[sr-dev] git:master: xcap_server: support parsing oma pres-rules auid

Daniel-Constantin Mierla miconda at gmail.com
Thu Sep 30 00:25:30 CEST 2010



On 9/29/10 11:38 PM, Iñaki Baz Castillo wrote:
> 2010/9/29 Daniel-Constantin Mierla<miconda at gmail.com>:
>>> does xcap-server already support oma pres-rules and resource-list or is
>>> it on the roadmap?
>> xcap server is just for storage and manipulation of xml xcap docs.
> Unfortunatelly this is not entirely true. For example, the oma-icon
> XCAP application (storage of an icon in XML format) requires a lot of
> logic in the XCAP server, why?:
>
> - Alice does a XCAP/HTMP PUT of his avatar/icon (a XCAP/XML document)
> to the XCAP server.
>
> - The Alice sends a PUBLISH (event "presence") to the presence server.
> According to OMA specs, this PUBLISH can contain a<icon>  element with
> a link to the XCAP/XML document, something like:
>
>      <icon>http://xcap.mydomain.org/org.openmobilealliance.pres-content/users/sip:alice@mydomain.com/oma_status-icon/index</icon>
>
> - Bob is a watcher allowed by Alice for event "presence". Bob receives
> the NOTIFY containing such<icon>  link.
>
> - Bob then performs a XCAP/HTTP GET for that URL.
>
> - The XCAP server receives the GET from Bob and now, the XCAP server
> MUST check if Bob is allwoed or not to see Alice's status. What does
> it *mean*? It means that the XCAP server MUST get the 'pres-rules'
> document of Alice and inspect if Bob is allowed or not. Such
> 'pres-rules' document could contain (MUST in OMA specs) an absolute
> HTTP reference to Alice's 'resource-lists' document (as permissions
> are based on sublists. Again, 'resource-lists' document can contain
> (or MUST in OMA specs) absolute HTTP references to the
> 'resource-lists' document itself (yes, with depth 3 or 4, *really*).
>
> This means that the XCAP server MUST behave as a SIP presence server
> in order to allow or deny the icon of user B to user A. Painful? Yes.

Well, then this xcap server can do more than I expected so far, because 
it can behave like a presence server :-) since kamailio is a presence 
server.

You can check the authorization status for watchers in config, iirc, 
Juha added it:
http://kamailio.org/docs/modules/devel/modules_k/presence.html#id2941538

So, when there is a query for someone's resources, you can check in the 
config if querying person is allowed to see presence of queried person.

Cheers,
Daniel

>> Presence modules are able to deal with pres-rules, not sure to what extent the oma additions.
> Read OMA-WP-PRS_1_1_Implementation_Guidelines-20081209-A.pdf and
> OMA-WP-XDM_1_1_Implementation_Guidelines-20081209-A.pdf.
>
> There is clear how unclear the specs are. But basically, as I've said
> above, pres-rules document contains absolute HTTP links to
> resource-lists document, and resource-lists document contains absolute
> HTTP links to itself.
>
>
> Regards.
>
>

-- 
Daniel-Constantin Mierla
http://www.asipto.com




More information about the sr-dev mailing list