PreviousNextUp[Front page] [Index]

Notify Messages

Notification messages must obey the message structure, which is defined in this chapter. A single notification file can contain one or multiple notification messages.

DTD definition for NotifyMessages XML document structure:

<!--                                                       -->
<!-- ProviderID    - currently not used.                   -->
<!ELEMENT ProviderID       (#PCDATA) >
<!ELEMENT Origin           (#PCDATA) >
<!ELEMENT EntityPrimaryKey (#PCDATA) >
<!--                                                       -->
<!ELEMENT MessageID        (#PCDATA) >
<!--                                                       -->
<!-- Type          add, update, delete, disable,           -->
<!--               enable, revoke, enroll                  -->
<!ELEMENT Type             (#PCDATA) >
<!--                                                       -->
<!-- EnrollRequest - enrollment request in one of          -->
<!--                 the supported formats:                -->
<!--                   PKCS#10        -PKCS#10 as PEM      -->
<!--                   public key     -plain public key    -->
<!--                   CRMF           -CRMF as base64      -->
<!--                   CMP            -CMP message as      -->
<!--                                   base64              -->
<!ELEMENT EnrollRequest    (#PCDATA, PublicKey) >
<!ATTLIST EnrollRequest    format    CDATA #REQUIRED >
<!--                                                       -->
<!-- PublicKey     - public key                            -->
<!ELEMENT PublicKey        (#PCDATA, Modulus, Exponent) >
<!ATTLIST PublicKey        format    CDATA #REQUIRED > 
<!ELEMENT Modulus          (#PCDATA) >
<!ELEMENT Exponent         (#PCDATA) >
<!--                                                       -->
<!-- Parameter     - parameter for attribute mapping       -->
<!ELEMENT Parameter        EMPTY >
<!ATTLIST Parameter        attrName  CDATA #REQUIRED
                                 attrValue CDATA #REQUIRED >
<!ELEMENT EntityParameters (Parameter)* >
<!ELEMENT Message          (ProviderID, 
                                  Origin, 
                                  EntityPrimaryKey,
                                  MessageID,
                                  Type, 
                                  EntityParameters) >
<!ELEMENT NotifyMessages   (Message)* >

An example of an XML notification message is shown below:

<?xml version="1.0" encoding="utf-8" ?>
<!DOCTYPE NotifyMessages SYSTEM "ext_id_notify_msg_dtd.dtd">
<!--                                                     -->
<NotifyMessages>

 <!-- Add notifications create new entities with given attributes. -->

 <Message>
  <ProviderID>12345</ProviderID>
  <Origin>LDAP</Origin>
  <EntityPrimaryKey>DN</EntityPrimaryKey>
  <MessageID>msg120</MessageID>
  <Type>Add</Type>
  <EntityParameters>
    <Parameter attrName="DN" attrValue="cn=Test User1,o=SSH,c=FI"/>
    <Parameter attrName="mail" attrValue="test_user1@ssh.com"/>
    <Parameter attrName="phone" attrValue="11111111"/>
  </EntityParameters>
 </Message>

 <Message>
  <ProviderID>12345</ProviderID>
  <Origin>LDAP</Origin>
  <EntityPrimaryKey>DN</EntityPrimaryKey>
  <MessageID>msg121</MessageID>
  <Type>Add</Type>
  <EntityParameters>
    <Parameter attrName="DN" attrValue="cn=Test User2,o=SSH,c=FI"/>
    <Parameter attrName="mail" attrValue="test_user2@ssh.com"/>
    <Parameter attrName="phone" attrValue="22222222"/>
  </EntityParameters>
 </Message>


 <!-- When the entity all ready exist, add notification modifies --> 
 <!-- the entity. All attributes in the existing entity are      -->
 <!-- replaced with new ones.                                    -->
 <Message>
  <ProviderID>12345</ProviderID>
  <Origin>LDAP</Origin>
  <MessageID>msg123</MessageID>
  <EntityPrimaryKey>DN</EntityPrimaryKey>
  <Type>Add</Type>
  <EntityParameters>
    <Parameter attrName="DN" attrValue="cn=Test User1,o=SSH,c=FI"/>
    <Parameter attrName="phone" attrValue="33333333"/>
  </EntityParameters>
 </Message>


 <!--  Delete notification removes the existing entity.          -->
 <Message>
  <ProviderID>12345</ProviderID>
  <Origin>LDAP</Origin>
  <EntityPrimaryKey>DN</EntityPrimaryKey>
  <MessageID>msg124</MessageID>
  <Type>Delete</Type>
  <EntityParameters>
    <Parameter attrName="DN" attrValue="cn=Test User2,o=SSH,c=FI"/>
  </EntityParameters>
 </Message>


 <!--  Smart modify entity notification replaces, adds or deletes -->
 <!--  attribute values from the existing entity.                 -->
 <Message>
  <ProviderID>12345</ProviderID>
  <Origin>LDAP</Origin>
  <EntityPrimaryKey>DN</EntityPrimaryKey>
  <MessageID>D1</MessageID>
  <Type>Modify</Type>
  <EntityParameters>

    <!--  Primary name relates the notification message to    -->
    <!--  a specific entity.                                  -->
    <Parameter attrName="DN" attrValue="cn=Test User1,o=SSH,c=FI"/>

    <!--  Replace current attribute value with the new value. -->
    <Parameter attrName="mail" modifyType="replace" 
                                attrValue="test_user1_mail1@ssh.com"/>

    <!--  Delete the specified attribute value from the entity. -->
    <Parameter attrName="phone" modifyType="delete" attrValue=""/>

    <!--  Add new attribute value, keep possible old values. -->
    <Parameter attrName="mail" modifyType="add" 
                                attrValue="test_user1_mail1@ssh.com"/>
    <Parameter attrName="mail" modifyType="add" 
                                attrValue="test_user1_mail2@ssh.com"/>

    <!-- Delete the specified attribute value. -->
    <Parameter attrName="mail" modifyType="delete" 
                                attrValue="test_user1_mail2@ssh.com"/>

  </EntityParameters>
 </Message>


 <!-- Enrollment using PKCS#10 -->
 <Message>
  <ProviderID>12345</ProviderID>
  <Origin>LDAP</Origin>
  <EntityPrimaryKey>DN</EntityPrimaryKey>
  <MessageID>D1</MessageID>
  <Type>Enroll</Type>
  <EntityParameters>
    <!--  Primary name to relate the notification to a specific entity. -->
    <Parameter attrName="DN" attrValue="cn=Test User1,o=SSH,c=FI"/>
  </EntityParameters>
  <EnrollRequest format="PKCS#10">
-----BEGIN CERTIFICATE REQUEST-----
MIIB2DCCAUECAQAwfzELMAkGA1UEBhMCRkkxEDAOBgNVBAgTB0ZpbmxhbmQxETAP
BgNVBAcTCEhlbHNpbmtpMQwwCgYDVQQKEwNTU0gxDDAKBgNVBAsTA0RldjETMBEG
A1UEAxMKVG9taSBLYXVzZTEaMBgGCSqGSIb3DQEJARYLdG9rYUBzc2guZmkwgZ8w
DQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBANp3kiJ3WQ9bN/B5iQeZq5p7N7LNyoQ0
wbOIYG/4tPvkqfKwHOSUwkwYxt/m/nvPrgE4qVWtzliekkGRiHA43A59v68esRD0
x3WFywMn+lzLIy/nXnCM2nY6of7RdDubc612rfeG8WLWQmdfgm0l2rHU4hg/A7Q4
7ML/l5iCsyRNAgMBAAGgGTAXBgkqhkiG9w0BCQcxChMIZmlubmFpcgAwDQYJKoZI
hvcNAQEEBQADgYEAfyL/LvcUaQrjwBuUQpoIVyxW1ADDeUo6EMxWsJ5fo/6KvmJn
t79ApJe46sFPDYb53lXp1nTlhbLi2R2Ah/Nnewfd/mmEsf5/eb01LQLrGyWVDMJT
cMlnGi89urby5lTk7nWM4VFFxoAzTzaw+2pbj+99f6Zj+0vxG84yl+0YHBU=
-----END CERTIFICATE REQUEST-----
  </EnrollRequest>
 </Message>

 <!-- Enrollment using plain public key -->
 <Message>
  <ProviderID>12345</ProviderID>
  <Origin>LDAP</Origin>
  <EntityPrimaryKey>DN</EntityPrimaryKey>
  <MessageID>D1</MessageID>
  <Type>Enroll</Type>
  <EntityParameters>
    <!--  Primary name to relate the notification to a specific entity. -->
    <Parameter attrName="DN" attrValue="cn=Test User1,o=SSH,c=FI"/>
  </EntityParameters>
  <EnrollRequest format="public key">
    <PublicKey format="rsa-params">
      <Modulus>
        16799250126104224737622551155087981829943415557539082940779026373571312
        05637848884230351223150194832285042683176692424562419739861164778359002
        86597621356417810488417101866496788854222536876109960179523373464434033
        73584886958344560273053088662528921451859542059540125970228802725497727
        5744080344327012981164041
      </Modulus>
      <Exponent> 65537 </Exponent>
    </PublicKey>
  </EnrollRequest>
 </Message>

</NotifyMessages>


PreviousNextUp[Front page] [Index]