DILIGENT Gridsphere and Portal Security patch
This page contains a description of some needed steps in order to perform a new installation of DILIGENT Gridsphere Portal.
Contents
Configure properly your host
If you want to deploy the DILIGENT gridsphere portal you need to properly configure security for DILIGENT services please follows the How To Enable Security page.
Install Apache-tomcat 5.5.20
You can download from ETICS build report the required version of that web application container tomcat-5.5.20. Remember to correctly configure the container as Gridsphere user's guide suggests in Gridsphere user's guide.
Download Diligent-Gridpsphere
It is a gridsphere-2.2.7 portal patched with org.diligentproject.portal.security-patch, that introduce the diligent security mechanisms in the gridsphere portal. You can download it from ETICS build report diligent-gridsphere.
Download VOMS servlet
The .war of the VOMSServlet is available at ENGrepository. After deploying the .war in your container, edit the associated web.xml file in which you have to specify a number of parameters:
<!-- the host name of the VOMS Admin interface --> <init-param> <param-name>hostName</param-name> <param-value>https://grids03.eng.it:8443/voms/diligent/services/VOMSAdmin</param-value> </init-param> <!-- the pcks12 host certificate --> <init-param> <param-name>keyStore</param-name> <param-value>path_to_host.p12</param-value> </init-param> <!-- the default value is pcks12 --> <init-param> <param-name>keyStoreType</param-name> <param-value>PKCS12</param-value> </init-param> <!-- the password of the specified keyStore --> <init-param> <param-name>keyStorePassword</param-name> <param-value>password</param-value> </init-param> <!-- the path to a trustStore --> <init-param> <param-name>trustStore</param-name> <param-value>path_to_a_trustStore</param-value> </init-param> <!-- the password of the specified keyStore --> <init-param> <param-name>trustStorePassword</param-name> <param-value>tomcat</param-value> </init-param> <!-- the default value --> <init-param> <param-name>trustStoreType</param-name> <param-value>JKS</param-value> </init-param>
Edit PortalSecurity.properties
In the .tgz of diligent-gridpshere you can find a new file called PortalSecurity.properties. You have to edit it before installing the portal in your machine. This operation is really important in order to have a correct installation.
In particular you have to specify a number of parameters belonging to MyProxy host you want to use:
*E.g.:MYPROXY_HOST=grids04.eng.it *E.g.:MYPROXY_PORT=7512
and a dir in your filesystem suitable to store temporary generated proxy certificate
*E.g.:PROXIES_DIR=/home/user/certs/
Then you have to specify a number of information needed to communicate with the VOMSServlet. This servlet represents a workaround due to communication problem within portal, VOMS host and the all DILIGENT infrastructure. At ENG we develop that servlet that you must deploy in the same Apache tomcat container where you deploy diligent-gridsphere. The following parameters are required:
*SERVLET_HOST=host *SERVLET_PORT=port *SERVLET_PATH=the_servlet_path *SERVLET_PROTOCOL=http