GSS 101

Getting Started

The Concept

GSS is a general server application for providing several types of services with several types of interfaces.

Gliffy Zoom Zoom



You can authorize the interface with a service. You can authorize a service with another service.

Installing GSS Server

  1. Download and extract GSS Server archive file.
  2. Enter bin directory and execute the appropriate file to start running
  • gss-server.bat ..\conf\gss-server.xml 
  • gss-server ../conf/gss-server.xml


GSS Server requires an XML file for configuration. The default configuration file is: <GSS_SERVER_HOME>/conf/gss-server.xml.

You can get the complete XML schema at:

Define Services

Executable Service:


For example, we have a perl script for creating an email address under a domain for our hosting company. Our script works as below: <operation_ID> <operation_param1> <operation_param2> ....
For creating email address: create_email -domain=<domain_name> -email=<email_address> -quota=<quota> -password=<password>

Let's introduce a service for this facility.

Define Interface

Let's define an HTTP interface for our GSS Server.

It binds on host localhost and 1655 port. The authorization of this interface is performed through authHttpUserPass authorization policy. This will be explained on the next section.

You can setup more than one interface type.

Mastering The Basics


All authorization policies are defined in <security> element of the configuration file.

An authorization policy is a connector that gets the parameters from the request and maps to a specified service for authorization. In other words, it executes an already defined service for authorization and use some of the request parameters for input.

An interface or a service can use a defined authorization policy for usage restriction. It is optional to use authorization policies for interfaces and services.

Interface Authorization

Interface authorization is used for preventing unwanted access on GSS server. GSS provides authorization for your each interface separately.

You can control authorization of an interface by referencing the name of an already defined authorization policy on interface definition.

The username and password attributes of the client request are used for Interface authorization.

Service Authorization

GSS provides authorization for your each service separately.
<executableService name="createEmailAddress" authorizationName="authDomainOwnerCheck"
executable="" parameterSeparator=" ">
You can control authorization of a service by referencing the name of an already defined authorization policy on service definition.
The request parameters received for the service are also used for authorization process. 

Sending Request

 Until now, a sample configuration should be as below:

Request for Executable Service

The complete xml schema for request XML is at :

This request runs on the server machine with the following parameters:

The response will include the output of the executable:

The username and password attributes on the request are for interface authorization only.

For  the configuration above,

  1. GSS Server checks the interface authorization by sending the username and password values to checkHttpUserPassService 
  2. For createEmailAddress job, GSS server checks the service authorization by sending the domainName and emailAddress values to emailOwnerAuthorization
  3. GSS Server sends the job parameters (emailAddress....) to createEmailAddress service.
  4. As createEmailAddress is an executable service, GSS Server runs "/var/ create_email reseller_id 7887" and returns the output to the client.
Gliffy Zoom Zoom

Client Usage

Java Client:

  This example post an xml file, it depends on Jakarta HttpClient API (

PHP Client 

  Example how to use HttpRequest to post data and receive the response:


  • No labels
Write a comment…