Скачать презентацию THE US NATIONAL VIRTUAL OBSERVATORY VOStore a Java
95b811b1ceb436ea16a7af0c8698481c.ppt
- Количество слайдов: 19
THE US NATIONAL VIRTUAL OBSERVATORY VOStore: a Java implementation Matthew J. Graham CACR/Caltech NVO Team Meeting - Tucson 25 Apr 2005 1
Overview • Java webapp: – $TOMCAT_HOME/webapps/vostore • Embedded AXIS to handle WS: – $TOMCAT_HOME/webapps/vostore/services • Embedded Sleepycat Berkeley DB (JE) • Embedded Jakarta Slide to handle Web. DAV: – $TOMCAT_HOME/webapps/vostore/webdav • WCK to handle relational db stores • WSS 4 J to handle WS-Security NVO Team Meeting - Tucson 25 Apr 2005 2
WSDL specification • • • revisions get. Availability formats: FILE, CSV transports: SOAP-ATTACHMENT, WEBDAV put(id, format, transport) VOStore. Response get(id, format, transport) VOStore. Response list. All VOStore. Descriptor[] list VOStore. Descriptor[] rename delete NVO Team Meeting - Tucson 25 Apr 2005 3
Store. Descriptor • • • identifier creation. Date modification. Date owner: DN format: • • • } location parent children is. Folder is. Stored } VOStore. Descriptor – FILE, CSV, WEBDAV-FOLDER, WEBDAV-RESOURCE NVO Team Meeting - Tucson 25 Apr 2005 4
Web. DAV • A set of extensions to HTTP to support: – Locking – Properties – Namespace management • Verbs: – – – PROPFIND MKCOL PUT MOVE UNLOCK SEARCH – – – Collections – Access control – Versioning PROPPATCH DELETE COPY LOCK OPTIONS NVO Team Meeting - Tucson 25 Apr 2005 5
Identifier-location mapping ivoa: // nvo. caltech / my. Data # 1 http: //localhost: 8080/vostore/webdav Format = FILE /files/abcdef 12 -abcdef 12 Format = CSV /db/nvo_caltech_my. Data_1 NVO Team Meeting - Tucson 25 Apr 2005 6
Relational db stores • http: //…/db/nvo_caltech_my. Data_1 – open JDBC connection to db – drop table nvo_caltech_my. Data_1 – create table nvo_caltech_my. Data_1: • #Names: col 1, col 2, … • #Formats: varchar(20) – insert into nvo_caltech_my. Data_1 values (…) NVO Team Meeting - Tucson 25 Apr 2005 7
Security (I) • Certificate request: – Country – Organization – State – Unit – City – Name – Email -----BEGIN CERTIFICATE REQUEST----MIIBWTCCAQMCAQAwg. Z 0 x. Cz. AJBg. NVBAYTAl. VTMRMw. EQYDVQQIEwp. DYWxp. Zm 9 ybmlh MREw. Dw. YDVQQHEwh. QYXNh. ZGVu. YTEQMA 4 GA 1 UECh. MHQ 2 Fsd. GVja. DEVMBMGA 1 UECx. MM QXN 0 cm 9 wa. Hlza. WNz. MRcw. FQYDVQQDEw 5 NYXR 0 a. GV 3 IEdy. YWhhb. TEk. MCIGCSq. GSIb 3 DQEJARYVb. Wpn. QGFzd. HJv. Lm. Nhb. HRl. Y 2 gu. ZWR 1 MFww. DQYJKo. ZIhvc. NAQEBBQADSw. Aw SAJBANWUb. Vn. Z+kb. Wyc. Oc. Wi. ICv. OZaj. Kyh. GFQhz. Ok 5 mbc 9 Uc. CYha 9 Kkdzx. Zqtv. Yslt 8+/m 6 x. C 2 qv. Q+n. NSLo 8 TKc 0 a. Jv. AECAw. EAAa. AAMA 0 GCSq. GSIb 3 DQEBBAUAA 0 EAr. AHt lt 0 r. Lh. Se 0 IPuft 5 h 3 d. Nrd. ASOq. LCT 49 Lhdq+4 In 62 NZFum 8 Ks 3 d. Eyk. Mjhon 92 Nju. Q z. QB 6 F 3 ipro+y. CTp. UOA== -----END CERTIFICATE REQUEST----- NVO Team Meeting - Tucson 25 Apr 2005 8
Security (II) • X. 509 certificate (PEM): -----BEGIN CERTIFICATE----MIICFDCCAb 4 CAQcw. DQYJKo. ZIhvc. NAQEEBQAwg. Ysx. Cz. AJBg. NVBAYTAl. VTMRMw. EQYD VQQIEwp. DYWxp. Zm 9 ybmlh. MREw. Dw. YDVQQHEwh. QYXNh. ZGVu. YTEQMA 4 GA 1 UECh. MHQ 2 Fs d. GVja. DENMAs. GA 1 UECx. MEQ 0 FDUj. EOMAw. GA 1 UEAx. MFQ 2 ly. Y 2 Ux. Iz. Ah. Bgkqhki. G 9 w 0 B CQEWFG 1 q. Z 0 Bj. YWNy. Lm. Nhb. HRl. Y 2 gu. ZWR 1 MB 4 XDTA 1 MDQy. MTIx. NTky. NVo. XDTA 1 MDUy MTIx. NTky. NVowg. Z 0 x. Cz. AJBg. NVBAYTAl. VTMRMw. EQYDVQQIEwp. DYWxp. Zm 9 ybmlh. MREw Dw. YDVQQHEwh. QYXNh. ZGVu. YTEQMA 4 GA 1 UECh. MHQ 2 Fsd. GVja. DEVMBMGA 1 UECx. MMQXN 0 cm 9 wa. Hlza. WNz. MRcw. FQYDVQQDEw 5 NYXR 0 a. GV 3 IEdy. YWhhb. TEk. MCIGCSq. GSIb 3 DQEJ ARYVb. Wpn. QGFzd. HJv. Lm. Nhb. HRl. Y 2 gu. ZWR 1 MFww. DQYJKo. ZIhvc. NAQEBBQADSw. Aw. SAJB ANWUb. Vn. Z+kb. Wyc. Oc. Wi. ICv. OZaj. Kyh. GFQhz. Ok 5 mbc 9 Uc. CYha 9 Kkdzx. Zqtv. Yslt 8+/m 6 x. C 2 qv. Q+n. NSLo 8 TKc 0 a. Jv. AECAw. EAATANBgkqhki. G 9 w 0 BAQQFAANBACwi. M 3 r+07/i Zfi. Ir. F 7 YPEC 1 Eml+k+5 esbbz. Obl/Oya. SHr. USP 0 x. YM 12 fu. Fi. BSVMmw. U 9 Nly. LCNDHn M 8 d. Wn. FTIDy. I= -----END CERTIFICATE----- NVO Team Meeting - Tucson 25 Apr 2005 9
Security (III) • X. 509 certificate (PEM) cont. : Owner: [email protected]. caltech. edu, CN=Matthew Graham, OU=Astrophysics, O=Caltech, L=Pasadena, ST=California, C=US Issuer: [email protected]. caltech. edu, CN=Circe, OU=CACR, O=Caltech, L=Pasadena, ST=California, C=US Serial number: 7 Valid from: Thu Apr 21 14: 59: 25 PDT 2005 until: Sat May 21 14: 59: 25 PDT 2005 Certificate fingerprints: MD 5: C 0: 00: 75: FC: D 2: 7 A: BE: B 1: 35: 2 D: 31: 53: 3 B: 27: 9 D: 01 SHA 1: 50: 9 C: 96: 4 B: 14: D 3: 0 B: 72: 3 F: 49: CC: 99: E 2: 3 A: B 7: 45: FE: D 5: F 2: 24 • X. 509 certificate (PKCS 12) NVO Team Meeting - Tucson 25 Apr 2005 10
WS-Security (I) • Digitally sign SOAP messages with X. 509 certificate:
WSS 4 J: Client public VOStore. Test. Secure. Client() { Engine. Configuration config = new File. Provider("client_deploy. wsdd"); VOStore. Locator loc = new VOStore. Locator(config); Stub axis. Port = (Stub) loc. get. Port(VOStore. Soap. class); axis. Port. _set. Property(WSHandler. Constants. ACTION, WSHandler. Constants. SIGNATURE); axis. Port. _set. Property(WSHandler. Constants. SIG_PROP_FILE, "client_crypto. properties"); axis. Port. _set. Property(WSHandler. Constants. USER, "mjg-cert"); axis. Port. _set. Property(WSHandler. Constants. PW_CALLBACK_CLASS, "net. ivoa. vospace. client. PWCallback"); axis. Port. _set. Property(WSHandler. Constants. SIG_KEY_ID, "Direct. Reference"); service = (VOStore. Soap. Stub) axis. Port; NVO Team Meeting - Tucson 25 Apr 2005 13
WSS 4 J: Server public String get. User() { Message. Context context = Message. Context. get. Current. Context(); Vector recv. Results = (Vector) context. get. Property(WSHandler. Constants. RECV_RESULTS); WSHandler. Result result = (WSHandler. Result) recv. Results. get(0); Vector results = result. get. Results(); WSSecurity. Engine. Result wsse. Result = (WSSecurity. Engine. Result) results. get(0); String DN = wsse. Result. get. Principal(). get. Name(); String user = DN. substring(13, DN. index. Of(', ')); NVO Team Meeting - Tucson 25 Apr 2005 14
Secure Web. DAV • Server:
Attachments: Client • Put: Data. Handler attachment. File = new Data. Handler(new File. Data. Source("test. fits")); service. _set. Property(Call. ATTACHMENT_ENCAPSULATION_FORMAT, Call. ATTACHMENT_ENCAPSULATION_FORMAT_DIME); service. add. Attachment(attachment. File); • Get: Object[] message. Attachments = service. get. Attachments(); Attachment. Part attachment = (Attachment. Part) message. Attachments[0]; Data. Handler dh = attachment. get. Data. Handler(); Input. Stream is = dh. get. Input. Stream(); NVO Team Meeting - Tucson 25 Apr 2005 16
Attachments: Server • Adding: File. Data. Source fds = new File. Data. Source(temp. File); Attachment. Part reply. Attachment = new Attachment. Part(new Data. Handler(fds)); Message. Context context = Message. Context. get. Current. Context(); Message resp. Msg = context. get. Response. Message(); resp. Msg. get. Attachments. Impl(). set. Send. Type(Attachments. SEND_TYPE_DIM E); resp. Msg. add. Attachment. Part(reply. Attachment); • Retrieving: Message. Context context = Message. Context. get. Current. Context(); Message req. Msg = context. get. Request. Message(); Attachments message. Attachments = req. Msg. get. Attachments. Impl(); NVO Team Meeting - Tucson 25 Apr 2005 17
Interoperability • C#: – WSE 2. 0 – WSRF. Net • Perl : – DIME-based attachments not yet fully functional in SOAP: : Lite – WS-Security will be supported by WSRF: : Lite (but not yet) – HTTP: : Webdav/Perl. DAV • Python: – ZSI – py. Grid. Ware – Python DAV client library NVO Team Meeting - Tucson 25 Apr 2005 18
What next? • VOTable and FITS binary table parsers • SRB for bulk data transfers • SAML tokens NVO Team Meeting - Tucson 25 Apr 2005 19
