Chapter 3: ServiceMap Document: Security Policies


You need to specify security policy information if you want to specify which user is authorized to invoke what operation (a.k.a method) on your service. Currently the XML schema for specifying the security policy information is only allows you to specify a list of users and groups who have access to the methods in your service and a lifetime for your policy.

Here is an example of a security policy element in a ServiceMap document

<policy>
    <group>extreme</group>
    <group>lead</group>
    <user>C=US,O=National Center for Supercomputing Applications,CN=Gopi Kandaswamy</user>
    <lifetime>24:00:00</lifetime>
</policy>

The above policy mentions two groups viz. extreme and lead and one user.


<ServiceMap  xmlns="http://www.extreme.indiana.edu/namespaces/2004/01/gFac"
            xmlns:test="http://www.extreme.indiana.edu/test">

    <service>...</service>
   
    <portType>
        <method>
           <methodName> foo </methodName>
        </method>

        <method>
            <methodName> bar </methodName>
         </method>
    </portType>

    <policy>
        <group>extreme</group>
        <group>lead</group>
        <user>C=US,O=National Center for Supercomputing Applications,CN=Gopi Kandaswamy</user>
        <lifetime>24:00:00</lifetime>
     </policy>

</ServiceMap>

<ServiceMap xmlns="http://www.extreme.indiana.edu/namespaces/2004/01/gFac"
            xmlns:lead="http://www.extreme.indiana.edu/lead">

  <service>...</service>
    <portType>
        <method>
           <methodName> foo </methodName>

           <policy>
               <group>extreme</group>
               <group>lead</group>
               <user>C=US,O=National Center for Supercomputing Applications,CN=Gopi Kandaswamy</user>
               <lifetime>24:00:00</lifetime>
           </policy>

        </method>

        <method>
            <methodName> bar </methodName>
        </method>
  </portType>
</ServiceMap>

[ << ] [ < ] [ Home ] [ > ] [ >> ]