[gt-user] Error while running RFT with VOMS interceptors.

Kakoli Sen Fri, 31 Oct 2008 04:52:04 -0700

Dear All,

        We are trying to run RFT service of GT4.0.6 with VOMS credentials.
RFT has got web-services part was well as gridFTP, which is a unix service
coded in C.
First, we are trying to enable the web-service part of RFT with VOMS.


For this, we have made the following changes :
Disabled the default grid-map authZ. and enabled authZ. with VomsPDP and
VomsPIP in
i)globus_wsrf_rft( change in server-config.wsdd, security-config.xml)
ii) globus_delegation_service(change in server-config.wsdd,
service-security-config.xml, factory-security-config.xml)

The server-config.xml for both services has been changed from the default to
only include a parameter 'vomsAttrAuthFile' for the service.
The security-config.xml has
<authz value="ascope:org.globus.voms.PIP
                      bscope:org.globus.voms.PDP"/>

instead of

<authz value="gridmap"/>


After making these changes, when I ran the command :

rft -h g5 -f transfer.xfr

gives error at client side :

2008-10-31 11:42:28,417 ERROR delegation.DelegationUtil [main,delegate:440]
java.lang.NullPointerException
Exception when delegation credentials: [Caused by:
java.lang.NullPointerException]

Server side log is not showing any error. Attaching the server log anyway.

How to proceed on this further? Please help.

Thanks and Regards,

Kakoli Sen
_______________________________________________________________________
KAKOLI SEN                              Ph:91-80-25341909/215(Extn. 309)
C-DAC Knowledge Park                    E-mail:
#1, Old Madras Road                     [EMAIL PROTECTED]
Bangalore - 560 038, INDIA              [EMAIL PROTECTED]
________________________________________________________________________


-- 
This message has been scanned for viruses and
dangerous content by MailScanner, and is
believed to be clean.

2008-10-31 11:33:23,093 INFO  service.CasService [main,registerToMDS:361] 
Registration to MDS enabled
In constructor
2008-10-31 11:33:25,759 DEBUG factory.ReliableFileTransferFactoryService 
[main,<init>:129] Registration to MDS enabled
2008-10-31 11:33:26,622 DEBUG impl.VomsCredentialPIP [main,initialize:53] found 
truststore configuration: null
2008-10-31 11:33:26,628 DEBUG impl.VomsCredentialPIP [main,initialize:108] VOMS 
PIP initialize complete
2008-10-31 11:33:26,635 DEBUG impl.VomsPDP [main,initialize:536] Using static 
files
2008-10-31 11:33:26,636 DEBUG impl.VomsPDP [main,initialize:548] no use-gridmap 
configuration
2008-10-31 11:33:26,640 DEBUG impl.ACLPDP [main,load:148] added attribute to 
policy: /bio/Role=Developer/Capability=NULL
2008-10-31 11:33:26,643 DEBUG impl.VomsPDP [main,initialize:588] no attribute 
authorization policy configuration
2008-10-31 11:33:26,644 DEBUG impl.VomsPDP [main,initialize:613] using OR logic 
for DNs and attributes
2008-10-31 11:33:26,660 DEBUG service.ReliableFileTransferImpl 
[main,<init>:339] maximum active allowed:100
2008-10-31 11:33:26,685 DEBUG database.RFTDatabaseSetup 
[main,setupDBConnection:162] Setting up db : maximum active connection is 20
2008-10-31 11:33:26,686 DEBUG database.RFTDatabaseSetup 
[main,setupDBConnection:164] Setting up db : maximum idle connection is 10
2008-10-31 11:33:26,687 DEBUG database.RFTDatabaseSetup 
[main,setupDBConnection:166] dbOptionsjdbc:postgresql://g5.gridlab/rftDatabase 
globus globus org.postgresql.Driver 20 1 -1 10
2008-10-31 11:33:27,295 DEBUG service.ReliableFileTransferHome 
[main,initialize:61] Loading the RFT home's list of resource keys
2008-10-31 11:33:27,303 DEBUG service.ReliableFileTransferHome 
[main,initialize:68] Number of RFT resources to be recovered:0
Starting SOAP server at: https://192.168.65.5:8443/wsrf/services/ 
With the following services:

[1]: https://192.168.65.5:8443/wsrf/services/AdminService
[2]: https://192.168.65.5:8443/wsrf/services/AuthzCalloutTestService
[3]: https://192.168.65.5:8443/wsrf/services/CASService
[4]: https://192.168.65.5:8443/wsrf/services/ContainerRegistryEntryService
[5]: https://192.168.65.5:8443/wsrf/services/ContainerRegistryService
[6]: https://192.168.65.5:8443/wsrf/services/CounterService
[7]: https://192.168.65.5:8443/wsrf/services/DefaultIndexService
[8]: https://192.168.65.5:8443/wsrf/services/DefaultIndexServiceEntry
[9]: https://192.168.65.5:8443/wsrf/services/DefaultTriggerService
[10]: https://192.168.65.5:8443/wsrf/services/DefaultTriggerServiceEntry
[11]: https://192.168.65.5:8443/wsrf/services/DelegationFactoryService
[12]: https://192.168.65.5:8443/wsrf/services/DelegationService
[13]: https://192.168.65.5:8443/wsrf/services/DelegationTestService
[14]: https://192.168.65.5:8443/wsrf/services/DeploymentService
[15]: https://192.168.65.5:8443/wsrf/services/InMemoryServiceGroup
[16]: https://192.168.65.5:8443/wsrf/services/InMemoryServiceGroupEntry
[17]: https://192.168.65.5:8443/wsrf/services/InMemoryServiceGroupFactory
[18]: https://192.168.65.5:8443/wsrf/services/IndexFactoryService
[19]: https://192.168.65.5:8443/wsrf/services/IndexService
[20]: https://192.168.65.5:8443/wsrf/services/IndexServiceEntry
[21]: https://192.168.65.5:8443/wsrf/services/ManagedExecutableJobService
[22]: https://192.168.65.5:8443/wsrf/services/ManagedJobFactoryService
[23]: https://192.168.65.5:8443/wsrf/services/ManagedMultiJobService
[24]: https://192.168.65.5:8443/wsrf/services/ManagementService
[25]: https://192.168.65.5:8443/wsrf/services/NotificationConsumerFactoryService
[26]: https://192.168.65.5:8443/wsrf/services/NotificationConsumerService
[27]: https://192.168.65.5:8443/wsrf/services/NotificationTestService
[28]: https://192.168.65.5:8443/wsrf/services/PersistenceTestSubscriptionManager
[29]: https://192.168.65.5:8443/wsrf/services/ReliableFileTransferFactoryService
[30]: https://192.168.65.5:8443/wsrf/services/ReliableFileTransferService
[31]: https://192.168.65.5:8443/wsrf/services/RendezvousFactoryService
[32]: https://192.168.65.5:8443/wsrf/services/SampleAuthzService
[33]: https://192.168.65.5:8443/wsrf/services/SecureCounterService
[34]: https://192.168.65.5:8443/wsrf/services/SecurityTestService
[35]: https://192.168.65.5:8443/wsrf/services/ShutdownService
[36]: https://192.168.65.5:8443/wsrf/services/SubscriptionManagerService
[37]: https://192.168.65.5:8443/wsrf/services/TestAuthzService
[38]: https://192.168.65.5:8443/wsrf/services/TestRPCService
[39]: https://192.168.65.5:8443/wsrf/services/TestService
[40]: https://192.168.65.5:8443/wsrf/services/TestServiceRequest
[41]: https://192.168.65.5:8443/wsrf/services/TestServiceWrongWSDL
[42]: https://192.168.65.5:8443/wsrf/services/TriggerFactoryService
[43]: https://192.168.65.5:8443/wsrf/services/TriggerService
[44]: https://192.168.65.5:8443/wsrf/services/TriggerServiceEntry
[45]: https://192.168.65.5:8443/wsrf/services/Version
[46]: https://192.168.65.5:8443/wsrf/services/WidgetNotificationService
[47]: https://192.168.65.5:8443/wsrf/services/WidgetService
[48]: https://192.168.65.5:8443/wsrf/services/examples/core/db/DBComplexService
[49]: https://192.168.65.5:8443/wsrf/services/gsi/AuthenticationService
[50]: https://192.168.65.5:8443/wsrf/services/mds/test/execsource/IndexService
[51]: 
https://192.168.65.5:8443/wsrf/services/mds/test/execsource/IndexServiceEntry
[52]: https://192.168.65.5:8443/wsrf/services/mds/test/subsource/IndexService
[53]: 
https://192.168.65.5:8443/wsrf/services/mds/test/subsource/IndexServiceEntry
2008-10-31 11:33:53,505 INFO  impl.DefaultIndexService 
[ServiceThread-13,processConfigFile:107] Reading default registration 
configuration from file: 
/usr/local/globus-4.0.6/etc/globus_wsrf_mds_index/hierarchy.xml
2008-10-31 11:34:14,777 DEBUG impl.VomsCredentialPIP 
[ServiceThread-13,initialize:53] found truststore configuration: null
2008-10-31 11:34:14,779 DEBUG impl.VomsCredentialPIP 
[ServiceThread-13,initialize:108] VOMS PIP initialize complete
2008-10-31 11:34:14,781 DEBUG impl.VomsPDP [ServiceThread-13,initialize:536] 
Using static files
2008-10-31 11:34:14,783 DEBUG impl.VomsPDP [ServiceThread-13,initialize:548] no 
use-gridmap configuration
2008-10-31 11:34:14,784 DEBUG impl.ACLPDP [ServiceThread-13,load:148] added 
attribute to policy: /bio/Role=Developer/Capability=NULL
2008-10-31 11:34:14,785 DEBUG impl.VomsPDP [ServiceThread-13,initialize:588] no 
attribute authorization policy configuration
2008-10-31 11:34:14,786 DEBUG impl.VomsPDP [ServiceThread-13,initialize:613] 
using OR logic for DNs and attributes
2008-10-31 11:34:15,741 DEBUG impl.VomsCredentialPIP 
[ServiceThread-12,collectAttributes:122] cred set size: 1
2008-10-31 11:34:15,744 DEBUG impl.VomsCredentialPIP 
[ServiceThread-12,collectAttributes:137] set truststore to [EMAIL PROTECTED]
2008-10-31 11:34:15,780 DEBUG impl.VomsCredentialPIP 
[ServiceThread-12,collectAttributes:145] Parse Validator: isParsed : true
isValidated : false
VOMS attrs:[VO      :bio
HostPort:Arpitjain.cdacb.ernet.in:15001
FQANs   :[/bio/Role=Developer/Capability=NULL, /bio/Role=NULL/Capability=NULL]]
2008-10-31 11:34:15,780 DEBUG impl.VomsCredentialPIP 
[ServiceThread-12,collectAttributes:148] getVOMSAttributes() vector size 1
2008-10-31 11:34:15,781 DEBUG impl.VomsCredentialPIP 
[ServiceThread-12,collectAttributes:165] 
Roles /bio/Role=Developer/Capability=NULL
2008-10-31 11:34:15,781 DEBUG impl.VomsCredentialPIP 
[ServiceThread-12,collectAttributes:165] 
Roles /bio/Role=NULL/Capability=NULL
2008-10-31 11:34:15,785 DEBUG impl.VomsCredentialPIP 
[ServiceThread-12,collectAttributes:167] VO bio
2008-10-31 11:34:15,787 DEBUG impl.VomsCredentialPIP 
[ServiceThread-12,collectAttributes:168] hostport Arpitjain.cdacb.ernet.in:15001
2008-10-31 11:34:15,790 DEBUG impl.VomsPDP 
[ServiceThread-12,isPermittedImpl:110] Operation 
{http://www.globus.org/08/2004/delegationService}requestSecurityToken called by 
subject: /C=IN/O=C-DAC KP Bangalore/OU=CTSF/OU=ctsf.cdac.org.in/CN=kakolis
2008-10-31 11:34:15,793 DEBUG impl.VomsPDP 
[ServiceThread-12,isPermittedImpl:118] DN not in gridmap file configured (or no 
gridmap): /C=IN/O=C-DAC KP Bangalore/OU=CTSF/OU=ctsf.cdac.org.in/CN=kakolis
2008-10-31 11:34:15,794 DEBUG impl.VomsPDP 
[ServiceThread-12,isPermittedImpl:177] 
Roles /bio/Role=Developer/Capability=NULL
2008-10-31 11:34:15,794 DEBUG impl.VomsPDP 
[ServiceThread-12,isPermittedImpl:177] 
Roles /bio/Role=NULL/Capability=NULL
2008-10-31 11:34:15,794 DEBUG impl.VomsPDP 
[ServiceThread-12,isPermittedImpl:211] checking attribute 
/bio/Role=Developer/Capability=NULL
2008-10-31 11:34:15,795 INFO  impl.VomsPDP 
[ServiceThread-12,isPermittedImpl:219] Attribute passed: 
/bio/Role=Developer/Capability=NULL
2008-10-31 11:34:15,795 DEBUG impl.VomsPDP 
[ServiceThread-12,isPermittedImpl:211] checking attribute 
/bio/Role=NULL/Capability=NULL
2008-10-31 11:34:15,795 DEBUG impl.VomsPDP 
[ServiceThread-12,isPermittedImpl:226] attribute denied: 
/bio/Role=NULL/Capability=NULL
2008-10-31 11:34:15,796 DEBUG impl.VomsPDP 
[ServiceThread-12,isPermittedImpl:236] VO bio
2008-10-31 11:34:15,796 DEBUG impl.VomsPDP 
[ServiceThread-12,isPermittedImpl:250] calling checkCallAndContent on PDP impl
2008-10-31 11:34:15,796 INFO  impl.VomsPDP 
[ServiceThread-12,checkCallAndContent:306] PeerIdentity = /C=IN/O=C-DAC KP 
Bangalore/OU=CTSF/OU=ctsf.cdac.org.in/CN=kakolis
2008-10-31 11:34:15,797 INFO  impl.VomsPDP 
[ServiceThread-12,checkCallAndContent:307] operation = 
{http://www.globus.org/08/2004/delegationService}requestSecurityToken
2008-10-31 11:34:15,797 INFO  impl.VomsPDP 
[ServiceThread-12,checkCallAndContent:310] attribute: 
/bio/Role=Developer/Capability=NULL
2008-10-31 11:34:15,797 INFO  impl.VomsPDP 
[ServiceThread-12,checkCallAndContent:310] attribute: 
/bio/Role=NULL/Capability=NULL
2008-10-31 11:34:15,798 DEBUG impl.VomsPDP [ServiceThread-12,combine:382] dn OR 
attr are in positive policy, 'other' returns not applicable
2008-10-31 11:34:15,798 INFO  impl.VomsPDP 
[ServiceThread-12,isPermittedImpl:277] ACCEPTED: Operation 
{http://www.globus.org/08/2004/delegationService}requestSecurityToken called by 
subject: /C=IN/O=C-DAC KP Bangalore/OU=CTSF/OU=ctsf.cdac.org.in/CN=kakolis
2008-10-31 11:34:15,798 INFO  authorization.ServiceAuthorizationChain 
[ServiceThread-12,authorize:285] Authorized "/C=IN/O=C-DAC KP 
Bangalore/OU=CTSF/OU=ctsf.cdac.org.in/CN=kakolis" to invoke 
"{http://www.globus.org/08/2004/delegationService}requestSecurityToken";.
2008-10-31 11:34:15,803 DEBUG factory.DelegationFactoryService 
[ServiceThread-12,requestSecurityToken:45] Request security token
2008-10-31 11:34:15,812 DEBUG factory.DelegationFactoryResource 
[ServiceThread-12,getServiceHome:90] 
java:comp/env//services/DelegationService/home
2008-10-31 11:34:15,824 DEBUG impl.VomsCredentialPIP 
[ServiceThread-12,initialize:53] found truststore configuration: null
2008-10-31 11:34:15,825 DEBUG impl.VomsCredentialPIP 
[ServiceThread-12,initialize:108] VOMS PIP initialize complete
2008-10-31 11:34:15,826 DEBUG impl.VomsPDP [ServiceThread-12,initialize:536] 
Using static files
2008-10-31 11:34:15,827 DEBUG impl.VomsPDP [ServiceThread-12,initialize:548] no 
use-gridmap configuration
2008-10-31 11:34:15,829 DEBUG impl.ACLPDP [ServiceThread-12,load:148] added 
attribute to policy: /bio/Role=Developer/Capability=NULL
2008-10-31 11:34:15,829 DEBUG impl.VomsPDP [ServiceThread-12,initialize:588] no 
attribute authorization policy configuration
2008-10-31 11:34:15,830 DEBUG impl.VomsPDP [ServiceThread-12,initialize:613] 
using OR logic for DNs and attributes
2008-10-31 11:42:06,609 DEBUG impl.VomsCredentialPIP 
[ServiceThread-12,collectAttributes:122] cred set size: 1
2008-10-31 11:42:06,610 DEBUG impl.VomsCredentialPIP 
[ServiceThread-12,collectAttributes:137] set truststore to [EMAIL PROTECTED]
2008-10-31 11:42:06,617 DEBUG impl.VomsCredentialPIP 
[ServiceThread-12,collectAttributes:145] Parse Validator: isParsed : true
isValidated : false
VOMS attrs:[VO      :bio
HostPort:Arpitjain.cdacb.ernet.in:15001
FQANs   :[/bio/Role=Developer/Capability=NULL, /bio/Role=NULL/Capability=NULL]]
2008-10-31 11:42:06,617 DEBUG impl.VomsCredentialPIP 
[ServiceThread-12,collectAttributes:148] getVOMSAttributes() vector size 1
2008-10-31 11:42:06,617 DEBUG impl.VomsCredentialPIP 
[ServiceThread-12,collectAttributes:165] 
Roles /bio/Role=Developer/Capability=NULL
2008-10-31 11:42:06,620 DEBUG impl.VomsCredentialPIP 
[ServiceThread-12,collectAttributes:165] 
Roles /bio/Role=NULL/Capability=NULL
2008-10-31 11:42:06,620 DEBUG impl.VomsCredentialPIP 
[ServiceThread-12,collectAttributes:167] VO bio
2008-10-31 11:42:06,621 DEBUG impl.VomsCredentialPIP 
[ServiceThread-12,collectAttributes:168] hostport Arpitjain.cdacb.ernet.in:15001
2008-10-31 11:42:06,621 DEBUG impl.VomsPDP 
[ServiceThread-12,isPermittedImpl:110] Operation 
{http://www.globus.org/08/2004/delegationService}requestSecurityToken called by 
subject: /C=IN/O=C-DAC KP Bangalore/OU=CTSF/OU=ctsf.cdac.org.in/CN=kakolis
2008-10-31 11:42:06,621 DEBUG impl.VomsPDP 
[ServiceThread-12,isPermittedImpl:118] DN not in gridmap file configured (or no 
gridmap): /C=IN/O=C-DAC KP Bangalore/OU=CTSF/OU=ctsf.cdac.org.in/CN=kakolis
2008-10-31 11:42:06,622 DEBUG impl.VomsPDP 
[ServiceThread-12,isPermittedImpl:177] 
Roles /bio/Role=Developer/Capability=NULL
2008-10-31 11:42:06,622 DEBUG impl.VomsPDP 
[ServiceThread-12,isPermittedImpl:177] 
Roles /bio/Role=NULL/Capability=NULL
2008-10-31 11:42:06,622 DEBUG impl.VomsPDP 
[ServiceThread-12,isPermittedImpl:211] checking attribute 
/bio/Role=Developer/Capability=NULL
2008-10-31 11:42:06,622 INFO  impl.VomsPDP 
[ServiceThread-12,isPermittedImpl:219] Attribute passed: 
/bio/Role=Developer/Capability=NULL
2008-10-31 11:42:06,623 DEBUG impl.VomsPDP 
[ServiceThread-12,isPermittedImpl:211] checking attribute 
/bio/Role=NULL/Capability=NULL
2008-10-31 11:42:06,623 DEBUG impl.VomsPDP 
[ServiceThread-12,isPermittedImpl:226] attribute denied: 
/bio/Role=NULL/Capability=NULL
2008-10-31 11:42:06,623 DEBUG impl.VomsPDP 
[ServiceThread-12,isPermittedImpl:236] VO bio
2008-10-31 11:42:06,624 DEBUG impl.VomsPDP 
[ServiceThread-12,isPermittedImpl:250] calling checkCallAndContent on PDP impl
2008-10-31 11:42:06,624 INFO  impl.VomsPDP 
[ServiceThread-12,checkCallAndContent:306] PeerIdentity = /C=IN/O=C-DAC KP 
Bangalore/OU=CTSF/OU=ctsf.cdac.org.in/CN=kakolis
2008-10-31 11:42:06,624 INFO  impl.VomsPDP 
[ServiceThread-12,checkCallAndContent:307] operation = 
{http://www.globus.org/08/2004/delegationService}requestSecurityToken
2008-10-31 11:42:06,624 INFO  impl.VomsPDP 
[ServiceThread-12,checkCallAndContent:310] attribute: 
/bio/Role=Developer/Capability=NULL
2008-10-31 11:42:06,625 INFO  impl.VomsPDP 
[ServiceThread-12,checkCallAndContent:310] attribute: 
/bio/Role=NULL/Capability=NULL
2008-10-31 11:42:06,625 DEBUG impl.VomsPDP [ServiceThread-12,combine:382] dn OR 
attr are in positive policy, 'other' returns not applicable
2008-10-31 11:42:06,625 INFO  impl.VomsPDP 
[ServiceThread-12,isPermittedImpl:277] ACCEPTED: Operation 
{http://www.globus.org/08/2004/delegationService}requestSecurityToken called by 
subject: /C=IN/O=C-DAC KP Bangalore/OU=CTSF/OU=ctsf.cdac.org.in/CN=kakolis
2008-10-31 11:42:06,626 INFO  authorization.ServiceAuthorizationChain 
[ServiceThread-12,authorize:285] Authorized "/C=IN/O=C-DAC KP 
Bangalore/OU=CTSF/OU=ctsf.cdac.org.in/CN=kakolis" to invoke 
"{http://www.globus.org/08/2004/delegationService}requestSecurityToken";.
2008-10-31 11:42:06,629 DEBUG factory.DelegationFactoryService 
[ServiceThread-12,requestSecurityToken:45] Request security token
2008-10-31 11:42:06,630 DEBUG factory.DelegationFactoryResource 
[ServiceThread-12,getServiceHome:90] 
java:comp/env//services/DelegationService/home

[gt-user] Error while running RFT with VOMS interceptors.

Reply via email to