An AttributeInfo consists mainly of an attribute, a value, and possibly a list of cas/issuers/authorities depending on its type
![]() | Type Type constants |
![]() | AttributeInfo (const string& attribute = "NO_ATTRIBUTE", const string& value = "NO_VALUE") Constructs a SYSTEM attribute/value pair |
![]() | AttributeInfo (const string& attribute, const string& value, const vector<DistinguishedName>& cas) Constructs an X509 attribute/value pair |
![]() | AttributeInfo (bool isAkentiAttribute, const string& attribute, const string& value, const vector<AkentiPrincipal>& aps, const vector<Directory>& dirs = vector<Directory>(), const vector Constructs an AKENTI/EXT_AUTH attribute/value pair |
![]() | operator= (const AttributeInfo& ai) Assignement operator |
![]() | operator== (const AttributeInfo& ai) const Returns true if this AttributeInfo is equal ai |
![]() | hasType (Type type) const Returns true if this AttributeInfo is of AttributeInfo::Type type>/i> |
![]() | hasAttribute (const string& attribute) const Returns true if this AttributeInfo contains attribute |
![]() | hasValue (const string& value) const Returns true if this AttributeInfo contains value |
![]() | hasCA (const DistinguishedName& ca) const Returns true if this AttributeInfo's list of cas contains ca |
![]() | hasIssuer (const AkentiPrincipal& issuer) const Returns true if this AttributeInfo's list of issuers contains issuer |
![]() | hasAuthority (const AkentiPrincipal& authority) const Returns true if this AttributeInfo's list of authorities contains authority |
![]() | getAttribute () const Returns name of the attribute |
![]() | getValue () const Returns the value of the attribute |
![]() | getType () const Returns the type |
![]() | getCAS () const Returns the cas |
![]() | getIssuers () const Returns the issuers, aps |
![]() | getAuthorities () const Returns the authorities, aps |
![]() | getDirectories () const Returns the directories dirs |
![]() | parseDirs (vector<URL>& urls) const Returns true if all dirs parse correctly |
![]() | getArguments () const Returns the arguments args |
![]() | writeObject (AkentiOutputStream& drain) const Writes this object to the AkentiOutputStream |
![]() | readObject (AkentiInputStream& source) Reads this object from an AkentiInputStream |
![]() | toXML (DOMElement* attrInfo) const Populates the XML element attrInfo from this AttributeInfo |
![]() | fromXML (const DOMElement* attrInfo) Initializes this AttributeInfo from the XML element attrInfo |
![]() | paramString () const Used for debugging |
An AttributeInfo consists mainly of an attribute, a value, and possibly a list of cas/issuers/authorities depending on its type.
Note that these attribute/value pairs can be resource-specific or user-specific.We have considered four types of attributes, 1) an X509 attribute. This attribute/value pair puts a constraint on the dn of a user accessing a resource. Example: OU=LBL We ask for a non-empty list of the cas that we are willing to accept. For now the cas have to be the immediate cas of the user accessing the resource. 2) an AKENTI attribute. This is an Akenti Certificate based attribute. An attribute certificate is fetched and used to evaluate this attribute/value pair. Example: group=SOME_GROUP We ask for a non-empty list of issuers that can issue such attribute certificates. 3) an EXT_AUTH attribute. This attribute/value pair is evaluated or attested by some authority. Akenti Engine may be configured to evaluate such attribute/value pairs. Example: time=10:00 and SomeTimeAuthority We ask for a non-empty list of authorities that help evaluate such attribute/value pairs. 4) a SYSTEM attribute. This is the simplest of all attributes. Akenti Engine may be configured to evaluate such such attribute/value pairs. Example: DiscSpace=10 MB AttributeInfo { Type type; string name; string value; vector<DistinguishedName> cas; // For X509 vector<AkentiPrincipal> aps; // For AKENTI and EXT_AUTH attribute certs issuers vector<Directory> dirs; // For AKENTI used to look up attribute certs // EXT_AUTH used to contact authoriies vector<string> args; // For EXT_AUTH additional args passed to the authorities } The writeObject output is: For a SYSTEM attribute: 0 attribute value For an X509 attribute: 1 attribute value caCount ca+ For an AKENTI attribute: 2 attribute value apCount ap+ dirCount dir* For an EXT_AUTH attribute: 3 attribute value apCount ap+ dirCount dir* argCount arg* Where + means one or more and * means 0 or more
"SYSTEM",
"X509",
"AKENTI",
"EXT_AUTH"
AttributeInfo(const string& attribute = "NO_ATTRIBUTE", const string& value = "NO_VALUE")
AttributeInfo(const string& attribute, const string& value, const vector<DistinguishedName>& cas)
value - string value of the attribute
cas - vector a list of acceptable cas
AttributeInfo(bool isAkentiAttribute, const string& attribute, const string& value, const vector<AkentiPrincipal>& aps, const vector<Directory>& dirs = vector<Directory>(), const vector
attribute - name of this attribute
value - value of this attribute
auths - a list of stakeholders/authorities
dirs - a list of directories
args - a list of arguments
void operator=(const AttributeInfo& ai)
bool operator==(const AttributeInfo& ai) const
bool hasType(Type type) const
bool hasAttribute(const string& attribute) const
bool hasValue(const string& value) const
bool hasCA(const DistinguishedName& ca) const
bool hasIssuer(const AkentiPrincipal& issuer) const
bool hasAuthority(const AkentiPrincipal& authority) const
const string& getAttribute() const
const string& getValue() const
Type getType() const
const vector <DistinguishedName> & getCAS() const
const vector <AkentiPrincipal> & getIssuers() const
const vector <AkentiPrincipal> & getAuthorities() const
const vector <Directory> & getDirectories() const
bool parseDirs(vector<URL>& urls) const
const vector
void writeObject(AkentiOutputStream& drain) const
void readObject(AkentiInputStream& source)
void toXML(DOMElement* attrInfo) const
void fromXML(const DOMElement* attrInfo)
string paramString() const
alphabetic index hierarchy of classes
this page has been generated automatically by doc++
(c)opyright by Malte Zöckler, Roland Wunderling
contact: doc++@zib.de