---++ VOMS X509 Attribute Certificate Web Service Interface ---+++ Description This Web services API is used by a member of VO <span style="color:green;">vo-name</span> (or by an application running on her behalf) to retrieve a valid VOMS <nop>AttributeCertificate. The caller can request specific VOMS FQANs (e.g., VOMS Roles) using the =requestedFQANs= parameter. Requested FQANs are returned in the order in which they are requested. The caller can request a different lifetime for the generated <nop>AttributeCertificate using the =lifetime= parameter. The lifetime of the AC is however bound to the maximum lifetime allowed by the server configuration. ---+++ Web Services Interface ---++++ Endpoint <div style="font-size: larger; "> <nop>https://<span style="color:green; font-size:smaller">voms-server</span>:8443/voms/<span style="color:green;font-size: smaller">vo-name</span>/services/VOMSAC </div> ---++++ Interface <verbatim> interface VOMSAC { byte[] getVOMSAttributeCertificate() throws VOMSException; byte[] getVOMSAttributeCertificate(String[] requestedFQANs) throws VOMSException; byte[] getVOMSAttributeCertificate(long lifetime) throws VOMSException; byte[] getVOMSAttributeCertificate(String[] requestedFQANs, long lifetime) throws VOMSException; String getVersion() throws VOMSException; String getInterfaceVersion() throws VOMSException; } </verbatim> ---+++++ getVomsAttributeCertificate This method is used to retrieve the VOMS AC. It accepts the following parameters: |*Required*|*Name*|*Type*|*Description*| | optional | =requestedFQANs= | array of string | The list of requested FQANs. FQANs are returned in the order they are requested | | optional | =lifetime= | long | Lifetime for the AC in seconds (used to ovverride the server default value, it is however bound to the maximum lifetime allowed by the server configuration)| When requestedFQANs and lifetime are omitted, the VOMS server returns an AttributeCertificate, valid for the default lifetime as configured on the server, containing all the groups the requester is member of and the Generic attributes associated with her membership. *Returns:* a byte array containing the PEM encoded VOMS Attribute Cerficate *Throws:* VOMSException ---+++++ getVersion *Returns:* the version number of the server implementation *Throws:* VOMSException ---+++++ getInterfaceVersion *Returns:* the version number of the supported interface *Throws:* VOMSException ---+++ Restful Interface ---++++ Description |*HTTP Method*|*Resource*|*Description*| | GET | /rest/ac | Gets a X509 VOMS Attribute certificate containing VOMS FQANs| ---++++ HTTP Response The HTTP response code is =200 OK=, if the request has completed without internal server errors. The response body contains a =text/xml= document that has the following structure: <verbatim> <voms> <ac>{base64 encoded AC}</ac> </voms> </verbatim> The root element =voms= has a child element =ac= that contains the base64 encoded VOMS AC. ---++++ Error messages |*HTTP Error code*|*Meaning*| | 404 | User not found in the VO | | 500 | Internal server error | In both cases, the response body contains a =text/xml= document that has the following structure: <verbatim> <voms> <error>{error message string}</error> </voms> </verbatim> The root element =voms= has a child element =error= that contains the error message. ---++++ Resftful Request/Response Example Request: <verbatim> GET /voms/voms-ws/rest/ac HTTP/1.1 Host: devel13.cnaf.infn.it:8443 Accept: */* </verbatim> Response: <verbatim> HTTP/1.1 200 OK Server: Apache-Coyote/1.1 Set-Cookie: JSESSIONID=E95A6C247E1DEDBF104491162A6C56CC; Path=/voms/voms-ws; Secure Content-Type: text/html;charset=ISO-8859-1 Content-Length: 158 Date: Thu, 02 Oct 2008 17:06:42 GMT <?xml version="1.0" encoding="UTF-8"?><voms><ac>...</ac></voms> </verbatim> -- Main.AndreaCeccanti - 03 Oct 2008
This topic: VOMS
>
InternalDiscussion
>
VOMSX509ACWebServiceInterface
Topic revision: r5 - 2008-10-06 - AndreaCristofori
Copyright © 2008-2024 by the contributing authors. All material on this collaboration platform is the property of the contributing authors.
Ideas, requests, problems regarding TWiki?
Send feedback