Скачать презентацию THE US NATIONAL VIRTUAL OBSERVATORY VOStore a Java Скачать презентацию THE US NATIONAL VIRTUAL OBSERVATORY VOStore a Java

95b811b1ceb436ea16a7af0c8698481c.ppt

  • Количество слайдов: 19

THE US NATIONAL VIRTUAL OBSERVATORY VOStore: a Java implementation Matthew J. Graham CACR/Caltech NVO THE US NATIONAL VIRTUAL OBSERVATORY VOStore: a Java implementation Matthew J. Graham CACR/Caltech NVO Team Meeting - Tucson 25 Apr 2005 1

Overview • Java webapp: – $TOMCAT_HOME/webapps/vostore • Embedded AXIS to handle WS: – $TOMCAT_HOME/webapps/vostore/services Overview • Java webapp: – $TOMCAT_HOME/webapps/vostore • Embedded AXIS to handle WS: – $TOMCAT_HOME/webapps/vostore/services • Embedded Sleepycat Berkeley DB (JE) • Embedded Jakarta Slide to handle Web. DAV: – $TOMCAT_HOME/webapps/vostore/webdav • WCK to handle relational db stores • WSS 4 J to handle WS-Security NVO Team Meeting - Tucson 25 Apr 2005 2

WSDL specification • • • revisions get. Availability formats: FILE, CSV transports: SOAP-ATTACHMENT, WEBDAV WSDL specification • • • revisions get. Availability formats: FILE, CSV transports: SOAP-ATTACHMENT, WEBDAV put(id, format, transport) VOStore. Response get(id, format, transport) VOStore. Response list. All VOStore. Descriptor[] list VOStore. Descriptor[] rename delete NVO Team Meeting - Tucson 25 Apr 2005 3

Store. Descriptor • • • identifier creation. Date modification. Date owner: DN format: • Store. Descriptor • • • identifier creation. Date modification. Date owner: DN format: • • • } location parent children is. Folder is. Stored } VOStore. Descriptor – FILE, CSV, WEBDAV-FOLDER, WEBDAV-RESOURCE NVO Team Meeting - Tucson 25 Apr 2005 4

Web. DAV • A set of extensions to HTTP to support: – Locking – Web. DAV • A set of extensions to HTTP to support: – Locking – Properties – Namespace management • Verbs: – – – PROPFIND MKCOL PUT MOVE UNLOCK SEARCH – – – Collections – Access control – Versioning PROPPATCH DELETE COPY LOCK OPTIONS NVO Team Meeting - Tucson 25 Apr 2005 5

Identifier-location mapping ivoa: // nvo. caltech / my. Data # 1 http: //localhost: 8080/vostore/webdav Identifier-location mapping ivoa: // nvo. caltech / my. Data # 1 http: //localhost: 8080/vostore/webdav Format = FILE /files/abcdef 12 -abcdef 12 Format = CSV /db/nvo_caltech_my. Data_1 NVO Team Meeting - Tucson 25 Apr 2005 6

Relational db stores • http: //…/db/nvo_caltech_my. Data_1 – open JDBC connection to db – Relational db stores • http: //…/db/nvo_caltech_my. Data_1 – open JDBC connection to db – drop table nvo_caltech_my. Data_1 – create table nvo_caltech_my. Data_1: • #Names: col 1, col 2, … • #Formats: varchar(20) – insert into nvo_caltech_my. Data_1 values (…) NVO Team Meeting - Tucson 25 Apr 2005 7

Security (I) • Certificate request: – Country – Organization – State – Unit – Security (I) • Certificate request: – Country – Organization – State – Unit – City – Name – Email -----BEGIN CERTIFICATE REQUEST----MIIBWTCCAQMCAQAwg. Z 0 x. Cz. AJBg. NVBAYTAl. VTMRMw. EQYDVQQIEwp. DYWxp. Zm 9 ybmlh MREw. Dw. YDVQQHEwh. QYXNh. ZGVu. YTEQMA 4 GA 1 UECh. MHQ 2 Fsd. GVja. DEVMBMGA 1 UECx. MM QXN 0 cm 9 wa. Hlza. WNz. MRcw. FQYDVQQDEw 5 NYXR 0 a. GV 3 IEdy. YWhhb. TEk. MCIGCSq. GSIb 3 DQEJARYVb. Wpn. QGFzd. HJv. Lm. Nhb. HRl. Y 2 gu. ZWR 1 MFww. DQYJKo. ZIhvc. NAQEBBQADSw. Aw SAJBANWUb. Vn. Z+kb. Wyc. Oc. Wi. ICv. OZaj. Kyh. GFQhz. Ok 5 mbc 9 Uc. CYha 9 Kkdzx. Zqtv. Yslt 8+/m 6 x. C 2 qv. Q+n. NSLo 8 TKc 0 a. Jv. AECAw. EAAa. AAMA 0 GCSq. GSIb 3 DQEBBAUAA 0 EAr. AHt lt 0 r. Lh. Se 0 IPuft 5 h 3 d. Nrd. ASOq. LCT 49 Lhdq+4 In 62 NZFum 8 Ks 3 d. Eyk. Mjhon 92 Nju. Q z. QB 6 F 3 ipro+y. CTp. UOA== -----END CERTIFICATE REQUEST----- NVO Team Meeting - Tucson 25 Apr 2005 8

Security (II) • X. 509 certificate (PEM): -----BEGIN CERTIFICATE----MIICFDCCAb 4 CAQcw. DQYJKo. ZIhvc. NAQEEBQAwg. Security (II) • X. 509 certificate (PEM): -----BEGIN CERTIFICATE----MIICFDCCAb 4 CAQcw. DQYJKo. ZIhvc. NAQEEBQAwg. Ysx. Cz. AJBg. NVBAYTAl. VTMRMw. EQYD VQQIEwp. DYWxp. Zm 9 ybmlh. MREw. Dw. YDVQQHEwh. QYXNh. ZGVu. YTEQMA 4 GA 1 UECh. MHQ 2 Fs d. GVja. DENMAs. GA 1 UECx. MEQ 0 FDUj. EOMAw. GA 1 UEAx. MFQ 2 ly. Y 2 Ux. Iz. Ah. Bgkqhki. G 9 w 0 B CQEWFG 1 q. Z 0 Bj. YWNy. Lm. Nhb. HRl. Y 2 gu. ZWR 1 MB 4 XDTA 1 MDQy. MTIx. NTky. NVo. XDTA 1 MDUy MTIx. NTky. NVowg. Z 0 x. Cz. AJBg. NVBAYTAl. VTMRMw. EQYDVQQIEwp. DYWxp. Zm 9 ybmlh. MREw Dw. YDVQQHEwh. QYXNh. ZGVu. YTEQMA 4 GA 1 UECh. MHQ 2 Fsd. GVja. DEVMBMGA 1 UECx. MMQXN 0 cm 9 wa. Hlza. WNz. MRcw. FQYDVQQDEw 5 NYXR 0 a. GV 3 IEdy. YWhhb. TEk. MCIGCSq. GSIb 3 DQEJ ARYVb. Wpn. QGFzd. HJv. Lm. Nhb. HRl. Y 2 gu. ZWR 1 MFww. DQYJKo. ZIhvc. NAQEBBQADSw. Aw. SAJB ANWUb. Vn. Z+kb. Wyc. Oc. Wi. ICv. OZaj. Kyh. GFQhz. Ok 5 mbc 9 Uc. CYha 9 Kkdzx. Zqtv. Yslt 8+/m 6 x. C 2 qv. Q+n. NSLo 8 TKc 0 a. Jv. AECAw. EAATANBgkqhki. G 9 w 0 BAQQFAANBACwi. M 3 r+07/i Zfi. Ir. F 7 YPEC 1 Eml+k+5 esbbz. Obl/Oya. SHr. USP 0 x. YM 12 fu. Fi. BSVMmw. U 9 Nly. LCNDHn M 8 d. Wn. FTIDy. I= -----END CERTIFICATE----- NVO Team Meeting - Tucson 25 Apr 2005 9

Security (III) • X. 509 certificate (PEM) cont. : Owner: EMAILADDRESS=mjg@astro. caltech. edu, CN=Matthew Security (III) • X. 509 certificate (PEM) cont. : Owner: [email protected]. caltech. edu, CN=Matthew Graham, OU=Astrophysics, O=Caltech, L=Pasadena, ST=California, C=US Issuer: [email protected]. caltech. edu, CN=Circe, OU=CACR, O=Caltech, L=Pasadena, ST=California, C=US Serial number: 7 Valid from: Thu Apr 21 14: 59: 25 PDT 2005 until: Sat May 21 14: 59: 25 PDT 2005 Certificate fingerprints: MD 5: C 0: 00: 75: FC: D 2: 7 A: BE: B 1: 35: 2 D: 31: 53: 3 B: 27: 9 D: 01 SHA 1: 50: 9 C: 96: 4 B: 14: D 3: 0 B: 72: 3 F: 49: CC: 99: E 2: 3 A: B 7: 45: FE: D 5: F 2: 24 • X. 509 certificate (PKCS 12) NVO Team Meeting - Tucson 25 Apr 2005 10

WS-Security (I) • Digitally sign SOAP messages with X. 509 certificate: <? xml version= WS-Security (I) • Digitally sign SOAP messages with X. 509 certificate: MIICFDCCAb 4 CAQcw. DQYJKo. ZIhvc. NAQEEBQAwg. Ysx. Cz. AJBg. NVBAYTAl. VTMRMw. EQYDVQQIEwp. DYW xp Zm 9 ybmlh. MREw. Dw. YDVQQHEwh. QYXNh. ZGVu. YTEQMA 4 GA 1 UECh. MHQ 2 Fsd. GVja. DENMAs. GA 1 UECx. MEQ 0 FD Uj. EOMAw. GA 1 UEAx. MFQ 2 ly. Y 2 Ux. Iz. Ah. Bgkqhki. G 9 w 0 BCQEWFG 1 q. Z 0 Bj. YWNy. Lm. Nhb. HRl. Y 2 gu. ZWR 1 MB 4 X DTA 1 MDQy. MTIx. NTky. NVo. XDTA 1 MDUy. MTIx. NTky. NVowg. Z 0 x. Cz. AJBg. NVBAYTAl. VTMRMw. EQYDVQQIEwp. D YWxp. Zm 9 ybmlh. MREw. Dw. YDVQQHEwh. QYXNh. ZGVu. YTEQMA 4 GA 1 UECh. MHQ 2 Fsd. GVja. DEVMBMGA 1 UECx. MM QXN 0 cm 9 wa. Hlza. WNz. MRcw. FQYDVQQDEw 5 NYXR 0 a. GV 3 IEdy. YWhhb. TEk. MCIGCSq. GSIb 3 DQEJARYVb. Wpn QGFzd. HJv. Lm. Nhb. HRl. Y 2 gu. ZWR 1 MFww. DQYJKo. ZIhvc. NAQEBBQADSw. Aw. SAJBANWUb. Vn. Z+kb. Wyc. Oc. Wi. IC v. OZaj. Kyh. GFQhz. Ok 5 mbc 9 Uc. CYha 9 Kkdzx. Zqtv. Yslt 8+/m 6 x. C 2 qv. Q+n. NSLo 8 TKc 0 a. Jv. AECAw. EAATAN Bgkqhki. G 9 w 0 BAQQFAANBACwi. M 3 r+07/i. Zfi. Ir. F 7 YPEC 1 Eml+k+5 esbbz. Obl/Oya. SHr. USP 0 x. YM 12 f u. Fi. BSVMmw. U 9 Nly. LCNDHn. M 8 d. Wn. FTIDy. I= NVO Team Meeting - Tucson 25 Apr 2005 11

WS-Security (II): /j 0+BLme 8 m. Kux. Ved 9 e. XCNn. Sm. ZBU= m 8 z 0 ODW 17 ynpov. U 0 tn 13 WD 5 byd 41 ce. Pcoa. Fa. TKz. S+9 z 3 RSB 6 vc. E 2 Sjb 50 fht. O 75 Uuu+8 JM 9 HUBm. D AFWJ 7 Tz 3 zg== ivoa: //nvo. caltech/my. Data#1 WEBDAVCSV NVO Team Meeting - Tucson 25 Apr 2005 12

WSS 4 J: Client public VOStore. Test. Secure. Client() { Engine. Configuration config = WSS 4 J: Client public VOStore. Test. Secure. Client() { Engine. Configuration config = new File. Provider("client_deploy. wsdd"); VOStore. Locator loc = new VOStore. Locator(config); Stub axis. Port = (Stub) loc. get. Port(VOStore. Soap. class); axis. Port. _set. Property(WSHandler. Constants. ACTION, WSHandler. Constants. SIGNATURE); axis. Port. _set. Property(WSHandler. Constants. SIG_PROP_FILE, "client_crypto. properties"); axis. Port. _set. Property(WSHandler. Constants. USER, "mjg-cert"); axis. Port. _set. Property(WSHandler. Constants. PW_CALLBACK_CLASS, "net. ivoa. vospace. client. PWCallback"); axis. Port. _set. Property(WSHandler. Constants. SIG_KEY_ID, "Direct. Reference"); service = (VOStore. Soap. Stub) axis. Port; NVO Team Meeting - Tucson 25 Apr 2005 13

WSS 4 J: Server public String get. User() { Message. Context context = Message. WSS 4 J: Server public String get. User() { Message. Context context = Message. Context. get. Current. Context(); Vector recv. Results = (Vector) context. get. Property(WSHandler. Constants. RECV_RESULTS); WSHandler. Result result = (WSHandler. Result) recv. Results. get(0); Vector results = result. get. Results(); WSSecurity. Engine. Result wsse. Result = (WSSecurity. Engine. Result) results. get(0); String DN = wsse. Result. get. Principal(). get. Name(); String user = DN. substring(13, DN. index. Of(', ')); NVO Team Meeting - Tucson 25 Apr 2005 14

Secure Web. DAV • Server: <Connector port=” 8443 Secure Web. DAV • Server: • Client: Protocol. register. Protocol("https", new SSLCert. Socket. Factory("ca. pem", "client. p 12"), 443)); Http. URL hrl = new Https. URL(“localhost", 8443, "/webdav"); Webdav. Resource wdr = new Webdav. Resource(hrl); NVO Team Meeting - Tucson 25 Apr 2005 15

Attachments: Client • Put: Data. Handler attachment. File = new Data. Handler(new File. Data. Attachments: Client • Put: Data. Handler attachment. File = new Data. Handler(new File. Data. Source("test. fits")); service. _set. Property(Call. ATTACHMENT_ENCAPSULATION_FORMAT, Call. ATTACHMENT_ENCAPSULATION_FORMAT_DIME); service. add. Attachment(attachment. File); • Get: Object[] message. Attachments = service. get. Attachments(); Attachment. Part attachment = (Attachment. Part) message. Attachments[0]; Data. Handler dh = attachment. get. Data. Handler(); Input. Stream is = dh. get. Input. Stream(); NVO Team Meeting - Tucson 25 Apr 2005 16

Attachments: Server • Adding: File. Data. Source fds = new File. Data. Source(temp. File); Attachments: Server • Adding: File. Data. Source fds = new File. Data. Source(temp. File); Attachment. Part reply. Attachment = new Attachment. Part(new Data. Handler(fds)); Message. Context context = Message. Context. get. Current. Context(); Message resp. Msg = context. get. Response. Message(); resp. Msg. get. Attachments. Impl(). set. Send. Type(Attachments. SEND_TYPE_DIM E); resp. Msg. add. Attachment. Part(reply. Attachment); • Retrieving: Message. Context context = Message. Context. get. Current. Context(); Message req. Msg = context. get. Request. Message(); Attachments message. Attachments = req. Msg. get. Attachments. Impl(); NVO Team Meeting - Tucson 25 Apr 2005 17

Interoperability • C#: – WSE 2. 0 – WSRF. Net • Perl : – Interoperability • C#: – WSE 2. 0 – WSRF. Net • Perl : – DIME-based attachments not yet fully functional in SOAP: : Lite – WS-Security will be supported by WSRF: : Lite (but not yet) – HTTP: : Webdav/Perl. DAV • Python: – ZSI – py. Grid. Ware – Python DAV client library NVO Team Meeting - Tucson 25 Apr 2005 18

What next? • VOTable and FITS binary table parsers • SRB for bulk data What next? • VOTable and FITS binary table parsers • SRB for bulk data transfers • SAML tokens NVO Team Meeting - Tucson 25 Apr 2005 19