class AttributeInfo |
An AttributeInfo consists mainly of an attribute, a value, and possibly a list of cas/issuers/authorities depending on its type.
![]() | AttributeInfo (const string& attribute = "NO_ATTRIBUTE", const string& value = "NO_VALUE") Constructs a SYSTEM attribute/value pair. |
![]() | AttributeInfo (const string& attribute, const string& value, const vector<DistinguishedName>& cas) Constructs an X509 attribute/value pair. |
![]() | AttributeInfo (bool isAkentiAttribute, const string& attribute, const string& value, const vector<AkentiPrincipal>& aps, const vector<Directory>& dirs = vector<Directory>(), const vector<string>& args = vector<string>()) Constructs an AKENTI/EXT_AUTH attribute/value pair. |
![]() | operator= (const AttributeInfo& ai) Assignement operator |
![]() | operator== (const AttributeInfo& ai) const Returns true if this AttributeInfo is equal ai. |
![]() | hasType (Type type) const Returns true if this AttributeInfo is of AttributeInfo::Type type>/i> |
![]() | hasAttribute (const string& attribute) const Returns true if this AttributeInfo contains attribute |
![]() | hasValue (const string& value) const Returns true if this AttributeInfo contains value |
![]() | hasCA (const DistinguishedName& ca) const Returns true if this AttributeInfo's list of cas contains ca |
![]() | hasIssuer (const AkentiPrincipal& issuer) const Returns true if this AttributeInfo's list of issuers contains issuer |
![]() | hasAuthority (const AkentiPrincipal& authority) const Returns true if this AttributeInfo's list of authorities contains authority |
![]() | getAttribute () const Returns name of the attribute |
![]() | getValue () const Returns the value of the attribute |
![]() | getType () const Returns the type |
![]() | getCAS () const Returns the cas. |
![]() | getIssuers () const Returns the issuers, aps. |
![]() | getAuthorities () const Returns the authorities, aps |
![]() | getDirectories () const Returns the directories dirs |
![]() | parseDirs (vector<URL>& urls) const Returns true if all dirs parse correctly. |
![]() | getArguments () const Returns the arguments args. |
![]() | writeObject (AkentiOutputStream& drain) const Writes this object to the AkentiOutputStream. |
![]() | readObject (AkentiInputStream& source) Reads this object from an AkentiInputStream. |
![]() | toXML (DOMElement* attrInfo) const Populates the XML element attrInfo from this AttributeInfo |
![]() | fromXML (const DOMElement* attrInfo) Initializes this AttributeInfo from the XML element attrInfo |
![]() | paramString () const Used for debugging. |
![]() | Type Type constants. |
An AttributeInfo consists mainly of an attribute, a value, and possibly a list of cas/issuers/authorities depending on its type.
Note that these attribute/value pairs can be resource-specific or user-specific.
* * We have considered four types of attributes, * * 1) an X509 attribute. * * This attribute/value pair puts a constraint on the * dn of a user accessing a resource. * * Example: OU=LBL * * We ask for a non-empty list of the cas that we * are willing to accept. * * For now the cas have to be the immediate cas of * the user accessing the resource. * * 2) an AKENTI attribute. * * This is an Akenti Certificate based attribute. * An attribute certificate is fetched and used * to evaluate this attribute/value pair. * * Example: group=SOME_GROUP * * We ask for a non-empty list of issuers * that can issue such attribute certificates. * * 3) an EXT_AUTH attribute. * * This attribute/value pair is evaluated or attested * by some authority. Akenti Engine may be configured * to evaluate such attribute/value pairs. * * Example: time=10:00 and SomeTimeAuthority * * We ask for a non-empty list of authorities that help * evaluate such attribute/value pairs. * * 4) a SYSTEM attribute. * * This is the simplest of all attributes. * Akenti Engine may be configured to evaluate such * such attribute/value pairs. * * Example: DiscSpace=10 MB * * AttributeInfo { * Type type; * string name; * string value; * vector<DistinguishedName> cas; // For X509 * vector<AkentiPrincipal> aps; // For AKENTI and EXT_AUTH attribute certs issuers * vector<Directory> dirs; // For AKENTI used to look up attribute certs * // EXT_AUTH used to contact authoriies * vector<string> args; // For EXT_AUTH additional args passed to the authorities * } * * * The writeObject output is: * * For a SYSTEM attribute: * 0 attribute value * * For an X509 attribute: * 1 attribute value caCount ca+ * * For an AKENTI attribute: * 2 attribute value apCount ap+ dirCount dir* * * For an EXT_AUTH attribute: * 3 attribute value apCount ap+ dirCount dir* argCount arg* * * Where + means one or more and * means 0 or more * *
Values of Type are:
"SYSTEM",
"X509",
"AKENTI",
"EXT_AUTH"
Note here we only compare the types, the attributes and the values. The attribute comparison is not case sensitive.
Alphabetic index HTML hierarchy of classes or Java