allowing other identities to connect

Robert Olson olson at mcs.anl.gov
Wed Jan 29 13:09:41 CST 2003


The default authorization mode is GLOBUS_IO_SECURE_AUTHORIZATION_MODE_SELF, 
which means to only allow connections from processes with the same identity.

You can create an authorization callback on either a Client or a Server to 
allow the application to decide. Returning 1 allows the connection to 
complete, returning 0 makes it fail.

First the client:

import Client
import os

def cb(server, g_handle, remote_user, context):
     print "got callback for user ", remote_user
     return 1

h = Client.Handle('https://localhost:8000/100', authCallback = cb)

ret = None

try:
     ret = h.get_proxy().method(3)
except Client.FaultType, f:
     print "call raised fault ", f, dir(f)
     print "faultcode='%s'" % (f.faultcode)
     print "string='%s'" % ( f.faultstring)

else:
     print "Got '%s' '%s' from method"  % (ret, map(lambda x: str(x), ret))

And the server:


[[Other code elided]]

def cb(server, g_handle, remote_user, context):
     print "Server gets identity ", remote_user
     return 1

if __name__ == "__main__":

     server = Server.Server(8000, auth_callback = cb)

     s = server.create_service(C)

     print "Have %s %s" % (s, s.get_handle())
   




More information about the ag-dev mailing list