Hi We have successfully protected GT4 Services using VOMS attributes.Please follow the instruction given in the guide at: <http://www.nikhef.nl/%7Edennisvd/ws_voms_authz_howto.pdf> *http://www.nikhef.nl/~dennisvd/
*I want to know about Shibboleth Interoperability with Attribute Retrieval through VOMS which is described in below doc: https://edms.cern.ch/cedar/plsql/doc.info?document_id=807849 What is the advantage of using Shibboleth attributes in addition to attributes given by VOMS? Thanks Arpit On Tue, Jan 27, 2009 at 11:09 PM, Alan Sill <[email protected]> wrote: > These should all be covered in the documents I sent. The strongest use of > VOMS is in the context of large-scale virtual organizations, typically those > associated with EGEE, Open Science Grid, PRAGMA and other large-scale > projects. > > The minimal configuration of VOMS should be covered in the latter of the > two documents I sent. You will need a database to implement VOMS - usually > MySQL or Oracle. Note that voms is the membership service, not the > enforcement point. Its function is to allow users who are part of yoru > organization to register their associated certificates, and once approved by > the appropriate VOMS administrator (or others within the VO assigned this > role within VOMS to make such approvals), then the server can take a proxy > request and return a proxy in the form of an extended attribute certificate, > or (as we saw) a SAML assertion. > > The authorization associated with use of the above occurs within the > authorization structure of the resource to which the user presents this > credential. There are many authorization infrastructures in existence that > can consume a VOMS-supplied credential to enforce VO membership at the > location of the consuming resource. In Open Science Grid, this is done > using the "VO services" (formerly Privilege) infrastructure, comprising > GUMS, PRIMA, etc. The authorization infrastructure of EGEE-related projects > is currently undergoing a transformation to a new design; in the past it has > used tools like LCAS and LCMAPS to do this. > > Much of the above can be more complicated than minimally needed. If you > just want to install VOMS to try it out with minimal complication, you can > use the Virtual Data Toolkit (VDT) pre-packaged installation: > > http://vdt.cs.wisc.edu/ > > specifically > > http://vdt.cs.wisc.edu/components/voms.html > > Alan > > > On Jan 27, 2009, at 11:18 AM, Jan Muhammad wrote: > > What are the Pre-requisite for VOMS setup? >> VOMS components to Install (PIP/PDP)---- This is almost there in documents >> sent on gt-user list. >> Where to store VOMS Server generated attributes (MySQL or local File >> System)? >> >> >
