JaasSubject.getCurrentSubject(),MessageContext.getCurrentContext()); } catch (DVOSException e) { e.printStackTrace(); } catch (IOException e) { e.printStackTrace(); } String dlName = reader.getAbsoluteDLName(); ExtendedGSSCredential creds = credentialsListener.getCredentials(dlName); GeneralQueryManager manager = null; try { manager = DISHLSClient.getGeneralQueryManager(creds, null); } catch (DISHLSClientException e) { e.printStackTrace(); } String result= ""; try { result = manager.queryDISIC(customXquery, creds, null); } catch (DISHLSClientException e) { e.printStackTrace(); } catch (DISHLSCredentialException e) { e.printStackTrace(); } System.out.println(result); } }
In order to use DISHLSClient Managers outside a WSRF Service ( i.e. inside a portlet, or in a client), is necessary to initialize the DISHLSClient static class with the DISQueries.xml file path. Despite the Alpha version of the component is necessary also deployed on the same node of a portal the new version of the DHN.
How to adapt the existing xQuery to eXist 1.1
In the following examples are shown the necessary modifications to xQueries in order to make them compatible with eXist 1.1
- the function text() is not supported:
.../DILIGENTResource/UniqueID/text() eq 'id' ==> .../DILIGENTResource/UniqueID/string() eq 'id'
- to keep an attribute value it must use the function string()
.../Endpoint[@EntryName="*ENTRYNAME*"] ==> ../Endpoint[string(@EntryName) eq "*ENTRYNAME*"]
- to check the namspace-uri of a node
[namespace-uri()="*NAMESPACE*"] ==> [namespace-uri(.)="*NAMESPACE*"]
- to check value of a node
where $doc/Profile[ServiceName ='Name'] ==> where $doc/Profile[ServiceName/string() eq 'Name']
- the contains function has also to include string() method
contains($doc/Profile/Name,'Operator')==> contains($doc/Profile/Name/string(),'Operator')
--Andrea 14:08, 19 March 2007 (EET)