Hi,
Here is the source code for the PDP itself:
http://viewcvs.globus.org/viewcvs.cgi/authorization/java/base/source/src/org/globus/wsrf/impl/security/authorization/UsernameAuthzPDP.java?annotate=1.1&pathrev=HEAD
http://viewcvs.globus.org/viewcvs.cgi/authorization/java/base/source/src/org/globus/wsrf/impl/security/authorization/UsernameTokenCallbackHandler.java?view=log&pathrev=HEAD
Test code that shows how a PDP can be used with LoginModule:
http://fisheye.globus.org/browse/globus_cvs/authorization/java/base/test/source/src/org/globus/wsrf/impl/security/authorization/TestUsernameAuthzPDP.java?r=1.3
http://fisheye.globus.org/browse/globus_cvs/authorization/java/base/test/source/src/org/globus/wsrf/impl/security/authorization/UsernameLoginModule.java?r=1.1
Configuration information and description of module is here:
http://www.globus.org/toolkit/docs/latest-stable/security/wsaajava/pdp/wsaajava-pdp-userNameAuthz.html
I haven't read the LONI pipeline server guide, but you might have to
write a PDP that LoginContext as needed and adds things to the JAAS
Subject.
Hope this helps,
Rachana
On Jul 21, 2009, at 7:55 PM, Don Bigler wrote:
Hi,
After many hours of pouring over online documentation, I finally
successfully setup Globus 4.2.1 on a Linux cluster based on torque.
The final goal is to be able to run the LONI Pipeline (http://pipeline.loni.ucla.edu/
) on the cluster using the Java DRMAA interface implemented in
Gridway. At this point the Java DRMAA interface within Gridway
appears to be functioning properly and all I need to do is setup the
LONI Pipeline to work with Gridway. This is where I'm stuck.
Specifically...
1. As outlined in the LONI Pipeline server guide, authentication
within the LONI Pipeline is performed using the Java Authentication
and Authorization Service (JAAS), which requires a LoginContext and
LoginModule.
2. A google search for globus and JAAS reveals the wsaaJavaPDP.pdf
file which discusses the Globus JAAS authorization class implemented
in org.globus.wsrf.impl.security.authorization.UsernameAuthzPDP.
The pdf describes how to create custom LoginContext and LoginModule
classes using examples in the unit tests within the source. I was
unable to find the documented examples within the 4.2.1 source
files. Furthermore, it is unclear exactly what globus files need to
be modified to get this working.
3. The way I envision this setup working is that the LONI Pipeline
connects to the Globus WS container using JAAS, which provides
authorization for running Globus within Gridway and DRMAA without
specifically calling grid-proxy-init, but it is very unclear how I
might go about implementing this.
Any assistance provided on this scenario will be greatly
appreciated. Thanks in advance!
Don
--
Don Bigler, Ph.D.
The Pennsylvania State University
NMR Building
H066 Radiology
Hershey Medical Center
Hershey, PA 17033 Phone: (717)531-5858
Fax: (717)531-8486
Hershey Confidentiality Statement:
This message (including any attachments) contains information
intended for a specific individual(s) and purpose that may be
privileged, confidential or otherwise protected from disclosure
pursuant to applicable law. Any inappropriate use, distribution or
copying of the message is strictly prohibited and may subject you to
criminal or civil penalty. If you have received this transmission
in error, please reply to the sender indicating this error and
delete the transmission from your system immediately.
