[gt-user] VOMS-Admin error

Thu, 23 Oct 2008 07:16:11 -0700 

Hii


As given in the VOMS Admin User Guide,each operation on the VOMS
database is authorized according to a set of permissions,
i.e.,whenever an administrator tries to execute such operation,
its permissions are matched with the operation's set of required
permission in order to authorize the operation execution.

---Now, the question is who can be an administrator here? According to
the guide, a VOMS administrator can be :

   A VO user;
   A VOMS FQAN;
   Any authenticated user

So, then a VOMS admin may/may not be a user of the VO?

---What does the default role VO-Admin signify?
---Any user with a valid X509 user certificate and acces to the
VOMS-Admin Client can act as VO-Admin?????

--- After creating a new VO from root UNIX account, I added myself
(arpit UNIX  account having valid user certifiactes) as a VO user
by running  "VOMS-Admin" client from my local account. I want to know
if I am not the user of newly created VO initially then how I was able
to add myself
as a VO User ????

Then I tried  accessing the VOMS Admin web interface by uploading my
usercertificate in browser it is showing the
CURRENT USER as "LOCAL ADATABASE ADMINISTRATOR"

The voms-admin log shows like this:
*common.InitSecurityContext - Unauthenticated connection from "127.0.0.1" -
WARN  2008-10-23 15:28:05,318 [http-8443-Processor24]
common.InitSecurityContext - *** Overriding null credentials from
localhost with Local Database Admin *** -
INFO  2008-10-23 15:28:05,396 [http-8443-Processor24]
service.VomsAdminService - createUser(/C=IN/O=C-DAC KP
Bangalore/OU=CTSF/OU=ctsf.cdac.org.in/CN=arpitj
                                           ,/C=IN/O=C-DAC KP
Bangalore/OU=CTSF/CN=C-DAC KP CA); -
INFO  2008-10-23 15:28:08,920 [http-8443-Processor24]
operations.BaseVomsOperation - Operation:
CreateUserOperation([usr=(/C=IN/O=C-DAC KP
Bangalore/OU=CTSF/OU=ctsf.cdac.org.in/CN=arpitj,null),
                  caDN=/C=IN/O=C-DAC KP Bangalore/OU=CTSF/CN=C-DAC KP
CA]) - (/O=VOMS/O=System/CN=Local Database
Administrator,/O=VOMS/O=System/CN=Dummy Certificate Authority) -

*
---Why it is taking the following  dummy DN *O=VOMS/O=System/CN=Local
Database Administrator,/O=VOMS/O=System/CN=Dummy Certificate
Authority*

Any suggestions????


Thanks
Arpit

Reply via email to