I'm trying to consume a secure Axis Web service (the voms server in
https) but also specifying GSI_TRANSPORT In particular, I'm using this
code in a -nosec container (GT4.1)
static {
Util.registerTransport();
}
....
VOMSAdminServiceLocator locator = new VOMSAdminServiceLocator();
URL vomsAdminURL = new
URL("https://my_server:8443/voms/myVO/services/VOMSAdmin");
VOMSAdmin stub = locator.getVOMSAdmin(vomsAdminURL);
// credentials
stub._setProperty(GSIConstants.GSI_CREDENTIALS, credentials);
// Authentication method
stub._setProperty(Constants.GSI_TRANSPORT, Constants.ENCRYPTION);
// delegation
stub._setProperty(GSIConstants.GSI_MODE,
GSIConstants.GSI_MODE_NO_DELEG);
// set Context lifetime
stub._setProperty(Constants.CONTEXT_LIFETIME, 300);
try {
stub.createUser(user);
logger.info("User created with CN " + username + " with DN " + dn
+ " with CA " + ca + " with mail " + email);
} catch (Exception e) {
e.printStackTrace();
throw e;
}
Also by specifying GSI_TRANSPORT instead of GSI_SECURE_CONV (I haven't
understood exactly why and when) I got this exception:
AxisFault
faultCode: {http://schemas.xmlsoap.org/soap/envelope/}Server.generalException
faultSubcode:
faultString: No client transport named 'https' found!
faultActor:
faultNode:
faultDetail:
{http://xml.apache.org/axis/}stackTrace:No client transport named
'https' found!
at org.apache.axis.client.AxisClient.invoke(AxisClient.java:170)
at org.apache.axis.client.Call.invokeEngine(Call.java:2727)
at org.apache.axis.client.Call.invoke(Call.java:2710)
at org.apache.axis.client.Call.invoke(Call.java:2386)
at org.apache.axis.client.Call.invoke(Call.java:2309)
at org.apache.axis.client.Call.invoke(Call.java:1766)
at
org.glite.wsdl.services.org_glite_security_voms_service_admin.VOMSAdminSoapBindingStub.createUser(VOMSAdminSoapBindingStub.java:905)
at
org.gcube.vomanagement.vomsAdmin.impl.VOMSAdminImpl.createUser(VOMSAdminImpl.java:137)
at
org.gcube.vomanagement.credentialsrenewal.impl.Delegator.addVOMSUser(Delegator.java:395)
at
org.gcube.vomanagement.credentialsrenewal.impl.CredentialsAccountResource.initialise(CredentialsAccountResource.java:694)
at
org.gcube.common.core.state.GCUBEWSResource.initialise(GCUBEWSResource.java:91)
at
org.gcube.common.core.state.GCUBEWSResource.initialise(GCUBEWSResource.java:34)
at
org.gcube.common.core.state.GCUBEResourceHome._create(GCUBEResourceHome.java:279)
at
org.gcube.common.core.state.GCUBEResourceHome.create(GCUBEResourceHome.java:250)
at org.gcube.common.core.state.GCUBEWSHome.create(GCUBEWSHome.java:164)
at
org.gcube.vomanagement.credentialsrenewal.impl.CredentialsRenewalService.createCAAccountOperation(CredentialsRenewalService.java:84)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at
sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
at
sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
at java.lang.reflect.Method.invoke(Method.java:585)
at
org.apache.axis.providers.java.RPCProvider.invokeMethod(RPCProvider.java:384)
at
org.globus.axis.providers.RPCProvider.invokeMethodSub(RPCProvider.java:107)
at
org.globus.axis.providers.PrivilegedInvokeMethodAction.run(PrivilegedInvokeMethodAction.java:42)
at java.security.AccessController.doPrivileged(Native Method)
at javax.security.auth.Subject.doAs(Subject.java:396)
at org.globus.gsi.jaas.GlobusSubject.runAs(GlobusSubject.java:55)
at org.globus.gsi.jaas.JaasSubject.doAs(JaasSubject.java:90)
at
org.globus.axis.providers.RPCProvider.invokeMethod(RPCProvider.java:97)
at
org.apache.axis.providers.java.RPCProvider.processMessage(RPCProvider.java:281)
at
org.apache.axis.providers.java.JavaProvider.invoke(JavaProvider.java:319)
at
org.apache.axis.strategies.InvocationStrategy.visit(InvocationStrategy.java:32)
at org.apache.axis.SimpleChain.doVisiting(SimpleChain.java:118)
at org.apache.axis.SimpleChain.invoke(SimpleChain.java:83)
at org.apache.axis.handlers.soap.SOAPService.invoke(SOAPService.java:450)
at org.apache.axis.server.AxisServer.invoke(AxisServer.java:285)
at org.globus.wsrf.container.ServiceThread.doPost(ServiceThread.java:664)
at
org.globus.wsrf.container.ServiceThread.process(ServiceThread.java:382)
at org.globus.wsrf.container.ServiceThread.run(ServiceThread.java:291)
{http://xml.apache.org/axis/}hostname:grids16.eng.it
No client transport named 'https' found!
at org.apache.axis.client.AxisClient.invoke(AxisClient.java:170)
at org.apache.axis.client.Call.invokeEngine(Call.java:2727)
at org.apache.axis.client.Call.invoke(Call.java:2710)
at org.apache.axis.client.Call.invoke(Call.java:2386)
at org.apache.axis.client.Call.invoke(Call.java:2309)
at org.apache.axis.client.Call.invoke(Call.java:1766)
at
org.glite.wsdl.services.org_glite_security_voms_service_admin.VOMSAdminSoapBindingStub.createUser(VOMSAdminSoapBindingStub.java:905)
at
org.gcube.vomanagement.vomsAdmin.impl.VOMSAdminImpl.createUser(VOMSAdminImpl.java:137)
at
org.gcube.vomanagement.credentialsrenewal.impl.Delegator.addVOMSUser(Delegator.java:395)
at
org.gcube.vomanagement.credentialsrenewal.impl.CredentialsAccountResource.initialise(CredentialsAccountResource.java:694)
at
org.gcube.common.core.state.GCUBEWSResource.initialise(GCUBEWSResource.java:91)
at
org.gcube.common.core.state.GCUBEWSResource.initialise(GCUBEWSResource.java:34)
at
org.gcube.common.core.state.GCUBEResourceHome._create(GCUBEResourceHome.java:279)
at
org.gcube.common.core.state.GCUBEResourceHome.create(GCUBEResourceHome.java:250)
at org.gcube.common.core.state.GCUBEWSHome.create(GCUBEWSHome.java:164)
at
org.gcube.vomanagement.credentialsrenewal.impl.CredentialsRenewalService.createCAAccountOperation(CredentialsRenewalService.java:84)
> at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at
sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
at
sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
at java.lang.reflect.Method.invoke(Method.java:585)
at
org.apache.axis.providers.java.RPCProvider.invokeMethod(RPCProvider.java:384)
at
org.globus.axis.providers.RPCProvider.invokeMethodSub(RPCProvider.java:107)
at
org.globus.axis.providers.PrivilegedInvokeMethodAction.run(PrivilegedInvokeMethodAction.java:42)
at java.security.AccessController.doPrivileged(Native Method)
at javax.security.auth.Subject.doAs(Subject.java:396)
at org.globus.gsi.jaas.GlobusSubject.runAs(GlobusSubject.java:55)
at org.globus.gsi.jaas.JaasSubject.doAs(JaasSubject.java:90)
at
org.globus.axis.providers.RPCProvider.invokeMethod(RPCProvider.java:97)
at
org.apache.axis.providers.java.RPCProvider.processMessage(RPCProvider.java:281)
at
org.apache.axis.providers.java.JavaProvider.invoke(JavaProvider.java:319)
at
org.apache.axis.strategies.InvocationStrategy.visit(InvocationStrategy.java:32)
at org.apache.axis.SimpleChain.doVisiting(SimpleChain.java:118)
at org.apache.axis.SimpleChain.invoke(SimpleChain.java:83)
at org.apache.axis.handlers.soap.SOAPService.invoke(SOAPService.java:450)
at org.apache.axis.server.AxisServer.invoke(AxisServer.java:285)
at org.globus.wsrf.container.ServiceThread.doPost(ServiceThread.java:664)
at
org.globus.wsrf.container.ServiceThread.process(ServiceThread.java:382)
at org.globus.wsrf.container.ServiceThread.run(ServiceThread.java:291)
Can anyone give me a clarification and/or some snippet of code to
understand how can I correctly manage VOMS server from a GT4 service?
Thank you in advance,
Andrea
> On Fri, Apr 24, 2009 at 10:19 AM, Andrea Turli <[email protected]> wrote:
>>
>> Finally we manage to communicate with VOMS from a GT container by
>> setting "Constants.GSI_TRANSPORT" as stub property.
>>
>> Thanks Tim for your precious suggestion
>>
>> Andrea
>>
>> On Wed, Mar 4, 2009 at 12:07 AM, Tim Freeman <[email protected]> wrote:
>>> On Tue, 24 Feb 2009 16:53:16 +0100
>>> Andrea Turli <[email protected]> wrote:
>>>
>>>> // credentials
>>>> stub._setProperty(GSIConstants.GSI_CREDENTIALS, credentials);
>>>>
>>>> // Authentication method
>>>> stub._setProperty(Constants.GSI_SEC_CONV,
>>>> Constants.ENCRYPTION);
>>>>
>>>> // delegation
>>>> stub._setProperty(GSIConstants.GSI_MODE,
>>>> GSIConstants.GSI_MODE_NO_DELEG);
>>>>
>>>> // set Context lifetime
>>>> stub._setProperty(Constants.CONTEXT_LIFETIME, 300);
>>>
>>> Are you intentionally setting "Constants.GSI_SEC_CONV" there? Only an
>>> educated
>>> guess, but I wouldn't think secure conversation is the appropriate choice
>>> for
>>> VOMS admin service. Try setting the "Constants.GSI_TRANSPORT" to
>>> "Constants.SIGNATURE" or "Constants.ENCRYPTION" instead?
>>>
>>> Tim
>>>
>>>
>>
>