How to use VOMS api library

From Gcube Wiki
Jump to: navigation, search


Package Installation

Download

The VOMS api library can be downloaded from here.

Installation Procedure

The following steps have to be performed in order to use this library:

  • uncompress the org.gcube.vo-management.voms-api-0.0.0-0.tar.gz file
  • copy org.gcube.vomanagement.voms-api.jar in a convenient directory
  • Edit a vomsAPI.properties file based on the template provided in the SA.

VOMS API properties file

vomsAPI.properties file is contained in SA and basically is composed of 3 sections: information about MyProxyCA server

# MyProxy server e.g.:grids04.eng.it
MYPROXY_HOST=YOUR_MYPROXYCA_SERVER
# MyProxy server port, default value is 7512
MYPROXY_PORT=YOUR_MYPROXYCA_SERVER_PORT
 
# Information about simpleCA to be used
 
# Certification authority, e.g.: /O=Grid/OU=GlobusTest/OU=simpleCA-gauss.eng.it/CN=Globus Simple CA
SIMPLE_CA=YOUR_CA
 
# Common Name prefix to build a Distinguished Name (DN), 
# e.g.: /O=Grid/OU=GlobusTest/OU=simpleCA-gauss.eng.it/OU=eng.it/CN= for a CN=test to obtain a valid DN for the VOMS
CN_prefix=CN_prefix

information about VOMS server

# VOMS host 
VOMS_HOST=YOUR_VOMS
 #VO Name defined in VOMS, e.g: d4science
VO_NAME=YOUR_VO_NAME
# Default voms port is "8443"
VOMS_PORT=8443
# Default voms protocol is "https"
VOMS_PROTOCOL=https

CLIENT credentials: the credentials to be specified by client to contact VOMS. They should have VO-Admin privileges in VO group.

# CLIENT creds: specify the triple (CLIENT_CERT, CLIENT_KEY, CLIENT_PWD) or CLIENT_PROXY
# e.g: triple (CLIENT_CERT, CLIENT_KEY, CLIENT_PWD)
# Overwrite the .pem certificate of the host, default path is /etc/grid-security/hostpubliccert.pem
# CLIENT_CERT=$HOME/user_cert.pem
# The .pem key of the host, default path is /etc/grid-security/hostprivatekey.pem
# CLIENT_KEY=$HOME/user_key.pem
# The password to decrypt private key
# CLIENT_PWD=
 
# e.g: CLIENT_PROXY
# client creds as a proxy certifcate, eg $HOME/proxy
# CLIENT_PROXY=

Using VOMS API library

This VOMS api library version DOESN'T need to use a VOMS servlet.