/**
 * @author Terry Fleury (tfleury@ncsa.uiuc.edu)
 * @version 1.0 2006-05-17
 *
 * This is a sample Axis web service to demonstrate connecting from a client
 * using proxy certificates.  It assumes that you have set up Tomcat/Axis to
 * handle SSL connections.
 */

// In cog-jglobus.jar
import org.globus.myproxy.MyProxy;

// In standard Java
import org.ietf.jgss.GSSCredential;

public class MyProxyDelegatee {
    
    /**
     * This method is called when a client has delegated a proxy credential
     * to a MyProxy server and wants to notify this service with the
     * username/passphrase information required to get the credential.
     * After we have retrieved the delegated credential from the MyProxy
     * server, we destroy the credential on the MyProxy server, just to
     * be sure nobody else can get it later.
     * @param host The MyProxy host name (probably FQDN).
     * @param port The port for connecting to the MyProxy host (e.g. 7512).
     * @param username The username for getting the proxy credential.
     * @param passphrase The passphrase for getting the proxy credential.
     * @param lifetime The desired lifetime (in seconds) for getting the
     *        proxy credential.  The actual lifetime of the retrieved
     *        credential is possibly shorter.
     * @return A string letting the calling client know the status of this
     *         service getting the proxy credential (e.g. success/failure).
     */
    public String notifyCredentialDelegated(String host, int port, 
                  String username, String passphrase, int lifetime) {

        StringBuffer buf = new StringBuffer();
        GSSCredential credential = null;

        try { 
            // Get and destroy the delegated credential
            MyProxy myProxyServer = new MyProxy(host,port);
            credential = myProxyServer.get(username,passphrase,lifetime);
            myProxyServer.destroy(credential,username,passphrase);

            // Create "success" message to be returned
            buf.append("Using the MyProxy server at " + host + ":" + port);
            buf.append(" with username = '" + username + "'");
            buf.append(" and passphrase = '" + passphrase + "'");
            buf.append(", successfully fetched the credential " + credential);
            buf.append(" with remaining lifetime = ");
            buf.append(credential.getRemainingLifetime());
            buf.append(" seconds");
        } catch (Exception e) {
            // Failed!  Create suitable message to be returned
            buf.append("Could not get credential from the MyProxy server at ");
            buf.append(host + ":" + port + " because ");
            buf.append(e.getMessage());
        }

        return buf.toString();
    }
}