Difference between revisions of "How to use VOMS api library"
From Gcube Wiki
Andrea.turli (Talk | contribs) (→Installation Procedure) |
Andrea.turli (Talk | contribs) (→Installation Procedure) |
||
Line 12: | Line 12: | ||
vomsAPI.properties file is contained in SA and basically is composed of 3 sections: | vomsAPI.properties file is contained in SA and basically is composed of 3 sections: | ||
− | |||
#information about MyProxyCA server | #information about MyProxyCA server | ||
+ | <source lang="xml"> | ||
+ | # MyProxy server e.g.:grids04.eng.it | ||
+ | MYPROXY_HOST=YOUR_MYPROXYCA_SERVER | ||
+ | # MyProxy server port, default value is 7512 | ||
+ | MYPROXY_PORT=YOUR_MYPROXYCA_SERVER_PORT | ||
+ | |||
+ | # Information about simpleCA to be used | ||
+ | |||
+ | # Certification authority, e.g.: /O=Grid/OU=GlobusTest/OU=simpleCA-gauss.eng.it/CN=Globus Simple CA | ||
+ | SIMPLE_CA=YOUR_CA | ||
+ | |||
+ | # Common Name prefix to build a Distinguished Name (DN), | ||
+ | # e.g.: /O=Grid/OU=GlobusTest/OU=simpleCA-gauss.eng.it/OU=eng.it/CN= for a CN=test to obtain a valid DN for the VOMS | ||
+ | CN_prefix=CN_prefix | ||
+ | </source> | ||
+ | #information about VOMS server | ||
+ | <source lang="xml"> | ||
+ | # VOMS host | ||
+ | VOMS_HOST=YOUR_VOMS | ||
+ | #VO Name defined in VOMS, e.g: d4science | ||
+ | VO_NAME=YOUR_VO_NAME | ||
+ | # Default voms port is "8443" | ||
+ | VOMS_PORT=8443 | ||
+ | # Default voms protocol is "https" | ||
+ | VOMS_PROTOCOL=https | ||
+ | </source> | ||
#CLIENT credentials: the credentials to be specified by client to contact VOMS. They should have VO-Admin privileges in VO group. | #CLIENT credentials: the credentials to be specified by client to contact VOMS. They should have VO-Admin privileges in VO group. | ||
+ | <source lang="xml"> | ||
+ | # CLIENT creds: specify the triple (CLIENT_CERT, CLIENT_KEY, CLIENT_PWD) or CLIENT_PROXY | ||
+ | # e.g: triple (CLIENT_CERT, CLIENT_KEY, CLIENT_PWD) | ||
+ | # Overwrite the .pem certificate of the host, default path is /etc/grid-security/hostpubliccert.pem | ||
+ | # CLIENT_CERT=$HOME/user_cert.pem | ||
+ | # The .pem key of the host, default path is /etc/grid-security/hostprivatekey.pem | ||
+ | # CLIENT_KEY=$HOME/user_key.pem | ||
+ | # The password to decrypt private key | ||
+ | # CLIENT_PWD= | ||
+ | |||
+ | # e.g: CLIENT_PROXY | ||
+ | # client creds as a proxy certifcate, eg $HOME/proxy | ||
+ | # CLIENT_PROXY= | ||
+ | </source> | ||
== Using VOMS API library == | == Using VOMS API library == | ||
To successfully contact the VOMS service with VOMS api library you DON'T need to use a VOMS servlet. | To successfully contact the VOMS service with VOMS api library you DON'T need to use a VOMS servlet. |
Revision as of 13:15, 5 June 2009
Package Installation
Download
The VOMS api library can be downloaded from here.
Installation Procedure
The following steps have to be performed in order to use this library:
- uncompress the org.gcube.vo-management.voms-api-0.0.0-0.tar.gz file
- copy org.gcube.vomanagement.voms-api.jar in a convenient directory
- Edit a vomsAPI.properties file based on the template provided in the SA.
vomsAPI.properties file is contained in SA and basically is composed of 3 sections:
- information about MyProxyCA server
# MyProxy server e.g.:grids04.eng.it MYPROXY_HOST=YOUR_MYPROXYCA_SERVER # MyProxy server port, default value is 7512 MYPROXY_PORT=YOUR_MYPROXYCA_SERVER_PORT # Information about simpleCA to be used # Certification authority, e.g.: /O=Grid/OU=GlobusTest/OU=simpleCA-gauss.eng.it/CN=Globus Simple CA SIMPLE_CA=YOUR_CA # Common Name prefix to build a Distinguished Name (DN), # e.g.: /O=Grid/OU=GlobusTest/OU=simpleCA-gauss.eng.it/OU=eng.it/CN= for a CN=test to obtain a valid DN for the VOMS CN_prefix=CN_prefix
- information about VOMS server
# VOMS host VOMS_HOST=YOUR_VOMS #VO Name defined in VOMS, e.g: d4science VO_NAME=YOUR_VO_NAME # Default voms port is "8443" VOMS_PORT=8443 # Default voms protocol is "https" VOMS_PROTOCOL=https
- CLIENT credentials: the credentials to be specified by client to contact VOMS. They should have VO-Admin privileges in VO group.
# CLIENT creds: specify the triple (CLIENT_CERT, CLIENT_KEY, CLIENT_PWD) or CLIENT_PROXY # e.g: triple (CLIENT_CERT, CLIENT_KEY, CLIENT_PWD) # Overwrite the .pem certificate of the host, default path is /etc/grid-security/hostpubliccert.pem # CLIENT_CERT=$HOME/user_cert.pem # The .pem key of the host, default path is /etc/grid-security/hostprivatekey.pem # CLIENT_KEY=$HOME/user_key.pem # The password to decrypt private key # CLIENT_PWD= # e.g: CLIENT_PROXY # client creds as a proxy certifcate, eg $HOME/proxy # CLIENT_PROXY=
Using VOMS API library
To successfully contact the VOMS service with VOMS api library you DON'T need to use a VOMS servlet.