org.aselect.server.cross
Class CrossASelectManager

java.lang.Object
  extended by org.aselect.server.cross.CrossASelectManager

public class CrossASelectManager
extends java.lang.Object

This class loads all necessary configuration needed to set up a 'cross' A-Select environment.

Description:
A singleton cross aselect manager, containing the cross aselect configuration.

remote_servers
An A-Select Server might have configured <remote_servers/> to forward an authentication request to an other A-Select Server.

cross_selector
If there are more than one remote servers you might want to dynamically determine to which remote_server the request should be forwarded. This can be realized by configuring a <cross_selector/>. This selector should implement ISelectorHandler. Only one handler can be active and is initialized by this CrossASelectManager.

local_servers
An A-Select Server can also act as remote server for other A-Select Servers. In that case authentication requests are forwarded to this A-Select Server by other A-Select Servers. These A-Select Servers should be configured as <local_servers/>. If configured to require signing from local_servers, the public key of each local_server is loaded at initialization.

Examples:
An A-Select Server that has configured a trust relationship with other A-Select Servers, may grant access to an application while the user is actually authenticated at an other A-Select Server.

 -------------    -----------------    -----------------    --------
 |           |    |               |    |               |    |      |
 |Application| -> |     Local     | -> |    Remote     | -> |AuthSP|
 |           |    |A-Select Server|    |A-Select Server|    |      |
 -------------    -----------------    -----------------    --------
 
In the figure above, a user is authenticated at the 'Remote A-Select Server' to get access to an application that was secured with the 'Local A-Select Server'.
The 'Local Server' in this scenario has configured <remote_servers/> and acts like an application. This A-Select Server may not have a user database and no connection with AuthSP's.
The 'Remote Server' in this scenario has configured <local_servers/> and is configured like a 'normal' A-Select Server except that it may not have any applications configured.

The 'Local Server' might have configured <cross_selector/> to dynamicaly select a 'Remote Server' by using an ISelectorHandler. This is an optional configuration since the application is able to request for a specific 'Remote Server' in it's authenticate request.


An A-Select Server might have configured both <local_servers/> and <remote_servers/>. This A-Select Server will act as 'Remote Server' for the configured <local_servers/>. But it will also act as 'Local Server' for the configured <remote_servers/>.
 -------------    -----------------    ------------------    -----------------    --------
 |           |    |               |    |Remote and Local|    |               |    |      |
 |Application| -> |     Local     | -> |    (Proxy)     | -> |    Remote     | -> |AuthSP|
 |           |    |A-Select Server|    |A-Select Server |    |A-Select Server|    |      |
 -------------    -----------------    ------------------    -----------------    --------
 
Such an A-Select Server is referred to as Proxy A-Select Server if it is used to parse request from 'Local Servers' to 'Remote Servers'.


Concurrency issues:
The class is a singleton, so the same class is used in all the classes of the A-Select Server.

Author:
Alfa & Ariss

Method Summary
static CrossASelectManager getHandle()
          Must be used to get an CrossASelectManager instance.
 java.lang.String getHandlerConfig(java.lang.String sKey)
          A Simple function to retrieve a value of a ISelectorHandler configuration parameter.
 java.security.PublicKey getLocalASelectServerPublicKey(java.lang.String sLocalOrg)
          Get the public key of one of the A-Select Servers that are configured as Cross A-Select local servers.
 java.lang.String getLocalParam(java.lang.String sOrgId, java.lang.String sName)
          Returns the requested parameter for an organization.
 java.util.Hashtable getLocalServerInfo(java.lang.String sLocalOrganization)
          Returns configuration used as optional template tags.
 java.lang.String getOptionalLocalParam(java.lang.String sOrgId, java.lang.String sName)
          Returns the requested optional paramater for an local organisation.
 java.lang.String getRemoteParam(java.lang.String sOrgId, java.lang.String sName)
          Returns the requested parameter for an organisation.
 java.util.Hashtable getRemoteServers()
          Retrieve Remote Server configuration.
 ISelectorHandler getSelectorHandler()
          Gives a handle to the ISelectorHandler.
 void init()
          Initialization of the CrossASelectManager singleton.
 boolean isCrossSelectorEnabled()
           
 boolean isForcedAuthenticateEnabled(java.lang.String sOrg)
           
 boolean isLocalSigningRequired()
           
 boolean localServersEnabled()
           
 boolean remoteServersEnabled()
           
 boolean useRemoteSigning()
           
 
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
 

Method Detail

getHandle

public static CrossASelectManager getHandle()
Must be used to get an CrossASelectManager instance.

Description:
Creates a new CrossASelectManager instance if it's still null.

Concurrency issues:
Always the same instance of the cross aselect manager is returned, because it's a singleton.

Preconditions:
-

Postconditions:
-

Returns:
A static handle to the CrossASelectManager.

init

public void init()
          throws ASelectConfigException
Initialization of the CrossASelectManager singleton.

Description:
Must be successfully run once, before it can be used.

Concurrency issues:
-

Preconditions:
- Singleton ASelectConfigManager should be initialized.
- cross_aselect configuaration is optional.

Postconditions:
-

Throws:
ASelectConfigException

isLocalSigningRequired

public boolean isLocalSigningRequired()
Returns:
true if the request done by a local A-Select Server should be signed, otherwise false.

isForcedAuthenticateEnabled

public boolean isForcedAuthenticateEnabled(java.lang.String sOrg)
Parameters:
sOrg - The organization id that will be checked for enabled forced authentication
Returns:
true if forced_authenticate="true", otherwise false.

useRemoteSigning

public boolean useRemoteSigning()
Returns:
true if the request done by a local A-Select Server to a remote A-Select Server should be signed, otherwise false.

remoteServersEnabled

public boolean remoteServersEnabled()
Returns:
true if there are configured remote servers, otherwise false.

isCrossSelectorEnabled

public boolean isCrossSelectorEnabled()
Returns:
true if the dynamic remote server selection is configured, otherwise false.

localServersEnabled

public boolean localServersEnabled()
Returns:
true if there are configured local servers, otherwise false.

getSelectorHandler

public ISelectorHandler getSelectorHandler()
Gives a handle to the ISelectorHandler.

Description:
Only one ISelectorHandler can be active within A-Select.

Concurrency issues:
-

Preconditions:
-

Postconditions:
-

Returns:
ISelectorHandler

getRemoteParam

public java.lang.String getRemoteParam(java.lang.String sOrgId,
                                       java.lang.String sName)
Returns the requested parameter for an organisation.

Description:
Returns the configured value of the parameter asked for.

Concurrency issues:
-

Preconditions:
-

Postconditions:
-

Parameters:
sOrgId - String containing an organisation id.
sName - String containing the parameter id asked for.
Returns:
String containing the parameter value asked for, or null if the attribute was not found.

getLocalParam

public java.lang.String getLocalParam(java.lang.String sOrgId,
                                      java.lang.String sName)
Returns the requested parameter for an organization.

Description:
Returns the configured value of the attribute asked for.

Concurrency issues:
-

Preconditions:
-

Postconditions:
-

Parameters:
sOrgId - String containing an local organization id.
sName - String containing the parameter id asked for.
Returns:
String containing the attribute value asked for, or null if the attribute was not found.

getOptionalLocalParam

public java.lang.String getOptionalLocalParam(java.lang.String sOrgId,
                                              java.lang.String sName)
                                       throws ASelectException
Returns the requested optional paramater for an local organisation.

Description:
Returns the configured value of the parameter asked for, or null if the parameter is not present. Unlike the getLocalParam(String, String) method, this method does not complain about missing attributes in the system log.

Concurrency issues:
-

Preconditions:
-

Postconditions:
-

Parameters:
sOrgId - String containing an local organization id.
sName - String containing the parameter name asked for.
Returns:
String containing the paramater value asked for, or null if the attribute was not found.
Throws:
ASelectException - If the entire section was not found, or a internal error occurred.

getLocalASelectServerPublicKey

public java.security.PublicKey getLocalASelectServerPublicKey(java.lang.String sLocalOrg)
Get the public key of one of the A-Select Servers that are configured as Cross A-Select local servers.

Description:
Will search for the public key of one of the A-Select Servers that are configured as Cross A-Select local servers.

Concurrency issues:
-

Preconditions:
sLocalOrg != null.

Postconditions:
If the key has not been found null will be returned.

Parameters:
sLocalOrg - The local organization of the cross A-Select Server.
Returns:
The PublicKey of the requested Cross A-Select Server.

getHandlerConfig

public java.lang.String getHandlerConfig(java.lang.String sKey)
A Simple function to retrieve a value of a ISelectorHandler configuration parameter.

Description:
Returns the value of a configuration parameter in the main configuration file of A-Select.

Concurrency issues:
-

Preconditions:
Manager should be initialized.

Postconditions:
-

Parameters:
sKey - String containing the identifier of the configuration.
Returns:
String containing the value of the config parameter or an empty string if no configuration was found.

getRemoteServers

public java.util.Hashtable getRemoteServers()
Retrieve Remote Server configuration.

Description:
Function that will return a Hashtable containing all 'friendly_name' values for the configured remote A-Select Servers. The Hashtable is indexed by the 'organization' value of the remote A-Select Servers.


Concurrency issues:
-

Preconditions:
Manager should be initialized.

Postconditions:
-

Returns:
Hashtable containing all 'friendly_name' values for the configured remote A-Select Servers. The Hashtable is indexed by the 'organization' value of the remote A-Select Servers.

getLocalServerInfo

public java.util.Hashtable getLocalServerInfo(java.lang.String sLocalOrganization)
Returns configuration used as optional template tags.

Description:
Returns a Hashtable containing information that must be showed in templates.
The information is configured per
'local_server'.

Concurrency issues:
-

Preconditions:
-

Postconditions:
-

Parameters:
sLocalOrganization - organization ID configured in the local_server config section
Returns:
Hashtable Containing optional local_server configuration


Copyright © 2008 SURFnet BV. All Rights Reserved.