local interface CSIArgBuilder
inherits from SL3AQArgs::GenericArgBuilder
An object of this interface is created by the Argument Factory Object.
It aids in creating the Credentials Acquisition Argument for
CSI based Credentials.
void addATLASCache(in ATLASCache::AuthTokenCache cache);This operation adds an already existing ATLASCache as an acquisition argument. This is used in the case where an externalized cache is to be used. If a cache is not explicitly added to the argument, then a new cache will be created by the Credentials Curator.
void addATLASObject(in ATLAS::ATLASCacheId cache_id,
in ATLAS::AuthTokenDispenser token_dispenser,
in boolean supports_delegation_by_client,
in boolean requires_delegation_by_client,
in SL3Authorization::TokenProcessor token_processor);
This operation adds an ATLAS to your CSI Credentials.
ATLAS is the Authorization Token Layer Acquisition Service.
Each ATLAS represents a specific Authorization context, and
is used to give your clients the ability to "log" in, and
present credentials (i.e. an Authorization Token) for which
to work the requests. It also gives the ability for clients
to cache the tokens, so performance will be better.
None of the arguments can be null.
The cache_id is the caching Id, according to the ATLAS specification which must be unique to this authorization context, amongst all other authorization contexts. If you do not have a cache id, then this argument should be an empty octet sequence.
The token_dispenser is the ATLAS AuthTokenDispenser interface. This cannot be a "local" object.
The supports_delegation_by_client and requires_delegation_by_client arguments tell the client the way in which it will use the ATLAS. This information gets put in the ATLAS Profile, which is put in the IOR of the objects associated with the credentials.
The token_processor is the "sister" to the ATLAS, as it understands the tokens that the ATLAS ships out to clients. It is specific to the Authorization context. It may be a local object, but also can make remote calls.
void addEncodedQuotedPrincipal(in SecurityLevel3::IdentityStatement identity);This operation causes the creation credentials that have a "quoted" principal. CSI Credentials of this type will assert the particular identity to a server.
void addLocalTrustInServerDecider(in Trust::LocalTrustInServerDecider trust_decider);This operation places a user defined Trust Decider in the acquisition argument.
void addNamedQuotedPrincipal(in SecurityLevel3::PrincipalName principal_name);This operation causes the creation credentials that have a "quoted" principal. CSI Credentials of this type will assert the particular principal name to a server.
void addSetNoLocalCache();This operation explicitly disables caching of ATLAS tokens. This is used in the case where CSI credentials are needed in order to communicate with an external cache. If cacheing were enabled in this case, then there would be a cache for the cache, which gets recursively messy.
void addTransportCredentialsAQArgs(in TransportSecurity::MechanismId mechanism_id,
in TransportSecurity::AcquisitionMethod acquisition_method,
in any acquisition_arguments);
This operation causes CSI Credentials to be created
over a particular transport as if you created the
transport credentials using the
TransportSecurity::CredentialsCurator and used the
addUseTransportCredentials operation of this object.
void addUseTransportCredentials(in TransportSecurity::OwnCredentials credentials);This operation causes CSI Credentials to be created over a particular transport credentials that have already been created by using the TransportSecurity::CredentialsCurator.
void addUserPasswordCAGenerator(in UserPassword::PasswordGenerator generator);This operation places a user defined Password Generator in the acquisition argument.
void addUserPasswordCAProcessor(in UserPassword::PasswordProcessor processor);This operation places a user defined Password Processor in the acquisition argument.