Changes between Version 1 and Version 2 of MyProxyWebService


Ignore:
Timestamp:
08/06/10 11:48:57 (9 years ago)
Author:
pjkersha
Comment:

--

Legend:

Unmodified
Added
Removed
Modified
  • MyProxyWebService

    v1 v2  
    11= !MyProxyWebService = 
    2 !MyProxyWebService is a Python WSGI application for exposing !MyProxy operations through a simple HTTP interface.  [http://grid.ncsa.illinois.edu/myproxy/ MyProxy] is a service for managing PKI credentials and is part of the Globus Toolkit.  The purpose of this application is to make it more straightforward to write client applications for !MyProxy.  For example, these bash shell scripts include with the package require only openssl and curl, command line programs include with most Linux/UNIX distributions: 
     2!MyProxyWebService is a Python WSGI application for exposing !MyProxy operations through a simple HTTP interface.  [http://grid.ncsa.illinois.edu/myproxy/ MyProxy] is a service for managing PKI credentials and is part of the Globus Toolkit.  The purpose of this application is to make it more straightforward to write client applications for !MyProxy.  For example, bash shell scripts included with the package require only openssl and curl, command line programs include with most Linux/UNIX distributions. 
     3 
     4The two scripts are `myproxy-ws-get-trustroots.sh` and `myproxy-ws-logon.sh`. 
    35 
    46Bootstrap trust in the !MyProxy HTTP service: 
     
    1113Obtain a credential: 
    1214{{{ 
    13 $ myproxy-ws-logon.sh -U https://myproxy.somewhere.ac.uk/logon 
     15$ myproxy-ws-logon.sh -U https://myproxy.somewhere.ac.uk/logon -o creds.pem 
     16}}} 
     17`myproxy-ws-get-trustroots.sh` makes a HTTP GET call to the web service and receives a response containing the trusted root files for the !MyProxy server i.e. the CA certificate(s) to verify the web service's SSL certificate.  These are written to the standard location $HOME/.globus/certificates. 
    1418 
    15 }}} 
     19With the trust roots installed the client can now making a logon request authenticating the server with SSL.  The logon script creates a private key locally and HTTP POSTs a certificate request to the web service.  The service responds with a new signed certificate.  Certificate and key are written to the output file `creds.pem`. 
    1620 
     21The web service is effectively a ''proxy'' to the MyProxy service.  It translates the HTTP requests from the client into a request to the !MyProxy server using the standard [http://grid.ncsa.illinois.edu/myproxy/protocol/ MyProxy protocol].  It does this using this [http://pypi.python.org/pypi/MyProxyClient Python MyProxyClient] package. 
    1722 
    1823== Installation == 
    19 The software is available as a Python egg. 
     24The software will be available as a Python egg on PyPI soon (as of writing 8 June 2010). 
    2025 
    2126== Source Code == 
    2227Available on the [http://proj.badc.rl.ac.uk/ndg/browser/TI12-security/trunk/MyProxyWebService SubVersion repository] on this site. 
     28 
     29 
     30---- 
     31Philip Kershaw