1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
|
Wallet Server API
Introduction
Here is the specification for the API that components of the wallet
server will implement. This is the document you should read if you're
planning on extending the wallet system. There are two pluggable
components in the wallet server: the implementation of a particular
object type (which amounts mostly to storage and retrieval), and the
ACL implementation.
See the documentation for Wallet::Object::Base and Wallet::ACL::Base,
which contain additional information about creating new object and
ACL verifier implementations and the documentation for all generic
methods. Wallet::Object::Base also provides some utility methods that
are useful for subclasses.
Object API
All object implementations should inherit from Wallet::Object::Base
and most of the methods of that module can be used without change.
Below are summaries of the methods that a typical object
implementation will need to override. Methods other than create()
should set the error with error() and return undef on failure.
create(NAME, TYPE, DBH, PRINCIPAL, HOSTNAME [, DATETIME])
Creates a new object of a particular type. The parent method will
take care of all of the database manipulation. A new object
implementation should override this method if it needs to create
something in an external system when an object is created. For
example, the keytab backend overrides create() to create the principal
in the Kerberos KDC and then calls the parent method to do the
database setup.
This method should throw an exception on error.
destroy(PRINCIPAL, HOSTNAME [, DATETIME])
Destroys the given object. Backend implementations should override
this method if they need to destroy the object in an external system.
For example, the keytab backend overrides this method to destroy the
principal in the Kerberos KDC. Be careful not to require that the
object exist in a remote system for destroy() to work, since an
administrator will want to destroy an orphaned wallet database entry
after something happened to the remote system entry.
get(PRINCIPAL, HOSTNAME [, DATETIME])
This is the one method that all object implementations must override.
Wallet::Object::Base just throws an exception if its get() method is
called. Retrieves the object data from wherever that backend stores
it, or generates new object data, and should return it as a string.
Don't forget to call log_action() after successfully retrieving the
data to update the history and trace information.
store(DATA, PRINCIPAL, HOSTNAME [, DATETIME])
Store user-supplied data into the given object. This may not be
supported by all backends (for instance, backends that automatically
generate the data will not support this). Backends that don't support
storing data can just not implement this method and the default
store() method will return an appropriate error.
If this method is implemented, don't forget to call log_action() after
successfully storing the data to update the history and trace
information.
show()
Normally, new backends don't need to override this method, since it
displays all the metadata in the database. It's only necessary to
override it if the backend stores additional metadata separately.
When overriding, call the parent method first and then edit the
resulting string to add additional information as needed.
ACL Verifier API
New ACL verifiers should inherit from Wallet::ACL::Base. There are
only two methods that a new ACL verifier needs to override, and new()
is only needed if the ACL verifier has some setup that needs to be
done before starting to check ACLs.
new()
Creates a persistant ACL verifier for the given ACL type. The default
does nothing except create a blessed object. Override if the verifier
needs persistant data, like a persistant LDAP connection. On failure,
throw an exception.
check(PRINCIPAL, ACL)
This method must be overridden by any new ACL verifier implemenetation
since the default declines all access. Checks whether the given
PRINCIPAL should be allowed access given ACL. Returns 1 if access is
granted, 0 if access is declined, and undef on error. On error, the
method should pass the error to error() to store it in the object for
retrieval by the caller.
|
