Presentation is loading. Please wait.

Presentation is loading. Please wait.

Outline Server side Dependencies Installing it Configuring it Client side coding Browser setup.

Published byTheodora Walton Modified over 9 years ago

Similar presentations

Presentation on theme: "Outline Server side Dependencies Installing it Configuring it Client side coding Browser setup."— Presentation transcript:

1 Outline Server side Dependencies Installing it Configuring it Client side coding Browser setup

2 Note Use the recent edg-java-security (e.g. from the CVS HEAD if you are building spitfire… Probably I’ll tag one..

3 Deps: Secure Tomcat You need bog-standard Tomcat (preferably version 4.0.6 RPM version available from the EDG website) You need edg-java-security, preferably installed via RPM You should edit your server.xml in Tomcat to add a secure container pointing to $CATALINA_HOME/webapps-secure Want to move to 4.1.18 asap.

4 Deps: A database to use Initially, we assume MySQL Install standard MySQL Latest 3.* or 4.* The edg-spitfire-config module will need the DBA role (‘root’) and password to set up its default tables.

5 Install Spitfire Can install via RPM or tarball Much easier to install via RPM This installs into /opt/edg/share/webapps/edg-spitfire-server The config files live in WEB-INF/ They are tokenized, with the values to be filled in from either edg-spitfire-config or LCFG

6 LCFG

7 edg-spitfire-config Currently, this does LCFG’s job Install this edg-spitfire-config, preferably by RPM This installs a script in /opt/edg/sbin/edg-spitfire-configure.sh And a config file in /opt/edg/etc/edg-spitfire/spitfireDB.conf

8 spitfireDB.conf file Must be edited a bit before running the configure script DBA password Names for your roles and their passwords Some initial security role mappings Running the script will setup spitfire’s config files and will create the matching roles and tables in the database.

9 What does it set up? MySQL: creates your users in the ‘mysql:user’ table poolman.xml: writes these usernames into the connection pool configuration so spitfire knows what names to use Would like to drop poolman Creates GRID database and populates examples tables

10 How does it setup the authzManager? Authorization manager used with dbmaps Initial role maps are added to the mapping tables in the database spitfireAuthzManager.xml: contains the setup information for the authzManager. The script adds the relevant database connection names into this config file so the authzManager can look-up the DN to role mappings in the database. I won’t discuss the authorization policy that is implemented…

11 Authz Question? Question for Friday…. Are we happy with the current setup in Spitfire? Default roles Extra roles if you need them Roles based on DN or regexp of DN A bit complex.. Would like to be able to use the new Authz GUI too

12 Client side coding Currently, only the java client is available The RPM installs edg-spitfire-client-java.jar in /opt/edg/lib/edg-spitfire-client-java/ Examples client programs are in the tarball./edg-spitfire-client-java-2.1.0/samples Should the RPM contains the examples too?

13 What you need client side A few JARS The Axis libs, log4j Edg-java-security-trustmanager-client Edg-java-security-authorization-client Bouncycastle (and edg-spitfire-client-java JAR)

14 Client config stuff One Axis file client-config.wsdd Tells the client to pre-process the request and add ‘role’ and ‘policy’ SOAP headers to the request, based on the java system properties: ‘edg-security.role’ and ‘edg-security.policy’

15 Coding is simple… import org.edg.data.spitfire.service.*; import org.edg.data.spitfire.service.base.*; SpitfireBaseServiceLocator sf = new SpitfireBaseServiceLocator(); SpitfireBase sfBase = sf.getSpitfireBase(new URL( endpoint )); int rowsInserted = sfBase.insert("GRID", "repcat", attribs, values); You specify either the ‘base’, ‘admin’ or ‘info’ API… {see javadoc}

16 Running it java -classpath "$cp" - Daxis.socketFactory=org.edg.security.trustmana ger.\ axis.AXISSocketFactoryFactory -DsslCAFiles=$certdir/*.0 -DgridProxyFile=$proxy -Daxis.ClientConfigFile=client-config.wsdd -Dedg-security.role=$role -Dedg-security.policy=$policy“ ProgramClass CommandLineParameters

17 edg-spitfire-browser This is setup to use the same authorization tables as the main spitfire service The edg-spitfire-config script will configure this too, if it finds it. Point web browser at the example page…

Download ppt "Outline Server side Dependencies Installing it Configuring it Client side coding Browser setup."

Similar presentations

Data Management Expert Panel - WP2. WP2 Overview.

Data Management Expert Panel - WP2. WP2 Overview.
WEB2P security Java web application security Dr Jim Briggs.

WEB2P security Java web application security Dr Jim Briggs.
Object-Oriented Enterprise Application Development Tomcat 3.2 Configuration Last Updated: 03/30/2001.

Object-Oriented Enterprise Application Development Tomcat 3.2 Configuration Last Updated: 03/30/2001.
Design of Web-based Systems IS Development: lecture 10.

Design of Web-based Systems IS Development: lecture 10.
Starting with Gridsphere Albert Einstein Institute Gridsphere Installation.

Starting with Gridsphere Albert Einstein Institute Gridsphere Installation.
Multiple Tiers in Action

Multiple Tiers in Action
Website Development with PHP and MySQL Introduction.

Website Development with PHP and MySQL Introduction.
Web Applications Basics. Introduction to Web Web features Clent/Server HTTP HyperText Markup Language URL addresses Web server - a computer program that.

Web Applications Basics. Introduction to Web Web features Clent/Server HTTP HyperText Markup Language URL addresses Web server - a computer program that.
The easy way to a nice looking website design By a total non-designer (Me!)

The easy way to a nice looking website design By a total non-designer (Me!)
Java Servlets and JSP.

Java Servlets and JSP.
Configuring Apache tomcat Specifying the server port NOTE: Edit the install_dir/conf/server.xml and change the port attribute of the connector element.

Configuring Apache tomcat Specifying the server port NOTE: Edit the install_dir/conf/server.xml and change the port attribute of the connector element.
Securing LAMP: Linux, Apache, MySQL and PHP Track 2 Workshop PacNOG 7 July 1, 2010 Pago Pago, American Samoa.

Securing LAMP: Linux, Apache, MySQL and PHP Track 2 Workshop PacNOG 7 July 1, 2010 Pago Pago, American Samoa.
SYST 28043 Web Technologies SYST 28043 Web Technologies Installing a Web Server (XAMPP)

SYST Web Technologies SYST Web Technologies Installing a Web Server (XAMPP)
A walkthrough of the SageQuest Mobile Control Online & ESC integration.

A walkthrough of the SageQuest Mobile Control Online & ESC integration.
The New Books List Michael Doran, Systems Librarian Ex Libris Southwest Users Group February 6, 2008 – Santa Ana College.

The New Books List Michael Doran, Systems Librarian Ex Libris Southwest Users Group February 6, 2008 – Santa Ana College.
Form Handling, Validation and Functions. Form Handling Forms are a graphical user interfaces (GUIs) that enables the interaction between users and servers.

Form Handling, Validation and Functions. Form Handling Forms are a graphical user interfaces (GUIs) that enables the interaction between users and servers.
Microsoft Windows 2003 Server. Client/Server Environment Many client computers connect to a server.

Microsoft Windows 2003 Server. Client/Server Environment Many client computers connect to a server.
Apache Tomcat Web Server SNU OOPSLA Lab. October 2005.

Apache Tomcat Web Server SNU OOPSLA Lab. October 2005.
M. Taimoor Khan * Java Server Pages (JSP) is a server-side programming technology that enables the creation of dynamic,

M. Taimoor Khan * Java Server Pages (JSP) is a server-side programming technology that enables the creation of dynamic,
Partner Logo German Cancio – WP4-install LCFG HOW-TO - n° 1 WP4 hands-on workshop: EDG LCFGng exercises

Partner Logo German Cancio – WP4-install LCFG HOW-TO - n° 1 WP4 hands-on workshop: EDG LCFGng exercises

Similar presentations

Ads by Google