allowing other identities to connect

Robert Olson olson at mcs.anl.gov
Thu Jan 30 18:57:47 CST 2003 

the clients need to be updated as well (authentication goes both ways).

--bob

At 06:26 PM 1/30/2003 -0600, Ivan R. Judson wrote:

>I successfully ran the venuemanagement.py, and deleted two duplicate venues,
>but I can't add one (I get the following authorization failure):
>
>
>creating proxy on
>https://vv2.mcs.anl.gov:11006/Venues/000000f3119d4aa4008c00dd
>000b0037b68
>Traceback (most recent call last):
>   File "C:\software\AccessGrid\bin\VenueManagement.py", line 345, in
>OpenAddVenu
>eDialog
>     addVenueDialog = AddVenueFrame(self, -1, "", venueList =
>self.venuesList)
>   File "C:\software\AccessGrid\bin\VenueManagement.py", line 890, in
>__init__
>     self.Ok()
>   File "C:\software\AccessGrid\bin\VenueManagement.py", line 905, in Ok
>     self.parent.InsertVenue(data, exitsList)
>   File "C:\software\AccessGrid\bin\VenueManagement.py", line 379, in
>InsertVenue
>
>     newUri = self.application.AddVenue(data, exitsList)
>   File "C:\software\AccessGrid\bin\VenueManagement.py", line 97, in AddVenue
>     Client.Handle(uri).get_proxy().SetConnections(exitsList)
>   File "C:\software\AccessGrid\AccessGrid\hosting\pyGlobus\AGGSISOAP.py",
>line 3
>644, in __r_call
>     self.__hd, self.__ma)
>   File "C:\software\AccessGrid\AccessGrid\hosting\pyGlobus\AGGSISOAP.py",
>line 3
>562, in __call
>     config = self.config)
>   File "C:\Software\AccessGrid\AccessGrid\hosting\pyGlobus\Client.py", line
>139,
>  in call
>     r.endheaders()
>   File "C:\Software\Python22\lib\httplib.py", line 695, in endheaders
>     self._send_output()
>   File "C:\Software\Python22\lib\httplib.py", line 581, in _send_output
>     self.send(msg)
>   File "C:\Software\Python22\lib\httplib.py", line 548, in send
>     self.connect()
>   File "C:\Software\globus\python\pyGlobus\io.py", line 1073, in connect
>     self.sock.connect(self.host, self.port, self.io_attr)
>   File "C:\Software\globus\python\pyGlobus\io.py", line 658, in connect
>     raise ex
>pyGlobus.io.GSITCPSocketException: an authentication operation failed
>
> > -----Original Message-----
> > From: owner-ag-dev at mcs.anl.gov
> > [mailto:owner-ag-dev at mcs.anl.gov] On Behalf Of Thomas Uram
> > Sent: Thursday, January 30, 2003 5:21 PM
> > To: Robert Olson
> > Cc: ag-dev at mcs.anl.gov
> > Subject: Re: allowing other identities to connect
> >
> >
> > I made this trivial change in VenueServer.py and it works
> > (tested with
> > Susanne).  I committed the change, and started a server at
> > https://vv2:11006/VenueServer (if that looks like a
> > non-standard port,
> > that's because it's supposed to).
> >
> > I'll make this change on the NodeManagement services too.
> >
> > Tom
> >
> >
> > Robert Olson wrote:
> >
> > > The default authorization mode is
> > > GLOBUS_IO_SECURE_AUTHORIZATION_MODE_SELF, which means to only allow
> > > connections from processes with the same identity.
> > >
> > > You can create an authorization callback on either a Client or a
> > > Server to allow the application to decide. Returning 1 allows the
> > > connection to complete, returning 0 makes it fail.
> > >
> > > First the client:
> > >
> > > import Client
> > > import os
> > >
> > > def cb(server, g_handle, remote_user, context):
> > >     print "got callback for user ", remote_user
> > >     return 1
> > >
> > > h = Client.Handle('https://localhost:8000/100', authCallback = cb)
> > >
> > > ret = None
> > >
> > > try:
> > >     ret = h.get_proxy().method(3)
> > > except Client.FaultType, f:
> > >     print "call raised fault ", f, dir(f)
> > >     print "faultcode='%s'" % (f.faultcode)
> > >     print "string='%s'" % ( f.faultstring)
> > >
> > > else:
> > >     print "Got '%s' '%s' from method"  % (ret, map(lambda x: str(x),
> > > ret))
> > >
> > > And the server:
> > >
> > >
> > > [[Other code elided]]
> > >
> > > def cb(server, g_handle, remote_user, context):
> > >     print "Server gets identity ", remote_user
> > >     return 1
> > >
> > > if __name__ == "__main__":
> > >
> > >     server = Server.Server(8000, auth_callback = cb)
> > >
> > >     s = server.create_service(C)
> > >
> > >     print "Have %s %s" % (s, s.get_handle())
> > >
> > >
> >
> >

More information about the ag-dev mailing list