VOMS-API v3 Configuration
This page describes configuration properties required by the VOMS-API library.
As described in the VOMS-API v3 page, these parameters can be supplied both statically, through a configuration file, both programmatically in a java.util.Properties
object.
All the supported properties, listed in the table below, are available in the org.gcube.vomanagement.vomsapi.impl.VOMSAPIConfigurationProperty
enum.
In the following table, for each property a brief description is given , as well as functionalities requiring the property itself. In addition, the default value is reported, if any, as well as an example of a valid property value. A complete example showing the configuration file can be found at the bottom of this page.
Name | Description | Required | Default value | Example |
SIMPLE_CA
|
The Distinguished Name of the Online CA (available through the MyProxy service) | By the ExtendedVOMSAdmin interface
|
N/A | "/O=Grid/OU=GlobusTest/OU=simpleCA-gauss.eng.it/CN=Globus Simple CA" |
CN_PREFIX
|
The prefix used to generate Distinguished Names for credentials issued by the Online CA (available through the MyProxy service) | By the ExtendedVOMSAdmin interface
|
N/A | "/O=Grid/OU=GlobusTest/OU=simpleCA-gauss.eng.it/OU=eng.it/CN=" |
CLIENT_PROXY
|
The file containing proxy credentials used to perform invocations to MyProxy and VOMS | By all interfaces, alternativley the CLIENT_CERT property, or a programmatically supplied credentials can be set | N/A | "/home/user/certs/userProxy" |
CLIENT_CERT
|
The file containing the client public certificate used to contact the VOMS and MyProxy services | By all interfaces, alternativley the CLIENT_PROXY property, or a programmatically supplied credentials can be set | N/A | "/home/user/certs/userCert.pem" |
CLIENT_KEY
|
The file containing the client private key associated with the client certificate specified in the CLIENT_CERT property
|
Yes, if the CLIENT_CERT property has been specified | N/A | "/home/user/certs/userKey.pem" |
CLIENT_PWD
|
The password to decrypt the key in the file pointed by the CLIENT_KEY property
|
Yes, if the CLIENT_KEY property point to an encrypted key
|
N/A | "yourSecretPassword12345" |
VOMS_HOST
|
The hostname of the VOMS service | Yes | N/A | "voms.research-infrastructures.eu" |
VO_NAME
|
The VOMS VO name | Yes | N/A | "gCube" |
VOMS_PROTOCOL
|
The protocol used to contact the VOMS service, usually https. | No | "https" | "http" |
VOMS_PORT
|
The port used by the VOMS Administration service, usually 443 | No | "443" | "8443" |
MYPROXY_HOST
|
The hostname of the MyProxy service | By the CredentialsManager interface
|
N/A | "grids04.eng.it" |
MYPROXY_PORT
|
The port of the MyProxy service, default to 7512 | No | "7512" | "7555" |
PROXIES_DIR
|
The directory where to temporary store proxy credentials | No | "proxies" | "/home/user/proxies" |
RUNS_IN_WS_CORE
|
Indicates if the VOMS API library is being used from a Ws-Core service, or from a standalone client. This property is needed as the way to perform invocation depends on this | No | "false" | "true" |
Here below you can find an example of the VOMS-API.properties file:
#Setting Online CA properties SIMPLE_CA=/O=Grid/OU=GlobusTest/OU=simpleCA-gauss.eng.it/CN=Globus Simple CA CN_PREFIX=/O=Grid/OU=GlobusTest/OU=simpleCA-gauss.eng.it/OU=eng.it/CN= #Setting Credentials CLIENT_CERT=/home/user/certs/userCert.pem CLIENT_KEY=/home/user/certs/userKey.pem CLIENT_PWD=yourSecretPassword12345 #Alternative credentials can be configured through a proxy #CLIENT_PROXY=/home/user/certs/userProxy #Setting VOMS properties VOMS_HOST=voms.research-infrastructures.eu VO_NAME=gCube #Setting MyProxy properties MYPROXY_HOST=grids04.eng.it #Setting to run in a Ws-Core container RUNS_IN_WS_CORE=true