On Thu, Sep 18, 2008 at 7:25 PM, Vincenzo Ciaschini < [EMAIL PROTECTED]> wrote:
> arpit jain wrote: > >> Hii >> >> The reason for using non-standard location for certificate is that I am >> using proxy certificate given by MYPROXY Server which gets created in >> /tmp/x509_u**** instead of globus certificate i.e. usercert.pem. >> >> The location of vomses file is also non-standard because I have >> VOMS-client >> i.e. (voms-proxy-init) installed in my HOME directory instead of >> /opt/glite/. >> >> Any other possible reason for not getting the desired result?? >> > What do you *exactly* have in your DB? *I have Normal-user in my Database so thats not at all a problem.* > > What is the *exact* output of voms-proxy-init? *Output of voms-proxy-init: voms-proxy-init -debug --voms trial:/trial/Role=Normal-user --voms trial:/trial/Role=Developer -out vomsproxy -cert /tmp/x509up_u8085 -vomses /home/tools/shamjit/vomsclient/vomses Detected Globus version: 22 Unspecified proxy version, settling on Globus version: 2 Number of bits in key :512 Using configuration file /home/tools/shamjit/vomsclient/vomses Files being used: CA certificate file: none Trusted certificates directory : /etc/grid-security/certificates Proxy certificate file : vomsproxy User certificate file: /tmp/x509up_u8085 User key file: /tmp/x509up_u8085 Output to vomsproxy Your identity: /C=IN/O=C-DAC KP Bangalore/OU=CTSF/OU= ctsf.cdac.org.in/CN=Shamjith K V/CN=proxy/CN=proxy/CN=proxy Using configuration file /home/tools/shamjit/vomsclient/vomses Using configuration file /home/tools/shamjit/vomsclient/vomses Creating temporary proxy to /tmp/tmp_x509up_u8085_29377 .................++++++++++++ .........++++++++++++ Done Contacting 192.168.61.197:15000 [/C=IN/O=C-DAC KP Bangalore/OU=CTSF/CN=host/vipulb.cdacb.ernet.in] "trial" Done Creating proxy to vomsproxy .......................++++++++++++ ................++++++++++++ Done Warning: your certificate and proxy will expire Thu Sep 18 21:55:21 2008 which is within the requested lifetime of the proxy* > Remember that group and role names are case sensitive. > > Are you sure the role name is Normal-user ad opposed to, for example, > Normal-User? *I want to know which table in DB associate a User with its ROLE????? *Thanks Arpit* * > > > Ciao, > Vincenzo > > >> Thanks >> Arpit >> >> 2008/9/18 Fabian Lambert <[EMAIL PROTECTED]> >> >> Hi, >>> >>> It is strange because this command work for me... >>> >>> Why are you using the -cert parameter, do you store your certificate in a >>> non standard location ? Usually, your X509 certificate should be under >>> ~/.globus directory. >>> Same question for -vomses, you should have some default configuration >>> file, >>> you don't need to specify them. >>> >>> Maybe should you try only (to use the default configuration...) >>> voms-proxy-init -debug --voms trial:/trial/Role=Developer --voms >>> trial:/trial/Role=Normal-user -out vomsproxy >>> >>> On my side I tried this with my VO >>> voms-proxy-init --voms atlas:/atlas/Role=AMIManager --voms >>> atlas:/atlas/Role=AMIWriter -debug -out vomsproxy >>> >>> I got (after typing my passphrase), a file vomsproxy >>> >>> If I do then a >>> voms-proxy-info -file vomsproxy --all >>> >>> I get >>> >>> subject : <myDN>/CN=proxy >>> issuer : <myDN> >>> identity : <myDN> >>> type : proxy >>> strength : 512 bits >>> path : vomsproxy >>> timeleft : 11:59:21 >>> === VO atlas extension information === >>> VO : atlas >>> subject : <myDN> >>> issuer : /DC=ch/DC=cern/OU=computers/CN=lcg-voms.cern.ch >>> attribute : /atlas/Role=AMIManager/Capability=NULL >>> attribute : /atlas/Role=NULL/Capability=NULL >>> attribute : /atlas/lcg1/Role=NULL/Capability=NULL >>> attribute : /atlas/fr/Role=NULL/Capability=NULL >>> attribute : /atlas/Role=AMIWriter/Capability=NULL >>> >>> >>> with my two roles. >>> >>> >>> arpit jain a écrit : >>> >>> Hii >>>> >>>> I tried giving the command the way you suggested: >>>> * >>>> voms-proxy-init -debug -cert /tmp/x509up_u8085 -out vomsproxy -vomses >>>> /home/tools/shamjit/vomsclient/vomses --voms trial:/trial/Role=Developer >>>> --voms trial:/trial/Role=Normal-user >>>> >>>> * but still I am gettting only 1 role i.e. Developer (or watever I >>>> specify >>>> first in the command). >>>> >>>> Thanks >>>> Arpit >>>> * >>>> * >>>> 2008/9/18 Fabian Lambert <[EMAIL PROTECTED] <mailto: >>>> [EMAIL PROTECTED]>> >>>> >>>> >>>> Hi Arpit, >>>> >>>> Try >>>> >>>> voms-proxy-init --voms trial:/trial/Role=Developer --voms >>>> /trial/Role=Normal-user >>>> >>>> and you should get the 2 roles in your VOMS proxy. >>>> >>>> Cheers >>>> >>>> Vincenzo Ciaschini a écrit : >>>> >>>> arpit jain wrote: >>>> >>>> Hii, >>>> >>>> I have assigned 2 roles (Developer and Normal-user) to my >>>> user and now i want multiple roles in my VOMS-proxy >>>> certificate using "voms-proxy-init", but I am getting only >>>> one Role. I am giving the below command: >>>> >>>> *voms-proxy-init -debug --voms >>>> trial:/trial/Role=Developer --order /trial/Role=Developer >>>> --order /trial/Role=Normal-user -cert /tmp/x509up_u8085 >>>> -out vomsproxy -vomses /home/tools/shamjit/vomsclient/vomses >>>> >>>> The above command works fine but I get only 1 role i.e. >>>> Developer in my proxy certifcate. >>>> >>>> *Can someone suggest where I am wrong?? >>>> >>>> There is no --voms:/trial/Role=Normal-user in the command line. >>>> >>>> Ciao, >>>> Vincenzo >>>> >>>> >>>> >>>> Thanks >>>> Arpit >>>> >>>> >>>> >>>> >>>> >>>> >>>> >> >
