Outline Server side Dependencies Installing it Configuring it Client side coding Browser setup.

Slides:



Advertisements
Similar presentations
Data Management Expert Panel - WP2. WP2 Overview.
Advertisements

WEB2P security Java web application security Dr Jim Briggs.
Object-Oriented Enterprise Application Development Tomcat 3.2 Configuration Last Updated: 03/30/2001.
Design of Web-based Systems IS Development: lecture 10.
Starting with Gridsphere Albert Einstein Institute Gridsphere Installation.
Multiple Tiers in Action
Website Development with PHP and MySQL Introduction.
Web Applications Basics. Introduction to Web Web features Clent/Server HTTP HyperText Markup Language URL addresses Web server - a computer program that.
The easy way to a nice looking website design By a total non-designer (Me!)
Java Servlets and JSP.
Configuring Apache tomcat Specifying the server port NOTE: Edit the install_dir/conf/server.xml and change the port attribute of the connector element.
Securing LAMP: Linux, Apache, MySQL and PHP Track 2 Workshop PacNOG 7 July 1, 2010 Pago Pago, American Samoa.
SYST Web Technologies SYST Web Technologies Installing a Web Server (XAMPP)
A walkthrough of the SageQuest Mobile Control Online & ESC integration.
The New Books List Michael Doran, Systems Librarian Ex Libris Southwest Users Group February 6, 2008 – Santa Ana College.
Form Handling, Validation and Functions. Form Handling Forms are a graphical user interfaces (GUIs) that enables the interaction between users and servers.
Microsoft Windows 2003 Server. Client/Server Environment Many client computers connect to a server.
Apache Tomcat Web Server SNU OOPSLA Lab. October 2005.
M. Taimoor Khan * Java Server Pages (JSP) is a server-side programming technology that enables the creation of dynamic,
Partner Logo German Cancio – WP4-install LCFG HOW-TO - n° 1 WP4 hands-on workshop: EDG LCFGng exercises
Session 5: Working with MySQL iNET Academy Open Source Web Development.
Copyright © 2006, SAS Institute Inc. All rights reserved. What Is New in SAS Profitability Management (PrM) 2.1? Authors: Jack Zhang Solution & Version:
© 2012 LogiGear Corporation. All Rights Reserved Robot framework.
Tomcat Spencer Uresk. Notes This is a training NOT a presentation Please ask questions This is being recorded
National Center for Supercomputing Applications NCSA OPIE Presentation November 2000.
Configuration Database MICE Collaboration Meeting 28, Sofia David Forrest University of Glasgow Antony Wilson Science and Technology Facilities Council.
Managed by UT-Battelle for the Department of Energy Kay Kasemir ORNL/SNS Oct EPICS Meeting, PAL, Korea Control System Studio Training.
HTML Basics BCIS 3680 Enterprise Programming. Web Client/Server Architecture 2  Your browser (the client) requests a Web page from a remote computer.
Grid Security in a production environment: 4 years of running Andrew McNab University of Manchester.
Running Kuali: A Technical Perspective Ailish Byrne (Indiana University) Jonathan Keller (University of California, Davis)
EGEE User Forum Data Management session Development of gLite Web Service Based Security Components for the ATLAS Metadata Interface Thomas Doherty GridPP.
Web Access. Overview  Purpose  Prerequisites  Install Components  Enable Virtual Directories  IIS Configuration & Security  Troubleshooting.
WAMP Windows Apache MySQL and PHP i.e. “WAMP”. Why WAMP? WampServer is a Windows web development environment. It allows you to create and test web pages.
1 AHM -2-4 Sept 2003 e-Science Centre Running SRB Ananta Manandhar.
Implementing and Using the SIRWEB Interface Setup of the CGI script and web procfile Connecting to your database using HTML Retrieving data using the CGI.
Creating a simple database This shows you how to set up a database using PHPMyAdmin (installed with WAMP)
Dr. David Roldán Martínez Universidad Politécnica de Valencia, Spain & Nuno Fernandes Universidade Fernando Pessoa, Portugal Site Stats, the power of event.
JSP Server Integrated with Oracle8i Project2, CMSC691X Summer02 Ching-li Peng Ying Zhang.
Yannick Patois - Datagrid Software Repository Presentation - March, n° 1 Datagrid Software Repository Presentation CVS, packages and automatic.
1 G52IWS: Example Web-services Chris Greenhalgh. 2 Contents Software requirements AXIS web service run-time components Getting started with Jetty & AXIS.
© 2012 LogiGear Corporation. All Rights Reserved FitNesseFitNesse Authors: Nghia Pham 1.
Soaplab SOAP-based Analysis Web Services Martin Senger
15 Copyright © 2004, Oracle. All rights reserved. Adding JAAS Security to the Client.
Oct HPS Collaboration Meeting Jeremy McCormick (SLAC) HPS Web 2.0 OR Web Apps and Databases (Oh My!) Jeremy McCormick (SLAC)
WP3 Security and R-GMA Linda Cornwall. WP3 UserVOMS service authr map pre-proc authr LCAS LCMAPS pre-proc LCAS Coarse-grained e.g. Spitfire WP2 service.
DGC Paris Spitfire A Relational DB Service for the Grid Leanne Guy Peter Z. Kunszt Gavin McCance William Bell European DataGrid Data Management.
Chapter 4 Request and Response. Servlets are controlled by the container.
DataGrid is a project funded by the European Commission under contract IST EDG Baseline API Document Document build description and current.
Managed by UT-Battelle for the Department of Energy Kay Kasemir ORNL/SNS 2012, April at SLAC Control System Studio Training - Alarm System.
#SummitNow Consuming OAuth Services in Alfresco Share Alfresco Summit 2013 Will Abson
Your current Moodle 1.9 Minimum Requirements Ability to do a TEST RUN! Upgrading Moodle to Version 2 By Ramzan Jabbar Doncaster College for the Deaf By.
WMarket For Adminstrators Manual Installation. Basic Dependencies To install your own WMarket instance, you are required to install the following software:
Overview of the New Security Model Akos Frohner (CERN) WP8 Meeting VI DataGRID Conference Barcelone, May 2003.
Installing and Configuring Moodle. Download Download latest Windows Install package from Moodle.orgMoodle.org.
EGI-InSPIRE RI Pakiti Michal Prochazka, (Daniel Kouril)
Patricia App How to Get Started
Consuming OAuth Services in Alfresco Share
Introduction to Dynamic Web Programming
Active Server Pages Computer Science 40S.
Spitfire Overview Gavin McCance.
A very brief introduction
Database Project: MySQL
Course Outcomes of Advanced Java Programming AJP (17625, C603)
LINUX ADMINISTRATION 1
Installation, Configuration, Examples of use
Conditions System Update and Discussion
PHP / MySQL Introduction
Apache Tomcat Web Server
Authentication and Authorization in ColdFusion
PHP Forms and Databases.
Presentation transcript:

Outline Server side Dependencies Installing it Configuring it Client side coding Browser setup

Note Use the recent edg-java-security (e.g. from the CVS HEAD if you are building spitfire… Probably I’ll tag one..

Deps: Secure Tomcat You need bog-standard Tomcat (preferably version RPM version available from the EDG website) You need edg-java-security, preferably installed via RPM You should edit your server.xml in Tomcat to add a secure container pointing to $CATALINA_HOME/webapps-secure Want to move to asap.

Deps: A database to use Initially, we assume MySQL Install standard MySQL Latest 3.* or 4.* The edg-spitfire-config module will need the DBA role (‘root’) and password to set up its default tables.

Install Spitfire Can install via RPM or tarball Much easier to install via RPM This installs into /opt/edg/share/webapps/edg-spitfire-server The config files live in WEB-INF/ They are tokenized, with the values to be filled in from either edg-spitfire-config or LCFG

LCFG

edg-spitfire-config Currently, this does LCFG’s job Install this edg-spitfire-config, preferably by RPM This installs a script in /opt/edg/sbin/edg-spitfire-configure.sh And a config file in /opt/edg/etc/edg-spitfire/spitfireDB.conf

spitfireDB.conf file Must be edited a bit before running the configure script DBA password Names for your roles and their passwords Some initial security role mappings Running the script will setup spitfire’s config files and will create the matching roles and tables in the database.

What does it set up? MySQL: creates your users in the ‘mysql:user’ table poolman.xml: writes these usernames into the connection pool configuration so spitfire knows what names to use Would like to drop poolman Creates GRID database and populates examples tables

How does it setup the authzManager? Authorization manager used with dbmaps Initial role maps are added to the mapping tables in the database spitfireAuthzManager.xml: contains the setup information for the authzManager. The script adds the relevant database connection names into this config file so the authzManager can look-up the DN to role mappings in the database. I won’t discuss the authorization policy that is implemented…

Authz Question? Question for Friday…. Are we happy with the current setup in Spitfire? Default roles Extra roles if you need them Roles based on DN or regexp of DN A bit complex.. Would like to be able to use the new Authz GUI too

Client side coding Currently, only the java client is available The RPM installs edg-spitfire-client-java.jar in /opt/edg/lib/edg-spitfire-client-java/ Examples client programs are in the tarball./edg-spitfire-client-java-2.1.0/samples Should the RPM contains the examples too?

What you need client side A few JARS The Axis libs, log4j Edg-java-security-trustmanager-client Edg-java-security-authorization-client Bouncycastle (and edg-spitfire-client-java JAR)

Client config stuff One Axis file client-config.wsdd Tells the client to pre-process the request and add ‘role’ and ‘policy’ SOAP headers to the request, based on the java system properties: ‘edg-security.role’ and ‘edg-security.policy’

Coding is simple… import org.edg.data.spitfire.service.*; import org.edg.data.spitfire.service.base.*; SpitfireBaseServiceLocator sf = new SpitfireBaseServiceLocator(); SpitfireBase sfBase = sf.getSpitfireBase(new URL( endpoint )); int rowsInserted = sfBase.insert("GRID", "repcat", attribs, values); You specify either the ‘base’, ‘admin’ or ‘info’ API… {see javadoc}

Running it java -classpath "$cp" - Daxis.socketFactory=org.edg.security.trustmana ger.\ axis.AXISSocketFactoryFactory -DsslCAFiles=$certdir/*.0 -DgridProxyFile=$proxy -Daxis.ClientConfigFile=client-config.wsdd -Dedg-security.role=$role -Dedg-security.policy=$policy“ ProgramClass CommandLineParameters

edg-spitfire-browser This is setup to use the same authorization tables as the main spitfire service The edg-spitfire-config script will configure this too, if it finds it. Point web browser at the example page…