1 / 8

A Secure VO Software for ATLAS Grid User Management

A Secure VO Software for ATLAS Grid User Management. Dantong Yu Brookhaven National Lab. The packages I am using:. GroupMan: http://heppc22.hep.caltech.edu/groupman/ VO server management tools http://cvs.infn.it/cgi-bin/cvsweb.cgi/Auth/VO/sbin/ new edg-mkgridmap package

vina
Download Presentation

A Secure VO Software for ATLAS Grid User Management

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. A Secure VO Software for ATLAS Grid User Management Dantong Yu Brookhaven National Lab

  2. The packages I am using: • GroupMan: • http://heppc22.hep.caltech.edu/groupman/ • VO server management tools • http://cvs.infn.it/cgi-bin/cvsweb.cgi/Auth/VO/sbin/ • new edg-mkgridmap package • http://www.fis.unipr.it/pub/edg/repository/datagrid/ • http://grid.sinp.msu.ru/distribution/datagrid/wp6/RPMS/

  3. GUMS: A scalable Grid User Management System Virtual Organization User info User info UNM

  4. mkgridmap grid-mapfile grid-mapfile generation DOE Science Grid Certificate Authorities CA server VO server o=atlas,dc=ppdg-atagrid, dc=org OU=People ou=us-atlas, ou=atlas-dc1, OU=People CN=Dantong Yu CN=Jason Smith CN=Ed-May CN=Dantong Yu CN=Jason Smith CN=Ed-May

  5. Configure mkgridmap.conf • #### GROUP: group URI [lcluser]group ldaps://atlasgrid01.usatlas.bnl.gov:6220/ou=us-atlas,o=atlas,dc=ppdg-datagrid,dc=org#group ldap://grid-vo.nikhef.nl/ou=testbed1,o=atlas,dc=eu-datagrid,dc=org#group ldap://grid-vo.nikhef.nl/ou=testbed1,o=cms,dc=eu-datagrid,dc=org#### Optional - DEFAULT LOCAL USER: default_lcluser lcluserdefault_lcluser AUTO#### Optional - AUTHORIZED VO: auth URIauth ldap:// spider.usatlas.bnl.gov /ou=people,o=o=atlas,dc=ppdg-datagrid,dc=org#### Optional - ACL: deny|allow pattern_to_matchallow *INFN*#### Optional - GRID-MAPFILE-LOCAL #gmf_local /opt/edg/etc/grid-mapfile-local

  6. Grid-mapfile generated • …. • #---The following Users are added on Wed Jun 25 12:30:18 EDT 2003----------# • "/O=doesciencegrid.org/OU=People/CN=Dantong Yu 542086" dtyu • "/O=doesciencegrid.org/OU=People/CN=Edward May 948970" enm • "/O=doesciencegrid.org/OU=People/CN=Jason A. Smith 690157" smithj4 • "/O=doesciencegrid.org/OU=People/CN=Patrick T. McGuigan 843935" grid_a • "/O=doesciencegrid.org/OU=People/CN=Richard Baker 450963" rbaker • "/O=doesciencegrid.org/OU=People/CN=Robert W. Gardner Jr 663988" rwg • #--Above Users added on Wed Jun 25 12:30:18 EDT 2003-------#

  7. Current Status • The First Stage Development Is Completed • Available to Be Downloaded at: http://www.atlasgrid.bnl.gov/testbed/ACF-cache/mkgridmap • Ready to Run, Detailed Man Page

  8. Characteristics • Tractable, Flexible • Easy Installation and Management, after you do the RPM installation and setup your local configuration, the remain part will be automatically done by the software package • Cron Mode to run the script to generate the new gridmap and add them into your original grid-mapfile • The VO server could control who can access the VO server. The site has to register with the VO server. • The registration process is automatically done by the rpm installation script. It mail out the site host certificate to the VO administrator. ( Dantong is volunteer to act as the administrator) • Support GSI, every site which wants to download the VO information must has a host certificate, this host certificate is used to mutually authenticate with the VO server

More Related