First Last Prev Next    No search results available
Bug 6526 - Develop callouts for GridFTP to use GUMS for authorization
: Develop callouts for GridFTP to use GUMS for authorization
Status: NEW
: GridFTP
Campaign
: 4.2.0
: PC Windows XP
: P3 normal
: ---
Assigned To:
:
: OSG/EGEE_Authz_Interop
:
:
  Show dependency treegraph
 
Reported: 2008-11-04 17:04 by
Modified: 2010-01-12 14:36 (History)

Attachments
Add an attachment (proposed patch, testcase, etc.)


Note

You need to log in before you can comment on or make changes to this bug.

Description From 2008-11-04 17:04:20 
Definition: OSG is moving towards compliance with OSG/EGEE Authorization
Interoperability Profile. GridFTP provides an authorization callout interface
to allow pluggable authorization. A callout needs to be designed and developed
to allow GridFTP to use GUMS as the authorization service.

Tasks:
   o Determine the OSG/EGEE Authorization Interoperability Profile attributes
required for GUMS to authorize GridFTP requests.
   o Design and develop callout that constructs an XACML Authorization Request
to query GUMS with relevant attributes. This should leverage the Globus XACML
Authorization C library and potentially leverage PRIMA code base.
   o Test against OSG GUMS server with XACML interface
   o Merge code to trunk and GT 4.2 branch
   o Update documentation 

Resources: 

- OSG/EGEE Authz Interoperability Profile:
https://edms.cern.ch/document/929867/1

- C XACML Library: http://www.mcs.anl.gov/~bester/xacml/

- PRIMA: 

cvs -d :pserver:anonymous@cdcvs.fnal.gov:/cvs/cd_read_only co
privilege/prima/build
or via web
http://cdcvs0.fnal.gov/cgi-bin/public-cvs/cvsweb-public.cgi/privilege/prima/build/

The new globus plugin is in
prima-autz-module/prima_module_build_scas.c
------- Comment #1 From 2010-01-12 14:36:42 ------- 
Apparently the direction being taken is to use the LCAS/LCMAPS code rather than
the PRIMA library, for GUMS client.
First Last Prev Next    No search results available