Bug 5966 – refactor blacklist implementation in GS4GT

Bug 5966 - refactor blacklist implementation in GS4GT

Summary:

refactor blacklist implementation in GS4GT

Status:	RESOLVED FIXED

Product:	GridShib
Component:	GT plugin
Version:	unspecified
Platform:	All All

Importance:	P3 normal
Target Milestone:	beta
Assigned To:	Tom Scavo

URL:
Keywords:

Depends on:	5791 6179
Blocks:	6167 6332
	Show dependency tree / graph

Reported:	2008-03-30 19:51 by Tom Scavo
Modified:	2008-07-30 20:21 (History)

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note

You need to log in before you can comment on or make changes to this bug.

Description From Tom Scavo 2008-03-30 19:51:46

In Bug 5960, we implemented a blacklist of principal name identifiers, which
was released with GS4GTv0.6.0.  A fairly complete list of changes made to GS4GT
at that time is included below.

The notes in parentheses are things that need to be done in a subsequent
version of GS-ST (Bug 5965).  Once that's done, a new gridshib-common*.jar
needs to be integrated into GS4GT.  This will require some refactoring at each
of the touch points indicated below.

--------------------------
SAMLPrincipal:
- extends org.globus.gsi.jaas.SimplePrincipal
- (move this class to GS-ST)

AttributeAcceptancePIPImpl:
- if a SAMLIdentity is trusted, create a SAMLPrincipal
- (push this functionality back into GS-ST)

GS4GTSecurityContext:
- implement getGlobusPrincipal() method
- implement getSAMLPrincipals() method
- (push getSAMLPrincipals() method into GS-ST)
- remove unused getUsernames() method
- implement getUserNamePrincipals() method
- remove redundant toString() method
- refactor toString(boolean) method
- (move most of toString(boolean) to SAMLSecurityContext)

SAMLBlacklistPDPImpl:
- check IP address
- check all SAMLPrincipals
- check GlobusPrincipal

GS4GTSecurityContextLogger:
- log GlobusPrincipal
- log SAMLPrincipals
- (push logging of SAMLPrincipals into GS-ST)
- log UserNamePrincipals
- implement (redundant) quote(String) method
- (make SecurityContextLogger.quote(String) public)

------- Comment #1 From Tom Scavo 2008-06-28 21:21:52 -------

The blacklist implementation has been refactored and tested.

------- Comment #2 From Tom Scavo 2008-07-11 13:26:47 -------

Allow blacklisting based on identity attributes.

------- Comment #3 From Tom Scavo 2008-07-23 14:04:57 -------

(In reply to comment #1)
> The blacklist implementation has been refactored and tested.

Affected source files have been committed to CVS HEAD.  This patch will be
distributed with GS4GT v0.6.1.

------- Comment #4 From Tom Scavo 2008-07-29 16:37:14 -------

(In reply to comment #2)
> Allow blacklisting based on identity attributes.

Do the following:

0. Create interceptors/java/source/share/identity-attributes.txt
1. Deploy identity-attributes.txt into $G_L/share
2. Dynamically create gridshib-bootstrap.properties
3. Remove call to GS4GTSecurityContext.init() from SAMLAssertionPushPIPImpl
4. Test blacklisting of e-mail addresses

------- Comment #5 From Tom Scavo 2008-07-29 16:45:47 -------

(In reply to comment #4)
> 
> 0. Create interceptors/java/source/share/identity-attributes.txt

##### BEGIN identity-attributes.txt
# Identity Attributes
#
# By definition, the value(s) of identity attributes are 
# globally unique identifiers for the user.
#
# Since this implementation is restricted to string-valued
# attributes, the value(s) of trusted identity attributes 
# are globally unique SAML principal names.  In GridShib
# for GT, the latter are used to implement a simple, flat 
# file-based blacklisting framework.  In other words, the
# value(s) of trusted identity attributes are blacklistable.

# FriendlyName="eduPersonPrincipalName"
urn:oid:1.3.6.1.4.1.5923.1.1.1.6

# FriendlyName="mail"
urn:mace:dir:attribute-def:mail
urn:oid:0.9.2342.19200300.100.1.3
##### END identity-attributes.txt

> 1. Deploy identity-attributes.txt into $G_L/share

Modified interceptors/java/source/build.xml and committed to CVS HEAD.

------- Comment #6 From Tom Scavo 2008-07-29 18:10:34 -------

(In reply to comment #4)
> 
> 3. Remove call to GS4GTSecurityContext.init() from SAMLAssertionPushPIPImpl

Created a separate bug entry (Bug 6269) for this configuration change.

------- Comment #7 From Tom Scavo 2008-07-29 21:19:37 -------

(In reply to comment #4)
> 
> 2. Dynamically create gridshib-bootstrap.properties

Modified interceptors/java/source/build.xml and committed to CVS HEAD.

------- Comment #8 From Tom Scavo 2008-07-30 20:17:59 -------

Changed the name of config parameter "blacklistNameIdentifiersFile" to
"blacklistPrincipalNamesFile".  This breaks backward compatibility but I feel
it's necessary as we roll out GS4GT in CTSS4.  This change will be more
difficult to swallow moving forward.

Patched the EchoService config and the docbook docs.  This patch will be rolled
out in GS4GT v0.6.1.

------- Comment #9 From Tom Scavo 2008-07-30 20:21:28 -------

Tested the new blacklist framework and committed all resources to CVS HEAD. 
This feature will be rolled out in GS4GT v0.6.1.