<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
<head>
<meta content="text/html;charset=ISO-8859-1" http-equiv="Content-Type">
</head>
<body bgcolor="#ffffff" text="#000000">
<br>
<br>
On 4/1/08 5:15 PM, Luis Galárraga wrote:
<blockquote
cite="mid:3666c210804011515qc5ef13dj848005e615140c62@mail.gmail.com"
type="cite">Greetings:<br>
<br>
Finally, I could generate stubs for AG soap interfaces
(CommunityVenueServer, VenueServer, Venue and VenueClient) using
wsdl2java with files *Binding.wsdl. I used wsdl files located in CVS
repository instead of requesting wsdl from server. Now I have several
questions:<br>
<br>
- There was a file generate.py which I ran and generated extra wsdl
files: CommunityServerBinding.wsdl and CommunityServerInterface.wsdl.
What is CommunityServer service for? Searching in Google I understood
that it has security purposes but reading the generated code I cannot
deduce its function. Does this service accept requests in the same port
as VenueServer?<br>
</blockquote>
<br>
You can ignore the CommunityServer code. That was preliminary and is
not being used.<br>
<blockquote
cite="mid:3666c210804011515qc5ef13dj848005e615140c62@mail.gmail.com"
type="cite"><br>
- I configured my server (<a moz-do-not-send="true"
href="http://proyectossw.espol.edu.ec:8000">proyectossw.espol.edu.ec:8000</a>)
to accept GetVersionRequests for everybody. But when I invoked this
method for any stub, I get the following message (in this case with
VenueClientStub. Those examples pointed to localhost so I changed them
for my server url):<br>
<blockquote>Exception in thread "main" org.apache.axis2.AxisFault:
Processing Failure<br>
at
org.apache.axis2.util.Utils.getInboundFaultFromMessageContext(Utils.java:486)<br>
at
org.apache.axis2.description.OutInAxisOperationClient.handleResponse(OutInAxisOperation.java:343)<br>
at
org.apache.axis2.description.OutInAxisOperationClient.send(OutInAxisOperation.java:389)<br>
at
org.apache.axis2.description.OutInAxisOperationClient.executeImpl(OutInAxisOperation.java:211)<br>
at
org.apache.axis2.client.OperationClient.execute(OperationClient.java:163)<br>
at
org.accessgrid.www.v3_0.venueclient.VenueClientStub.GetVersion(VenueClientStub.java:3586)<br>
at
test.org.accessgrid.www.v3_0.venueclient.VenueClientTest.testGetVersion(VenueClientTest.java:352)<br>
at
test.org.accessgrid.www.v3_0.venueclient.VenueClientTest.main(VenueClientTest.java:584)<br>
</blockquote>
</blockquote>
I can't determine anything from this error message, unfortunately.
Have you looked at the VenueServer log following this call? Can you
look at the SOAP data between the server and client, to get an idea of
the problem? <br>
<br>
<blockquote
cite="mid:3666c210804011515qc5ef13dj848005e615140c62@mail.gmail.com"
type="cite">
<blockquote></blockquote>
Does anybody have an idea? Thanks in advance.<br>
<br>
Luis,<br>
<br>
<br>
<div><span class="gmail_quote">2008/3/28, Luis Galárraga <<a
moz-do-not-send="true" href="mailto:lgalarra@fiec.espol.edu.ec">lgalarra@fiec.espol.edu.ec</a>>:</span>
<blockquote class="gmail_quote"
style="border-left: 1px solid rgb(204, 204, 204); margin: 0pt 0pt 0pt 0.8ex; padding-left: 1ex;">It
looks like there is a problem with WSDL, as I get the following error
when using WSDL2Java, the tool that comes with Axis distribution. I am
using the file obtained by requesting <a moz-do-not-send="true"
href="https://proyectossw.espol.edu.ec:8000/Venues/default?WSDL"
target="_blank" onclick="return top.js.OpenExtLink(window,event,this)">https://proyectossw.espol.edu.ec:8000/Venues/default?WSDL</a><br>
The server is using AccessGrid 3.1.<br>
<br>
<blockquote
style="border-left: 1px solid rgb(204, 204, 204); margin: 0pt 0pt 0pt 0.8ex; padding-left: 1ex;"
class="gmail_quote"> $ ./wsdl2java.sh -uri Venue.wsdl Using
AXIS2_HOME: /home/luis/Desktop/axis2-1.3<br>
Using JAVA_HOME: /usr/lib/jvm/java-6-sun-1.6.0.03/<br>
Exception in thread "main"
org.apache.axis2.wsdl.codegen.CodeGenerationException: Error parsing
WSDL<br>
at
org.apache.axis2.wsdl.codegen.CodeGenerationEngine.<init>(CodeGenerationEngine.java:150)<br>
at org.apache.axis2.wsdl.WSDL2Code.main(WSDL2Code.java:35)<br>
at org.apache.axis2.wsdl.WSDL2Java.main(WSDL2Java.java:24)<br>
<span style="font-weight: bold;">Caused by:
javax.wsdl.WSDLException: WSDLException (at /definitions/types):
faultCode=INVALID_WSDL: Encountered illegal extension attribute
'targetNamespace'. Extension attributes must be in a namespace other
than WSDL's.</span><br>
at
com.ibm.wsdl.xml.WSDLReaderImpl.parseExtensibilityAttributes(Unknown
Source)<br>
at com.ibm.wsdl.xml.WSDLReaderImpl.parseTypes(Unknown Source)<br>
at com.ibm.wsdl.xml.WSDLReaderImpl.parseDefinitions(Unknown
Source)<br>
at com.ibm.wsdl.xml.WSDLReaderImpl.readWSDL(Unknown Source)<br>
at com.ibm.wsdl.xml.WSDLReaderImpl.readWSDL(Unknown Source)<br>
at com.ibm.wsdl.xml.WSDLReaderImpl.readWSDL(Unknown Source)<br>
at
org.apache.axis2.wsdl.codegen.CodeGenerationEngine.readInTheWSDLFile(CodeGenerationEngine.java:286)<br>
at
org.apache.axis2.wsdl.codegen.CodeGenerationEngine.<init>(CodeGenerationEngine.java:105)<br>
... 2 more<br>
</blockquote>
<br>
Regards, <br>
Luis<br>
<br>
<div><span class="gmail_quote">2008/3/28, Thomas D. Uram <<a
moz-do-not-send="true" href="mailto:turam@mcs.anl.gov" target="_blank"
onclick="return top.js.OpenExtLink(window,event,this)">turam@mcs.anl.gov</a>>:</span>
<div><span class="e" id="q_118f7516f4ab0635_1">
<blockquote class="gmail_quote"
style="border-left: 1px solid rgb(204, 204, 204); margin: 0pt 0pt 0pt 0.8ex; padding-left: 1ex;">
<div bgcolor="#ffffff" text="#000000">AG2 did rely on the Globus
toolkit.<br>
<br>
AG3 does not rely on the Globus toolkit. We are using Doc-Lit SOAP via
Python ZSI (<a moz-do-not-send="true"
href="http://pywebsvcs.sourceforge.net" target="_blank"
onclick="return top.js.OpenExtLink(window,event,this)">pywebsvcs.sourceforge.net</a>).
You should be able to consume
these services using other-language SOAP implementations. If not,
something is wrong with our WSDL, ZSI, or your other-language SOAP
implementation. I'll follow up on your other mail regarding the error
message you're getting.<br>
<br>
For what it's worth, I know other people have consumed the AG web
services using a Java SOAP implementation (you should be able to find
information about this in the mailing list archives).<br>
<br>
Tom
<div><span><br>
<br>
<br>
<br>
<br>
<br>
On 3/27/08 6:53 PM, Luis Galárraga wrote:
<blockquote type="cite">Thanks a lot for your help!!. We
understand AG a little
better now :-)<br>
<br>
Another question: we are trying to consume Venue and VenueServer web
services without success. Now, I understand that as AccessGrid relies
on Globus Toolkit (I have heard about it before, but I understand it
better) we need to construct clients compatible with it. Using JAX-WS
(used by Netbeans IDE) is not a good idea. Am I in the right way??<br>
<br>
Luis,<br>
<br>
<div><span class="gmail_quote">2008/3/27, Thomas D. Uram <<a
moz-do-not-send="true" href="mailto:turam@mcs.anl.gov" target="_blank"
onclick="return top.js.OpenExtLink(window,event,this)">turam@mcs.anl.gov</a>>:</span>
<blockquote class="gmail_quote"
style="border-left: 1px solid rgb(204, 204, 204); margin: 0pt 0pt 0pt 0.8ex; padding-left: 1ex;">
<div bgcolor="#ffffff" text="#000000">Luis:<br>
<br>
See responses inline.<span><br>
<br>
On 3/14/08 3:24 PM, Luis Galárraga wrote:
<blockquote type="cite">Greetings Tom:<br>
<br>
First of all, thanks again for your help, I have several questions,
this time related to server certificates. Do the things we were talking
about identity certificates apply to server certificates?. We have a
developer who is working in consuming AG server web services from a
Java Client. He would like to work at home, but unfortunately our
request for opening certain tcp ports was denied because of security
issues. I told him to run server and client in his machine. I had to
make a server certificate request to be able to run the server first
time:<br>
- Is it possible to omit this step?. <br>
</blockquote>
</span>The server does require a certificate; this
requirement
cannot be
avoided.<span><br>
<blockquote type="cite">- If not, is it possible to create it
with
a tool like
openssl. When starting server from terminal, it asks for a certificate.<br>
</blockquote>
</span>You can build up the required certificate state
completely
independent
from the Access Grid Developers CA if you want. In that case, you'll
have to make sure that the CA cert is installed at both the server and
at client machines. And the CA cert will have to be used to sign the
certificate used to run the server. This is standard PKI practice, so
you should be able to find sufficient references online. If you have
trouble, please ask.<span><br>
<blockquote type="cite">- Is there a way of exporting a
certificate
from command
line. I have a problem with the certificate management tool (it crashes
unexpectedly. I reported it and there is someone working to provide you
a better report) so I cannot do it through graphical interface.<br>
</blockquote>
</span>You can use certmgr.py. In some cases, it will be
called
certmgr3.py.
After running it, type 'help' for a list of available commands.
<div><span><br>
<br>
<blockquote type="cite"><br>
Regards,<br>
Luis<br>
<br>
<br>
<br>
<div><span class="gmail_quote">2008/3/13, Thomas D. Uram
<<a moz-do-not-send="true" href="mailto:turam@mcs.anl.gov"
target="_blank" onclick="return top.js.OpenExtLink(window,event,this)">turam@mcs.anl.gov</a>>:</span>
<blockquote class="gmail_quote"
style="border-left: 1px solid rgb(204, 204, 204); margin: 0pt 0pt 0pt 0.8ex; padding-left: 1ex;">Hi
Luis:<br>
<br>
There are a few things you need to know in this regard:<br>
<br>
- By default, AG3 venues do not require that clients have a certificate<br>
to enter. Venues can be optionally configured to require a certificate,<br>
in which case the user must present a certificate that satisfies the<br>
access controls on the venue.<br>
<br>
- You can run your own CA and issue your own certificates. In that<br>
case, you'll need to make sure your clients have both your CA<br>
certificate and their personal certificate.<br>
<br>
Otherwise, this is general PKI. If you have other questions, don't<br>
hesitate to ask.<br>
<br>
Tom<br>
<br>
<br>
On 3/6/08 3:41 PM, Luis Galárraga wrote:<br>
> Greetings:<br>
><br>
> I am part of project for developing a webinar infraestructure
based on<br>
> Access Grid. After a long discussion in which suggestions in this<br>
> mailing list were strongly considered, we have decided to
implement a<br>
> simple client for venues (in servers 3.x) using Java Web Start
Apps.<br>
> As you can see, there are many things to do, and developers have<br>
> started by making tests with the soap interfaces in the our AG
server,<br>
> however they are not clear about the concepts behind the<br>
> authentication process. We know AG uses digital certificates for<br>
> everything: users and services and those certificates are
generated by<br>
> AG developers (after a process request). Can our developer team<br>
> generate certificates signed by us or it is required your sign?<br>
> Several people in our university will probably use the system so we<br>
> would like to have the privilege to generate the certificates.
Could<br>
> someone explain us in a better way, the technical issues behind<br>
> authentication based on certificates (= how you implemented it)?. I<br>
> hope you can help us.<br>
><br>
> Thanks in advance,<br>
><br>
> Regards,<br>
> Luis Galárraga<br>
</blockquote>
</div>
<br>
</blockquote>
</span></div>
</div>
</blockquote>
</div>
<br>
</blockquote>
</span></div>
</div>
</blockquote>
</span></div>
</div>
<br>
</blockquote>
</div>
<br>
</blockquote>
</body>
</html>