VOMS-API
Contents
The VOMS-API library
The library offers a number of facilities for interacting with VOMS server. [Read More]
Sample usage
The VOMS-API SA ships also a voms-api-test-suite where it is possible to use two sample classes:
- VOMSTest
- CredTest
These two classes are, respectively, a usage example of VOMSAdminImpl class and CredentialsManagerImpl.
VOMSAdminImpl
This class provides a subset of VOMS operations. We can manage VOMS users, groups and roles. Some operations are overloaded in order to simplify management of the users with a proxy certificate provided by gCube SimpleCA.
This utility can be instantiate in three different ways: by default VOMSAdminImpl will use host credentials contained in /etc/grid-security/hostpubliccert.pem and /etc/grid-security/hostprivatekey.pem.
Alternatively a user can specify his own credentials:
- a user can specify CLIENT creds by indicating the triple (CLIENT_CERT, CLIENT_KEY, CLIENT_PWD) or
- a user can specify CLIENT creds by indicating a CLIENT_PROXY, that's a proxy certificate of the pem cerficates.
If the user choose to instantiate a VOMSAdminImpl object specifying client credentials, this will overwrite the host certificate set by default.
Usage Examples
//construct a new VOMSAdminImpl using the default settings. // Lists VO name try { VOMSAdminImpl vomsAdmin = new VOMSAdminImpl(); System.out.println("VO: " + vomsAdmin.getVO()); } catch (Exception e) { e.printStackTrace(); } // Lists VOMS groups String[] groups = vomsAdmin.listGroups(); for (int i = 0; i < groups.length; i++) { System.out.println("\t" + groups[i]); } ...
CredentialsManagerImpl
This class provides a method to retrieve user's credentials. It manages communication with MyProxyCA server to generate simple credentials for the username provided and some operations are overloaded in order to simplify management of the users with a proxy certificate provided by gCube SimpleCA.
Usage Examples
//Retrieves ExtendedGSSCredential from MyProxy server with VOMS Attributes (roles, groups) attached System.out.print("Retrieve Credentials from MyProxy with VOMS attributes:"); ExtendedGSSCredential cred; try { cred = manager.getCredentials(userName, pwd, groupName); if (cred != null) { byte[] data = cred.export(ExtendedGSSCredential.IMPEXP_OPAQUE); File file = new File(proxyFile); file.createNewFile(); FileOutputStream out = new FileOutputStream(proxyFile, false); out.write(data); out.close(); System.out.println("Time needed to retrieve credentials " + (end - start) + " milliseconds."); System.out.println(); System.out.println("Credentials for " + userName + " are correctly retrieved and stored in "); System.out.println("\t" + proxyFile + "."); } } catch (Exception e) { e.printStackTrace(); }