Changes between Version 38 and Version 39 of AaronHelsinger/GAPI_AM_API_DRAFT


Ignore:
Timestamp:
03/30/12 14:23:41 (12 years ago)
Author:
Aaron Helsinger
Comment:

--

Legend:

Unmodified
Added
Removed
Modified
  • AaronHelsinger/GAPI_AM_API_DRAFT

    v38 v39  
    961961}}}
    962962
    963 At least one credential must be a valid slice credential for the slice specified in `slice_urn` if that is an argument, or for the slice that contains the named slivers, if sliver urns are an argument, or a valid administrative credential with sufficient privileges. Credentials must be valid (signed by a valid GENI certificate authority either directly or by chain, not expired, and grant privileges to the client identified by the SSL client certificate). Each method requires specific privileges, which must be granted by the provided credentials. Note that the semantics of this argument is not clear: most implementations require a single credential to provide all needed privileges. Alternative interpretations might, for example, accumulate privileges from each valid credential to determine overall caller permissions. For details on GENI AM API format credentials, see [wiki:GeniApiCredentials the GENI wiki].
     963At least one credential must be a valid slice credential for the slice specified in `slice_urn` if that is an argument, or for the slice that contains the named slivers, if sliver urns are an argument, or a valid administrative credential with sufficient privileges. When sliver_urns are supplied, all such slivers must belong to the same slice, over which the given credential provides access. Credentials must be valid (signed by a valid GENI certificate authority either directly or by chain, not expired, and grant privileges to the client identified by the SSL client certificate). Each method requires specific privileges, which must be granted by the provided credentials. Note that the semantics of this argument is not clear: most implementations require a single credential to provide all needed privileges. Alternative interpretations might, for example, accumulate privileges from each valid credential to determine overall caller permissions. For details on GENI AM API format credentials, see [wiki:GeniApiCredentials the GENI wiki].
    964964
    965965=== `geni_end_time` ===
     
    991991=== `options` ===
    992992An XML-RPC struct. For !GetVersion only, this argument is optional. In all other methods, it is required. Only !ListResources has required entries in the options struct. Aggregates are compliant with this API change by accepting this argument. Aggregates may accept entries to this struct. Aggregates should not require any new options to any method - they should always have a reasonable default for any such option. Aggregates should document new `options` arguments. The prefix `geni_` is reserved for members that are part of this API specification. Implementations should choose an appropriate prefix to avoid conflicts.
     993
     994=== `sliver_urns[]` ===
     995Several methods exist in two variants. Variant one takes a slice URN. In this mode, it is interpreted to operate on all slivers contained in that slice at this aggregate. Variant two takes a list of sliver URNs. Typically, all such slivers belong to the same slice. Some aggregates may refuse calls to operate on slivers in more than one slice. All aggregates shall refuse to authorize calls which operate on more than one implicitly referenced slice but do not provide credentials that authorize operating on all such referenced slices.
    993996
    994997 == !GetVersion ==