Changes between Version 4 and Version 5 of MyProxyWebService


Ignore:
Timestamp:
28/06/10 09:43:40 (9 years ago)
Author:
pjkersha
Comment:

--

Legend:

Unmodified
Added
Removed
Modified
  • MyProxyWebService

    v4 v5  
    1919With the trust roots installed the client can now making a logon request authenticating the server with SSL.  The logon script creates a private key locally and HTTP `POST`s a certificate request to the web service.  The service responds with a new signed certificate.  The certificate and key are written to the output file `creds.pem`. 
    2020 
    21 The web service is effectively a ''proxy'' to the !MyProxy service.  It translates the HTTP requests from the client into a request to the !MyProxy server using the standard [http://grid.ncsa.illinois.edu/myproxy/protocol/ MyProxy protocol].  It does this using this [http://pypi.python.org/pypi/MyProxyClient Python MyProxyClient] package.  One drawback is that since there is an intermediary (the web service) between the !MyProxy server and the client, it is not possible for the client to authenticate with the !MyProxy server directly with SSL.  As such, only operations like logon are suited to this approach.  To make a complete implementation of the !MyProxy operations, the HTTP interface would need to be integrated directly into the !MyProxy server. 
     21The web service is effectively a ''proxy'' to the !MyProxy service.  It translates the HTTP requests from the client into a request to the !MyProxy server using the standard [http://grid.ncsa.illinois.edu/myproxy/protocol/ MyProxy protocol].  It does this using this [http://pypi.python.org/pypi/MyProxyClient Python MyProxyClient] package.   
     22 
     23[[Image(source:TI12-security/trunk/NDGSecurity/documentation/MyProxy/MyProxyWebService.png)]] 
     24 
     25One drawback is that since there is an intermediary (the web service) between the !MyProxy server and the client, it is not possible for the client to authenticate with the !MyProxy server directly with SSL.  As such, only operations like logon are suited to this approach.  To make a complete implementation of the !MyProxy operations, the HTTP interface would need to be integrated directly into the !MyProxy server. 
    2226 
    2327== Installation ==