perfsonar development work

[Jason Zurawski <>]

Cándido;

> > Specifically... Will this need to 'ride' along within the context of 
> > other messages? Or is this only within the context of a service 
> > communicating with the AS? (If it needs to 'ride along' it would 
> > argue for perhaps actually using the SOAP headers, or perhaps message 
> > parameters.)
>
> It's only within the context of a service communicating with the AS. I 
> though that I can include it inside the SOAP headers but I don't think 
> it's the right place because it's not information about the message 
> but it's the query that the service want to send to the AS.
> The request that I'm trying to define is the authorization request 
> from a perfSONAR service to an AS. And I want to send a message like 
> the following:
> <nmwg:message id="authRMessage1" type="AuthNEERequest" 
> xmlns:nmwg="http://ggf.org/ns/nmwg/base/2.0/";>
>                <nmwg:metadata id="authRMetadata">
>                    <nmwg:parameters id="keys">
>                        <nmwg:parameter 
> name="SecurityToken">XXXXXXX</nmwg:parameter>
>                    </nmwg:parameters>
>                </nmwg:metadata>
>                <nmwg:data id="authN1" metadataIdRef="authRMetadata">
>                    <Request>
> .
> .
> .
>                    </Request>
>                </nmwg:data>
>  </nmwg:message>


Is there anything else that would go inside of the metadata element 
other than the security token parameter?  The only reason I ask is that 
I want to make sure the interaction is modeled correctly (e.g. is the 
request element that you currently have in the data itself more of the 
'subject', or is it tied [perhaps indirectly] to the token).  If the 
request itself is the 'subject' or 'source', I would argue that it makes 
more sense to live in the metadata, perhaps inside of a subject element 
(aa:subject or something). 


> And the response, it'd be very similar to the authentication response:
> <nmwg:message id="authRMessage1_resp" messageIdRef="authRMessage1" 
> type="AuthREEResponse" xmlns:nmwg="http://ggf.org/ns/nmwg/base/2.0/";>
>        <nmwg:metadata 
> id="localhost.localdomain.2c534c44:114b3c44663:-7fcd">
>            <nmwg:eventType>XXXXXXX</nmwg:eventType>
>        </nmwg:metadata>
>        <nmwg:data 
> id="localhost.localdomain.2c534c44:114b3c44663:-7fcc" 
> metadataIdRef="localhost.localdomain.2c534c44:114b3c44663:-7fcd"/>
>    </nmwg:message>


I don't have much experience with the AA messages, but if this is all 
that you require then it looks fine (it seems rather sparse, but sparse 
is good sometimes). 

-jason


> So, is there any place where I can put the <Request> element inside a 
> nmwg message?
>
> Thanks for your help!
>
> > jeff
> >
> > On May 9, 2008, at 5:35 AM, Jason Zurawski wrote:
> >
> > > Cándido;
> > >
> > > > I need to include a XACML request inside the authorization request 
> > > > that I'm trying to define right now. That XACML request is 
> > > > something like:
> > > > <Request>
> > > >  <Subject 
> > > > SubjectCategory="urn:oasis:names:tc:xacml:1.0:subject-category:access-subject">
> > > >    <Attribute 
> > > > AttributeId="urn:oasis:names:tc:xacml:1.0:subject:subject-id" 
> > > > DataType="http://www.w3.org/2001/XMLSchema#string";><AttributeValue>kan</AttributeValue></Attribute>
> > > >  </Subject>
> > > >  <Resource>
> > > >    <Attribute 
> > > > AttributeId="urn:oasis:names:tc:xacml:1.0:resource:resource-id" 
> > > > DataType="http://www.w3.org/2001/XMLSchema#anyURI";><AttributeValue>http://perfsonar.net/MA</AttributeValue></Attribute>
> > > >  </Resource>
> > > >  <Action>
> > > >    <Attribute 
> > > > AttributeId="urn:oasis:names:tc:xacml:1.0:action:action-id" 
> > > > DataType="http://www.w3.org/2001/XMLSchema#string";><AttributeValue>read</AttributeValue></Attribute>
> > > >  </Action>
> > > > </Request>
> > > >
> > > > The problem is that I don't know how I could add it inside a nmwg 
> > > > message. My choice is adding it inside a <nmwg:data> element 
> > > > (please, tell me if I'm wrong doing in this way). The thing is that 
> > > > I can get the String or the DOM Element but I didn't find a way to 
> > > > add it into a Message object.
> > > > Please, any help? any idea? :-)
> > >
> > >
> > > A quick question, what is the overall purpose of this type of 
> > > request?  What would be the response to this?  With some more 
> > > context I could probably help suggest a fitting structure.