Office of Science U.S. Department of Energy Globus World Python WS Core Joshua R. Boverhof Lawrence Berkeley National Laboratory
Office of Science U.S. Department of Energy Globus World Outline Installation, packages and tools Example client and service –Service specific methods –WSRF methods and NotificationConsumer Handler Chain Architecture –WS-Security ResourceHomeManager –Persistence ResourcePortal –Authorization
Office of Science U.S. Department of Energy Globus World Installation Overview Core Components utilityresourcesecurity wsrf lifetime propertiesfaultsnotification generated resource propertiesservicesstubs %python setup.py install BaseNotification NotificationConsumerService SecureConversation SubscriptionManagerService DelegationService BaseFaults ResourceProperties ResourceLifetime ExclusiveCanonicalization config.txt services
Office of Science U.S. Department of Energy Globus World wsdl2web generated %wsdl2web.py --script=client.py --rpy=CounterService.rpy counter_service.wsdl server-config.tac ResourceTree ““wsrf/core/SubscriptionManager” --> SubscriptionManager Singleton ”/wsrf/services” -> dropins(“services”) Port Application services CounterService.rpy./start-container.sh 2006/08/02 22:34 PDT [-] Log opened. 2006/08/02 22:34 PDT [-] twistd starting up 2006/08/02 22:34 PDT [-] reactor class: 2006/08/02 22:34 PDT [-] Loading server-config.tac /08/02 22:34 PDT [-] Loaded. 2006/08/02 22:34 PDT [-] twisted.web.server.Site starting on /08/02 22:34 PDT [-] Starting factory 2006/08/02 22:34 PDT [-] ==> Delayed Call Sweep counter_service resource properties servicesstubs
Office of Science U.S. Department of Energy Globus World client.py script./client.py --help usage: client.py [options] options: -h, --help show this help message and exit -u URL, --url=URL location of service -d DEBUG, --debug=DEBUG Debug Messages to file, if 1 send to stdout, if 0 then off. -w WSADDRESSURI, --wsAddressURI=WSADDRESSURI Specify URI of ws-addressing version to use. -c CERT, --cert=CERT file path of certificate or proxy. -k KEY, --key=KEY file path of key -v M2SECURECONV, --m2secureConv=M2SECURECONV To use secure conversation, provide URL to Authorization service, and negotiate key used to sign/verify messages. -x M2SECUREMESSAGE, --m2secureMessage=M2SECUREMESSAGE use secure message to sign messages. -a AUTHZ, --authz=AUTHZ choose authorization, self or host.
Office of Science U.S. Department of Energy Globus World CounterService.rpy ################################################################# # Automatically generated by wsdl2web.py # See LBNLCopyright for copyright notice! ################################################################# from generated.counter_service.services.counter_service.CounterService import CounterServiceWSRF class Service(CounterServiceWSRF): '''override methods to do something useful''' resource = Service()
Office of Science U.S. Department of Energy Globus World Service Implementation # CounterService.py from pyGridWare.addressing.AddressingUtils import AddressingUtils from generated.counter_service.services.counter_service.CounterService\ import CounterServiceWSRF as WSRFService class Service(WSRFService): def wsa_add(self, ps, address, **kw): request,response = WSRFService.wsa_add(self, ps, address, **kw) ctx = WSRFService.GetResourceContext(ps, address, **kw) ctx.properties.Value += request return request, response.__class__(ctx.properties.Value) def wsa_createCounter(self, ps, address, **kw): request,response = WSRFService.wsa_createCounter(self, ps, address, **kw) ctx = WSRFService.NewResourceContextCounterPortTypePort(**kw) ctx.properties.Value = 0 response.EndpointReference = AddressingUtils.createEndpointReference(ctx) return request,response
Office of Science U.S. Department of Energy Globus World Example Service # CounterService.rpy import CounterService resource = CounterService.Service()
Office of Science U.S. Department of Energy Globus World Flowchart: SOAP In/out Core WSResource HandlerChain resource security generated resource properties services stubs Client ps addr request response Twisted.web HTTPRequest service
Office of Science U.S. Department of Energy Globus World Client: Create & Destroy from generated.counter_service.stubs import\ counter_service as CLIENT def main(**kw): locator = CLIENT.CounterServiceLocator() port = locator.getCounterPortType(**kw) response = port.create(CLIENT.CreateRequest()) iport = locator.getCounterPortType(\ endPointReference=response.EndpointReference, **kw) iport.destroy(CLIENT.DestroyRequest())
Office of Science U.S. Department of Energy Globus World Flowchart: Create generated resource manager properties services stubs service wsrf lifetime properties faults notification NewResourceContextCounterPortTypePort HTTPRequest ctx
Office of Science U.S. Department of Energy Globus World Flowchart: Destroy generated resource properties services stubs wsrf lifetime properties faults notification manager ctx ImmediateResourceTermination.Destroy(ctx, **kw) addrctx Immediate GetResourceContextDestroy
Office of Science U.S. Department of Energy Globus World Client: Subscribe from pyGridWare.wsrf.notification.NotificationConsumer import * from pyGridWare.wsrf.notification import SubscribeUtility from generated.counter_service.stubs import\ counter_service as COUNTER def main(**kw): consumer = NotificationConsumer() consumer.start() locator = COUNTER.CounterServiceLocator() port = locator.getCounterPortType(**kw) response = port.createCounter(COUNTER.CreateCounterRequest()) epr = response.EndpointReference iport = locator.getCounterPortType(endPointReference=epr, **kw) request = COUNTER.SubscribeRequest() SubscribeUtility.SimpleTopicExpression(request, consumer, " "Value”) response = iport.Subscribe(request)
Office of Science U.S. Department of Energy Globus World Flowchart: Subscribe generated resource properties services stubs wsrf lifetime properties faults notification Subscription Manager: create subscription & reference manager request context epr
Office of Science U.S. Department of Energy Globus World HandlerChain Core WSResource HandlerChain resource security Client addr soap Twisted.web HTTPRequest request response HTTPResponse service
Office of Science U.S. Department of Energy Globus World WSResource render def render_POST(self, request): chain = self.factory.newInstance() data = request.content.read() try: pyobj = chain.processRequest(data, request=request, resource=self) except Exception, ex: return self._writeFault(request, ex) try: soap = chain.processResponse(pyobj, request=request, resource=self) except Exception, ex: return self._writeFault(request, ex) if soap is not None: return self._writeResponse(request, soap) Single handler chain shared on a request/response flow.
Office of Science U.S. Department of Energy Globus World processRequest WSResource HandlerChain Client Service method DataHandler Callback WSAddr str ps ps - ParsedSoap factory = HandlerChainFactory Handler chain instance
Office of Science U.S. Department of Energy Globus World processResponse WSResource HandlerChain Client Service DataHandler Callback WSAddr request response request - pyobj response - pyobj sw - SoapWriter str response sw factory = HandlerChainFactory
Office of Science U.S. Department of Energy Globus World Example WS-Security # SecureCounterService.rpy import CounterService from pyGridWare.security.gss.resource import WSSecurityHandlerChainFactory resource = CounterService.Service() resource.factory = WSSecurityHandlerChainFactory # SecureCounterService-authService.rpy from pyGridWare.services import SecureConversationService resource = SecureConversationService.SecureConversationService()
Office of Science U.S. Department of Energy Globus World WSSecurity: verify WSResource HandlerChain Client Service method DataHandler Callback WSAddr str ps ps - ParsedSoap factory = WSSecurityHandlerChainFactory WSSecurityHandler GSISignatureHandler ps Verify signatures Handler chain instance
Office of Science U.S. Department of Energy Globus World WSSecurity: sign WSResource HandlerChain Client Service method DataHandler Callback WSAddr str factory = WSSecurityHandlerChainFactory WSSecurityHandler GSISignatureHandler add signatures request - pyobj response - pyobj sw - SoapWriter sw request, response
Office of Science U.S. Department of Energy Globus World ResourceHomeManager 1 Core resource Manager ResourceHome SimpleRH PersistentRH utility security generated Manager -- SimpleRH properties services stubs service Context.home = ManagerHome.getInstance(SimpleResourceHome) Manager is configured with a implementation of IResourceHome Client1 Client2 Twisted.web
Office of Science U.S. Department of Energy Globus World ResourceHomeManager 2 Core utility security generated Manager -- SimpleRH properties services stubs Create --> NewResourceContext home ctx1 Unprotected service will use a single resource home, “Anonymous” resource Manager ResourceHome SimpleRH PersistentRH
Office of Science U.S. Department of Energy Globus World Example Authorization # CounterService.rpy import CounterService from pyGridWare.security.authz.resource import ResourcePortal from pyGridWare.security.authz.checkers import GridMapChecker resource = ResourcePortal(CounterService.Service(), checkers=[GridMapChecker()], callback=None)
Office of Science U.S. Department of Energy Globus World ResourcePortal: setup ResourcePortal(Service(), checkers=[GridMapChecker()], callback=None) boverho f krjackson Twisted.web Site ResourcePortal Checker Realm service /wsrf/services/CounterService
Office of Science U.S. Department of Energy Globus World Portal: Service Login Service Level Authorization ResourcePortal render GridMapChecker requestAvatarId Realm requestAvatar service cred IResource avatarId (boverhof) Portal login cred service
Office of Science U.S. Department of Energy Globus World Portal: Service Instance Service Instance Level Authorization ResourcePortal render Service render ResourceHomeManager boverhof ctx1 krjackson ctx2 ctx3 cred IResourceHome request Portal login ctx1 boverhof
Office of Science U.S. Department of Energy Globus World Conclusions Use the wsdl2web tool to create a Site Service specific functionality must be implemented Configuration files are python scripts The Python Grid Service work is funded by the U.S. Department of Energy Office of Science