Begin forwarded message:
From: Rachana Ananthakrishnan <[email protected]>
Date: August 2, 2010 5:07:13 PM CDT
To: [email protected], [email protected],
[email protected]
Subject: [jglobus-announce] CoG JGlobus Update
We are planning the next major release of features provided by CoG
JGlobus and CoG JGlobus-FX libraries. The first update will cover
the GSI features, and will be followed up with support for GridFTP,
GRAM and MyProxy client libraries.
The primary goals of the release are
- upgrade third-party libraries
- port to standard security Java APIs
- improve package and distribution model
- deprecation of unused code
The upcoming release will be protocol compatible with CoG JGlobus
version 1.8.x, with some API and packages deprecated. The following
are the key changes planned for the libraries:
1. Packaging and distribution: The single jar distribution that
contains, GSI, GRAM, GridFTP, MDS and MyProxy clients, will be split
into separate logical packages and modules. The dependencies and
distribution will be managed using Maven.
2. Project and code repository: The project will be moved to
SourceForge and code will be maintained on GitHub. Repository will
be open for read access, with existing dev.globus committers
continuing to have commit rights on specific sub-projects.
3. Release plan: Detailed release plans for the library are being
worked on currently. CoG JGlobus GSI will be the first piece to be
upgraded, and is targeted for an alpha release in September 2010
release. This will be followed-up by updated GridFTP, GRAM and
MyProxy client libraries. An alpha version of each these will be
released a few weeks for early testers.
4. Support: Support commitment will continue to be best-effort, and
support requests will be monitored on a user mailing list setup for
the project.
5. CoG JGlobus 1.x support: Support for existing library will
continue for upto 3 months after the 2.0 release, to support
transition to the new code base.
The GSI features will be the first set to be upgraded and released,
and the other clients will build on the new GSI library.
The key change will be the upgrade to use standard Java SSL library,
and replace PureTLS and supporting libraries. This will not only
deprecate the use of unsupported PureTLS, but also provide access to
better security algorithms, such has SHA2. The upcoming release will
also use Java Security Provider framework and standard API, thus
facilitating use of any standard provider implementations for
processing certificates and CRLs, path validation and trust managers.
Other than discontinuing of the PureTLS package and already
deprecated code, most of the existing API will be maintained,
although many will be deprecated to favor use of more standard APIs.
There are no plans to continue support for Tomcat connectors for GSI
SSL (HTTPS and delegation). Based on prototype work currently being
done, the API changes are documented here: http://www.mcs.anl.gov/~ranantha/jGlobus/jGlobus-jGlobusAPIChanges-02Aug10-1223PM-4.pdf
The GSI pieces will be released as following software packages, with
the following Maven artifacts planned:
1. jGlobus GSI 2.0
1A. GSI Core - API for creation of proxy credentials, and utility
API to deal with proxy credentials/certificate chains, as needed.
1B. GSI TrustManager - Trust Manager for Java SSL with support for
RFC 3820 Proxy Certificate and Signing Policy and authorization.
1C. GSS-GSI - GSS API wrapper for standard SSL and GSI SSL (SSL with
delegation), with support for RFC 3820 Proxy Certificates and
Signing Policy.
1D. GSI CL - Client tools for certificate and proxy credential
handling
2. jGlobus Connectors 2.0
2A. SSL Proxy Connectors - Tomcat and JBoss connectors to enable
SSL with Proxy certificates
The following shows some common library usage, and the module to
download. The dependencies for the module will automatically be
resolved and downloaded:
1. Command line clients (e.g grid-proxy-init) , GSI CL
2. GSS API to integrate with applications, GSS-GSI
3. API to extract properties of credential (e.g identity or type of
proxy), GSI Core
4. Tomcat requiring SSL access and support for proxies and signing
policy, SSL Proxy Connectors
Similar details for the other modules in the library, that is
GridFTP, GRAM, MDS and MyProxy will be provided soon.
Please provide comments/feedback on the planned updates. If your
community has specific usage of the current libraries, that are not
covered by this plan, please let us know.
Thanks,
Rachana
Rachana Ananthakrishnan
Argonne National Lab | University of Chicago
Rachana Ananthakrishnan
Argonne National Lab | University of Chicago
