Back to index

nordugrid-arc-nox  1.1.0~rc6
ClientX509Delegation.h
Go to the documentation of this file.
00001 // -*- indent-tabs-mode: nil -*-
00002 
00003 #ifndef __ARC_CLIENTX509DELEGATION_H__
00004 #define __ARC_CLIENTX509DELEGATION_H__
00005 
00006 #include <string>
00007 #include <list>
00008 
00009 #include <inttypes.h>
00010 
00011 #include <arc/ArcConfig.h>
00012 #include <arc/URL.h>
00013 #include <arc/message/MCC_Status.h>
00014 #include <arc/message/PayloadRaw.h>
00015 #include <arc/message/PayloadSOAP.h>
00016 #include <arc/client/ClientInterface.h>
00017 #include <arc/credential/Credential.h>
00018 
00019 namespace Arc {
00020   //This class is supposed to be run against the generic ARC delegation service
00021   //to delegate itself's X.509 credential to delegation service; afterwards,
00022   //other functional clients can access the services which is hosted together
00023   //with the above delegation service.
00024   //This class can be used in any client utility, and also the service implementation
00025   //which needs to interoperate with another service.
00026   //The purpose of this client (together with the delegation service) is that any
00027   //intermediate service is able to act on behalf of the user.
00028   //
00029   //This class will also be extended to interoperate with other delegation service
00030   //implementaion such as the gridsite implementation which is used by CREAM service.
00031   //
00032   //Also, MyProxy could be looked as a delegation service, which will only used for
00033   //the first-step delegation (user delegates its credential to client). In this case,
00034   //ClientX509Delegation will only be used for the client utility, not for the inmediate
00035   //services.
00036   //User firstly delegates its credential to MyProxy server (the proxy certificate and
00037   //related private key will be stored on MyProxy server), then the client (normally it
00038   //could be the Web Browser) uses the username/password to acquire the proxy credential
00039   //from MyProxy server.
00040 
00041   enum DelegationType {
00042     DELEG_ARC, DELEG_GRIDSITE, DELEG_GT4, DELEG_MYPROXY, DELEG_UNKNOWN
00043   };
00044 
00045   class ClientX509Delegation {
00046   public:
00048     ClientX509Delegation() {}
00049     ClientX509Delegation(const BaseConfig& cfg, const URL& url);
00050     virtual ~ClientX509Delegation();
00070     bool createDelegation(DelegationType deleg, std::string& delegation_id);
00071     bool destroyDelegation(DelegationType deleg) {
00072       return false;
00073     }
00098     bool acquireDelegation(DelegationType deleg, std::string& delegation_cred, std::string& delegation_id,
00099                            const std::string cred_identity = "", const std::string cred_delegator_ip = "",
00100                            const std::string username = "", const std::string password = "");
00101 
00102   private:
00103     ClientSOAP *soap_client_;
00104     std::string cert_file_; //if it is proxy certificate, the privkey_file_ should be empty
00105     std::string privkey_file_;
00106     std::string proxy_file_;
00107     std::string trusted_ca_dir_;
00108     std::string trusted_ca_file_;
00109     Credential *signer_;
00110     static Logger logger;
00111   };
00112 
00113 } // namespace Arc
00114 
00115 #endif // __ARC_CLIENTX509DELEGATION_H__