On May 29, 2008, at 12:16 PM, Ole Weidner wrote:
Hi,
I'm desperately looking for examples or at least some tips how to
programmatically use different proxies with the GRAM, GridFTP, and
RLS C API. The default initialization of the GSI security context
seems to pick up the x509up_<uid> proxy in /tmp. In my case, I have
multiple proxies in /tmp:
/tmp/x509up_vo1
/tmp/x509up_vo2
/tmp/x509up_vo3
...
I would like to be able to load a specific proxy into my context
depending on, for example the host I want to submit a job to. Or
another scenario where I don't know which proxy works for my target
host, would be to cycle through all proxies until the GRAM/GridFTP/
RLS command returns (hopefully) with a GLOBUS_SUCCESS.
I understand that for example the GRAM Client library provides the
function: int globus_gram_client_attr_set_credential
(globus_gram_client_attr_t attr, gss_cred_id_t credential) to
achieve something like this, right? But I don't understand how to
get the proxy information into the gss_cred_id_t type. The
documentation is really lacking some examples here...
There are two functions for loading a credential into a gss_cred_id_t
--- gss_acquire_cred and gss_import_cred.
The gss_acquire_cred() function will look in the order described by
<http://www.globus.org/toolkit//docs/4.0/security/prewsaa/Pre_WS_AA_Public_Interfaces.html#prewsaa-env-credentials
> to find the credentials. If you set the X509_USER_PROXY variable
before calling that function, you'll get the appropriate proxy.
The gss_import_cred() function has two modes of operation, chosen
based on the option_req parameter. If it is 0, you can pass the
contents of the proxy file into that function via the import_buffer
parameter. If it is 1 the value of the buffer should be the string
"X509_USER_PROXY=/tmp/x509up_vo3" or whatever in place of /tmp/
x509up_vo3 describes the path to your proxy file.
Probably, I'd do:
OM_uint32 maj_stat, min_stat;
gss_cred_id_t cred;
gss_buffer_desc proxy_buffer;
proxy_buffer.value = "X509_USER_PROXY=/tmp/x509up_vo1";
proxy_buffer.length = strlen(proxy_buffer.value);
maj_stat = gss_import_cred(&min_stat, &cred, GSS_C_NO_OID, 1,
&proxy_buffer, 0, NULL);
Any help will be highly appreciated!
Thanks,
Ole
