You are here: Wiki>Security Web>SecurityDocs>WPSInterceptor (07 Dec 2009, MartinWilden)Edit Attach

The WPS Interceptor

Function mode of the WPS-interceptors:

WPSFilterCapabilitiesInterceptor

  • Interceptor for WPS GetCapabilities request
  • Filters unauthorized processes from the capabilities
  • Resourc:
    • /process
  • Action: /operations/GetCapabilities

WPSDescribeProcessInterceptor

  • Interceptor for WPS DescribeProcess request
  • Requests the rights for every requested process.
  • Resourc:
    • /process
  • Action: /operations/DescribeProcess
  • If one process is denied, an EnforcementServiceExpetion is thrown

WPSExecuteInterceptor

  • Interceptor for WPS Execute request
  • Decides whether the execution of the process is allowed for a user or not
  • Resourc:
    • /process
  • Action: /operations/Execute
  • If the requested process is denied, an EnforcementServiceExpetion is thrown

SimplePermission Example

<SimplePermissions xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns="http://www.52north.org/security/simple-permission/1.0">
   <PermissionSet name="WPS Permission">
         <ResourceDomain value="http://localhost:8080/wss/*/WPS"/>
      <ActionDomain value="http://localhost:8080/wss/*/WPS"/>
      <SubjectDomain value="urn:n52:security:subject:role"/>
      <Permission name="alice_all">
         <Resource value="/process/*"/>
         <!-- Any operations allowed -->
         <Action value="/operations/*"/>
         <!-- Any operations -->
         <Subject value="alice"/>
      </Permission>
      <Permission name="bob_protectionindex_Capabilities">
         <Resource value="/process/protectionindex"/>
         <Action value="/operations/GetCapabilities"/>
         <Subject value="bob"/>
      </Permission>
      <Permission name="bob_protectionindex_DecribeProcess">
         <Action value="/operations/DescribeProcess"/>
         <Resource value="/process/protectionindex"/>
         <Subject value="bob"/>
      </Permission>
</SimplePermissions>

Demonstration Video

* wps.ogg: Demo screencast
Topic revision: r10 - 07 Dec 2009, MartinWilden
Legal Notice | Privacy Statement


This site is powered by FoswikiCopyright © by the contributing authors. All material on this collaboration platform is the property of the contributing authors.
Ideas, requests, problems regarding Wiki? Send feedback