Member_Authority |
GENI Clearinghouse Member Authority (MA) controller interface
The MA maintains a set of members and their UUIDs and their attributes and
associated query mechanisms. The MA maintains a set of SSL keys and certs, both
'inside' and 'outside' for given users. Additionally, the MA maintains a mapping
of members to the client tools (e.g. the GENI Portal) that the member has
authorized to speak on his/her behalf. Finally, the MA maintains a set of SSH
keys for a given member for passing to resources as needed.
Supports these methods:
- success <= register_ssh_key(member_id, ssh_filename, ssh_description,
ssh_public_key, [ssh_private_key])
- [id, member_id, filename, description, public_key, private_key]* <=
lookup_ssh_keys(member_id)
- success <= update_ssh_key(member_id, ssh_key_id, ssh_filename,
ssh_description)
- success <= delete_ssh_key(member_id, ssh_key_id)
- [private_key, certificate]* <= lookup_keys_and_certs(member_id)
- member_id <= create_account(attributes)
- [client_name, client_urn]* <= ma_list_clients()
- [client_name, client_urn]* <= ma_list_authorized_clients(member_id)
- success <= ma_authorize_client(member_id, client_urn,
authorize_sense)
- [member_id]* <= lookup_members(attributes)
- [member_id, [name value self_asserted]*] <=
lookup_member_by_id(member_id)
- success <= add_member_privilege(member_id, privilege_id)
- success <= revoke_member_privilege(member_id, privilege_id)
Future (i.e. not yet available) methods include:
- upload_ssl_keys
- revoke_certificate
|