Xregistry is a Document registry that supports users, recursive groups and sharing. It is designed for LEAD atmospheric discovery project and supports four specific document types (Host Descriptions, Application Descriptions, Service Descriptions and Concrete WSDLs) and �Any document type�. It consists of a one persistent server that provides a Web Service interface to manage documents.
Xregistry is three registries under one Umbrella.
Following table presents the operations supported by Xregistry
|String registerServiceDesc( String serviceDescAsStr, String
void registerAppDesc(String appDescAsStr)
String registerConcreteWsdl( String wsdlAsStr, int lifetimeAsSeconds)
String registerHostDesc( String hostDescAsStr)
void registerResource(QName resourceName, String resourceAsStr)
|Register a new Document|
|DocData findHosts(String hostName)
DocData findResource(String resourceNameQuery)
DocData findServiceDesc(String serviceName)
DocData findServiceInstance(String serviceName)
xregistry.doc.AppData findAppDesc(String query)
|Search for a document|
|void removeAppDesc(QName appName, String hostName)
void removeConcreteWsdl(QName wsdlQName)
void removeHostDesc(String hostName)
void removeServiceDesc(QName serviceName)
void removeResource(QName resourceName)
|Remove a documement|
|String getAbstractWsdl(QName wsdlQName)
String getAppDesc(String appName, String hostName)
String getConcreateWsdl(QName wsdlQName)
String getHostDesc(String hostName)
String getResource(QName resourceName)
String getServiceDesc(QName serviceName)
|Retrive a Document|
|String app2Hosts(String appName)||Search for all host where given application is installed|
|void addCapability(String resource, String actor, boolean isUser, String action)||Add a new Capability rule to Capability registry|
|CapabilityToken findCapability(String resourceID, String actor, boolean actorType, String action)||find a Capability|
|void removeCapability(String resourceID,String actor)||remove a capability|
|boolean isAuthorizedToAcsses(String user, String resourceID, String actor, String action)||Given a resource and a user, decide does user has access to the given resource. Together with findCapability(..), this method may be used to build a authorization framework.|
|Group & User Registry|
|void createUser(String newUser,String description)
void createGroup(String newGroup,String description)
|Create a new Actor, the description is a english language description.|
|void addUsertoGroup(String group,String usertoAdded)
void removeUserFromGroup(String group,String usertoRemoved)
void removeGroupFromGroup(String group,String grouptoRemoved)
|Methods to edit the tree of users and groups.|
|void deleteUser(String userID)
void deleteGroup(String groupID)
|Delete a Actor.|
String listGroupsGivenAUser(String targetUser)
String listSubActorsGivenAGroup(String group)
|Methods to search the tree of users and groups.|
Xregistry consists of a single server that exports a Web Service interface for all Xregistry operations. Data is stored in a MySQL database backend and registry indexes each document using a key so that they can be search or retrieved later. The Owner may share the document with other, and he will do so by adding an entry to capability repository. Its operation can be explained as follows.
Concrete WSDLs has a soft lifetime, and unless it is registered, it will be removed after it's lifetime. All other documents has persistent lifetime and they are removed only if explicitly removed from registry.
Xregristry Utilize SSL security and clients need a certificate signed by a CA trusted by Xregistry to connect to Xregistry. The Distinguished Name (DN), of the user is used as user name with in Xregistry.
Gfac provides Users and recursive group support based on following primitives
Capability is a rule of the form Allow ACTOR to ACTION RESOURCE, e.g. Allow A to READ linbox3. Xregistry maintain a table for capabilities. While specifying capabilities following roles are supported.
In order to find all the resource accessible to a given user, first a list of groups are found such that given user is a descendant of that group. Then a resource list is constructed collecting all the resource assigned to each group on that list. Finally the resource list is completed by adding resource owned by the user.
$xregistryShell.sh https://host:port/xregistry?wsdl, type ? for help.
GlobalContext context = new GlobalContext(true); //For Generel Client DocumentRegistryClient client = new DocumentRegistryClient(context,regsitryURL); ....... //For Admin Client AdminClient client = new AdminClient(context,regsitryURL); .....
Gfac User Guide contains more information about sharing document using GFac portlets
Groups and users can be edited and documents can be shared using portlrt interface provide by Gfac. Please refer to Gfac User Guide for installation instructions for the portlet.
Groups can be edited using "EditGroup" button which will yield following screen
Left most column shows the actors (User or Group) included in current group and they can be added and actors can be added or removed from right hand columns.You must click update Capability button to make your changes permanent.
Copyright © 2002-2007 The Trustees of Indiana University. All rights Reserved.