VO-Management CredentialsRenewal

The Credentials Renewal Service allows users delegating periodically their credentials to the local Delegation Services hosted on the GHN. The service is able to retrieve a copy of the credentials from the repository, or to create a simpleCA credentials, and forward it to the GHN interested. It can also contact VOMS server(s) adding roles needed by the services to operate. Delegated credentials are sent to the Delegation service running on the remote GHN. Subscribed services running on that node are thus notified of the delegated credentials through the GHNContext orchestration.

Resources and properties

The Credentials Renewal service adopts a Factory Pattern and manages CredentialsRenewalResource resource. The CredentialsRenewalResource manages credentials renewal tasks.

Functions

The main functions supported by VO-Management CredentialsRenewal are:

• createMyProxyAccount() – which takes as input parameter a CreateMyProxyAccountRequest message containing the username, password and contexts for the desired account and returns a CreateMyProxyAccountResponse containing an EPR of a CredentialsRenewalResource.
• createCAAccount() – which takes as input parameter a CreateCAAccountRequest message containing the username and contexts for the desired account and returns a CreateCAAccountResponse containing an EPR of a CredentialsRenewalResource.
• getMyProxyAccount() – which takes as input parameter a GetMyProxyAccountRequest message containing the username and password of a MyProxy account and returns a GetMyProxyAccountResponse containing a valid EPR of a CredentialasRenewalResource.
• getMatchingAccounts() – which takes as input parameter a GetMatchingAccountsRequest message containing a context and returns a GetMatchingAccountsResponse containing a matched EPR of a CredentialasRenewalResource.
• getCredentialsAccounts() – which takes as input parameter a GetCredentialsAccountsRequest message and returns a GetCredentialsAccountsResponse containing a list of the accounts.