org.openpermis.examples.ejb.server
Class HelloWorldService

java.lang.Object
  extended by org.openpermis.examples.ejb.server.HelloWorldService
All Implemented Interfaces:
HelloWorldServiceRemote

public class HelloWorldService
extends Object
implements HelloWorldServiceRemote

An EJB implementation of the HelloWorld service.

Access to a basic HelloWorld service is controlled with help of a policy decision point (PDP). It serves as a policy enforcement point for the HelloWorld application.

Since:
0.3.0

Field Summary
protected static String ACTION_NAME
           
private  org.openpermis.AuthorizationService authorizationService
          The injected authorization service.
private  HelloWorldServiceRemote delegate
          The actual service implementation to which we forward authorized requests.
protected static URI TARGET_RESOURCE_URI
           
 
Constructor Summary
HelloWorldService()
          Creates a hello world EJB which uses a default PDP and HelloWorld service.
HelloWorldService(org.openpermis.AuthorizationService authorizationService, HelloWorldServiceRemote delegate)
          Creates an authorized HelloWorld service that uses the specified authorization service context for retrieving roles and making access decisions.
 
Method Summary
protected  void assertInitialized()
          Asserts that the service has been correctly initialized.
private static HelloWorldServiceRemote createHelloWorldService()
          Creates a basic hello world service for this EJB.
private static org.openpermis.AuthorizationService createPolicyDecisionPoint()
          Creates a authorization for the hello world EJB.
private static org.openpermis.PolicyDecisionPoint createPolicyDecisionPoint(org.openpermis.cert.CertificateVerifier certificateVerifier)
          Creates a PolicyDecisionPoint from an attribute certificate located on the classpath.
 String getHelloMessage(String name)
          Returns a welcome message for the specified person.
private static X509Certificate readSoaCertificate()
          Reads the SoA certificate from the classpath.
private static org.openpermis.repository.SubjectRepository readSubjectRepository(org.openpermis.cert.CertificateVerifier certificateVerifier)
          Creates a subject repository with subjects read from the classpath.
 
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
 

Field Detail

TARGET_RESOURCE_URI

protected static final URI TARGET_RESOURCE_URI
Since:
0.3.0

ACTION_NAME

protected static final String ACTION_NAME
Constant Field Value:
"collectLetters"
Since:
0.3.0

authorizationService

private final org.openpermis.AuthorizationService authorizationService
The injected authorization service.

Since:
0.3.0

delegate

private final HelloWorldServiceRemote delegate
The actual service implementation to which we forward authorized requests.

Since:
0.3.0
Constructor Detail

HelloWorldService

public HelloWorldService()
Creates a hello world EJB which uses a default PDP and HelloWorld service.

See Also:
createPolicyDecisionPoint(), createHelloWorldService()
Since:
0.3.0

HelloWorldService

public HelloWorldService(org.openpermis.AuthorizationService authorizationService,
                         HelloWorldServiceRemote delegate)
Creates an authorized HelloWorld service that uses the specified authorization service context for retrieving roles and making access decisions.

Parameters:
authorizationService - a AuthorizationService.
delegate - the real service implementation to which authorized requests are forwarded.
Since:
0.3.0
Method Detail

readSoaCertificate

private static final X509Certificate readSoaCertificate()
Reads the SoA certificate from the classpath.

A policy decision point needs a trusted public key of the source of authority (SoA) to validate the attribute certificates (AC), including policies and roles. Future implementations will allow a advanced public key infrastructure (PKI).

Returns:
the SoA certificate or null if it could not be read.
Since:
0.3.0

createPolicyDecisionPoint

private static final org.openpermis.PolicyDecisionPoint createPolicyDecisionPoint(org.openpermis.cert.CertificateVerifier certificateVerifier)
Creates a PolicyDecisionPoint from an attribute certificate located on the classpath.

Parameters:
certificateVerifier - the certificate verifier used to verify the attribute certificate containing the policy.
Returns:
the PolicyDecisionPoint requested or null if it could not be created.
Since:
0.3.0

readSubjectRepository

private static final org.openpermis.repository.SubjectRepository readSubjectRepository(org.openpermis.cert.CertificateVerifier certificateVerifier)
Creates a subject repository with subjects read from the classpath.

Parameters:
certificateVerifier - The certificate verifier used to verify attribute certificates. Used in the subject repository.
Returns:
the subject repository or null in case of an error.
Since:
0.3.0

createPolicyDecisionPoint

private static final org.openpermis.AuthorizationService createPolicyDecisionPoint()
Creates a authorization for the hello world EJB.

Returns:
the authorization service to use.
Since:
0.3.0

createHelloWorldService

private static final HelloWorldServiceRemote createHelloWorldService()
Creates a basic hello world service for this EJB.

Returns:
the actual hello world service to delegate to.
Since:
0.3.0

assertInitialized

protected void assertInitialized()
                          throws HelloWorldException
Asserts that the service has been correctly initialized.

Throws:
HelloWorldException - if the service is not correctly initialized.
Since:
0.3.0

getHelloMessage

public String getHelloMessage(String name)
                       throws HelloWorldException
Description copied from interface: HelloWorldServiceRemote
Returns a welcome message for the specified person.

Specified by:
getHelloMessage in interface HelloWorldServiceRemote
Parameters:
name - the name of the person to greet.
Returns:
a suitable welcome message.
Throws:
HelloWorldException - if the service fails to determine a suitable welcome message.
Since:
0.1.0


PERMIS Role Based Access Control 0.3.0 (Build 14)
2009/05/08 09:07:15
Copyright (c) 2002-2007 Ergon Informatik AG