|
[Home]
[About]
[FAQ]
[Software]
[Documentation]
[Contact]
Sample XML - Populating with Data
Rev. 10-Feb-2006
Importing a Subsystem
A Subsystem is described within Signet as metadata
defined by the owners and analysts of the privileges
being managed. It is described in an XML document, which
can be read by a command-line run script found in signet/util/SubsystemXmlLoader.
| Document Outline |
|
|
|
| |
|
|
|
| <Subsystem> |
|
|
Document root element |
| <Id> |
|
|
Internal
Subsystem identifier |
| <Name> |
|
|
External Subsystem Name |
| <HelpText> |
|
|
Brief
description of the subsystem |
| <Scope> |
|
|
ID
of the Tree that governs assignment scope for
a subsystem |
| |
|
|
|
| <ChoiceSet> |
|
|
Zero
or more |
| <Id> |
|
|
Internal
ChoiCeSet identifier |
| <Choice> |
|
|
Two
or more |
| <Value> |
|
|
Internal value
for data interchange |
| <Label> |
|
|
UI label |
| <Order> |
|
|
Presentation order |
| <Rank> |
|
|
Relative ranking
for more vs less evaluation |
| </Choice> |
|
|
|
| </ChoiceSet> |
|
|
|
| |
|
|
|
| <Limit> |
|
|
Zero
or more |
| <Id> |
|
|
Internal
Limit identifier |
| <Name> |
|
|
External
Limit name |
| <HelpText> |
|
|
Brief
text describing the Limit; shown in UI in assignments |
| <LimitChoiceSet> |
|
|
If
a ChoiceSet applies |
| <Renderer> |
|
|
JSP
method to render Limit |
| </Limit> |
|
|
|
| |
|
|
|
| <Permission> |
|
|
One
or more |
| <Id> |
|
|
Internal
PermissionID, presented in Permissions document |
| <PermissionLimit> |
|
|
Zero
or more Limits that are required for a permission |
| </Permission> |
|
|
|
| |
|
|
|
| <Category> |
|
|
One
or more |
| <Id> |
|
|
Internal
Category identifier |
| <Name> |
|
|
External
Category name |
| </Category> |
|
|
|
| |
|
|
|
| <Function> |
|
|
One
or more |
| <Id> |
|
|
Internal
Function identifier |
| <Name> |
|
|
External
Function name |
| <HelpText> |
|
|
Brief
text describing the Function, shown in UI in
assignments |
| <CategoryId> |
|
|
Category
to which this Function belongs |
| <FunctionPermission> |
|
|
One
or more Permission IDs that this privilege
maps to |
| </Function> |
|
|
|
| |
|
|
|
| <Proxy> |
|
|
Future use |
| |
|
|
|
| </Subsystem> |
|
|
|
|
Additional information on ChoiceSets: a ChoiceSet is
a named collection of values used for presenting choices
to the user or for constraining their input to a limit.
Choices consist of the following
| Element |
Description |
| Value |
Internal value. This value is passed to consuming
systems in the <permissions> document. It may
be a code or a plain numeric value. |
| Label |
The external presentation value in the UI. It may
be a name associated with a code, or an expansion
of a numeric value (100MB, $1,000, etc). |
| Order |
A number that determines the order of presentation
when prompted in the UI and as presented on output
(for multiple choices). Values with the same order
are presented per an ASCII alpha-numeric sort. |
| Rank |
Number indicating relative ranking of choices.
Ranking is used by the Signet's comparator methods
in determining whether a value is the same, more,
or less than a value which a person already has. |
A note about Renderers. A Rendering class in Signet
is a JSP module that will render a Limit and receive
input during an assignment. Signet has two built-in renderers:
- singleChoicePullDown.jsp
- multipleChoiceCheckboxes.jsp
A sample Subsystem XML document can be found here: raw
Subsystem-XML [preformatted
HTML]
Importing a Tree
A Tree is described to Signet as metadata defined by
the owners and analysts of the privileges being managed.
It is described in an XML document which can be read
by a command-line run script found in signet/util/TreeXmlLoader.
| Document Outline |
|
|
|
|
|
|
|
| <Tree> |
|
|
Document root element |
| <Id> |
|
|
Internal
Tree identifier |
|
<Name> |
|
|
External
Tree Name |
| |
|
|
|
|
<Organization> |
|
|
One
or more |
| <Id> |
|
|
Internal
Organization identifier |
| <Type> |
|
|
Type
of organization, e.g., school, department (not
currently used) |
| <Name> |
|
|
External
Organization name |
| <Organization> |
|
|
Nested
hierarchy |
| : |
|
|
|
| </Organization> |
|
|
|
| |
|
|
|
| </Tree> |
|
|
|
|
A sample Tree XML document can be found here: raw
Tree-XML [preformatted
HTML]
Importing Subjects
Signet uses the v0.1 draft specification for an Internet2
Subject API, and provides a simple local table for storing
Subject (person or group) information. Subjects come
from named Sources, and as a minimum have for
Signet the following attributes:
- id – a unique (across a source) and
enduring internal identifier,
- type – Currently "person" or "group",
and
- name – The external name. For people
it should be in the form "Last, First".
The Signet UI also expects the following:
- description – A short title presented
with the name in search result lists, e.g., "Professor,
Biology", "Technical Writer, MedCenter",
etc.
- loginid – unique network ID; should
correspond to the authenticated the user uses to log
on with.
Any number of additional attributes are allowed through
the API, but will not be directly used by Signet. Any attribute
will contribute to the possibilities for search matching
however. For instance, as a convenience in the Demo, you
will find that all Subjects in the sample population have
been given an attribute name of all with a value
of all. This trick allows a search on the string "all" to
find all people in the sample population – not something
one would likely do with a real institutional Person source.
XML output and input for Subjects are under development.
In the meantime, a simple file format can be used with
the SubjectFileLoader utility to input Subjects into
the local subject table – file Sample
Subjects, with formatting instructions.
|
