CAS: User's Guide

Overview
Generating CAS credentials (cas-proxy-init)
Using CAS credentials (cas-wrap)
CAS Service Data
>Writing CAS clients
Performance Measurements

Writing CAS clients

Listed below are some helper methods in the client package that maybe used for writing clients for the CAS service. Refer to code and/or Java Docs for more information.

  • Getting handle to CAS service port type

    • org.globus.ogsa.impl.base.cas.client.CasClientSetup is used.

    Code:

    • To get a handle to CAS service with instance URL, instanceURL and identity serviceIdentity, 
      •  CasClientSetup clientSetup = new CasClientSetup();
 CommunityAuthorizationServicePortType casPort = 
	    clientSetup.getCASPort(instanceURL, serverIdentity);
    • To get a handle to CAS service with instance URL, instanceURL and use host authorization, 
      •  CasClientSetup clientSetup = new CasClientSetup();
 CommunityAuthorizationServicePortType casPort = 
	    clientSetup.getCASPort(instanceURL);
  • Generating proxy with CAS assertions embedded

    • API in class org.globus.ogsa.impl.base.cas.client.CasProxyHelper can be used to generate a proxy with CAS assertions embedded. To pass in relevant parameters, class org.globus.ogsa.impl.base.cas.client.ClientParams is used. The datatype, org.globus.ogsa.impl.base.cas.client.ResourceActionsMap is used to represent the resource/actions mapping for which assertions are requested on.

    Listed below are steps to use the API. org.globus.ogsa.impl.base.cas.client.CasProxyInit has sample code that generates a proxy embedded with CAS assertions.

    Code:

    1. ClientParams class is used to construct the parameter. If the default constructor is used and none of the values are set, requested assertion lifetime is set to 24 hours, default proxy file is used, the proxy with assertions embedded is named with a ".cas" tag at the end of proxy file.

       ClientParams clientParams = new ClientParams();
    2. Sets assertion lifetime. If not set, 24 hours is used.
      3.  clientParams.setAssertionLifetime(lifetime);
    3. Sets file name of the proxy to use. If not set, defualt credential is used.
      4.  clientParams.setProxyFileName(proxyFilename);
    4. Sets file name of the proxy with CAS assertions to be written to. If not set, original proxy file name is appended with a tag.
      5.  clientParams.setCasProxyFileName(casProxyFilename);
    5. Sets tag to append to original proxy filename. If not set, the tag "cas" is used. The tag is used if a filename for assertion embedded proxy is not set.
      6.  clientParams.setCasProxyTag(tag);
    6. Sets the resource/actions for which assertion is requested on. It uses an array of data type ResourceActionsMap (explained below):
      7.  clientParams.setResourceActionsMap(resActions);
    7. ResouceActionsMap datatype is used to represent the resource and the actions on the resource for which the permissions are required. It has a String to represent resource and a vector of string sto represent the actions.

      8. The resource should be of the form, "objectNamespace|objectName". The action should be of the form, "serviceType actionName"

    8. Instance of Helper class:
      9.  CasProxyHelper casProxyHelper = new CasProxyHelper(instanceURL, serverIdentity);

      where,

      • instanceURL is the URL to contact CAS service.
      • serverIdentity is the expected identity of the server. If null, host authorization is used.
    9. Generating proxy with CAS assertions:
      10.  String casProxyFilename = casProxyHelper.getCasProxy(clientParams);

      This methods contacts the CAS service, retrieves assertions, embeds in credetial and returns the path to the proxy file with CAS proxy embedded.