You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@airavata.apache.org by am...@apache.org on 2013/05/13 01:38:08 UTC
svn commit: r1481671 - in /airavata/trunk: ./
modules/airavata-client/src/main/java/org/apache/airavata/client/api/
modules/airavata-client/src/main/java/org/apache/airavata/client/impl/
modules/commons/workflow-execution-context/src/main/java/org/apac...
Author: amilaj
Date: Sun May 12 23:38:06 2013
New Revision: 1481671
URL: http://svn.apache.org/r1481671
Log:
Fixed credential store issue. Update myproxy and gsi-security code to read store credentials
Added:
airavata/trunk/modules/airavata-client/src/main/java/org/apache/airavata/client/api/CredentialStoreSecuritySettings.java
- copied, changed from r1479906, airavata/trunk/modules/airavata-client/src/main/java/org/apache/airavata/client/api/CredentialManagementServiceSettings.java
airavata/trunk/modules/airavata-client/src/main/java/org/apache/airavata/client/impl/CredentialStoreSecuritySettingsImpl.java
airavata/trunk/modules/credential-store/src/main/java/org/apache/airavata/credential/store/store/CredentialReaderFactory.java
Removed:
airavata/trunk/modules/airavata-client/src/main/java/org/apache/airavata/client/api/CredentialManagementServiceSettings.java
Modified:
airavata/trunk/modules/airavata-client/src/main/java/org/apache/airavata/client/api/AiravataAPI.java
airavata/trunk/modules/airavata-client/src/main/java/org/apache/airavata/client/api/SecuritySettings.java
airavata/trunk/modules/airavata-client/src/main/java/org/apache/airavata/client/impl/ExecutionManagerImpl.java
airavata/trunk/modules/airavata-client/src/main/java/org/apache/airavata/client/impl/SecuritySettingsImpl.java
airavata/trunk/modules/commons/workflow-execution-context/src/main/java/org/apache/airavata/common/workflow/execution/context/WorkflowContextHeaderBuilder.java
airavata/trunk/modules/commons/workflow-execution-context/src/main/resources/workflow_execution_context.xsd
airavata/trunk/modules/credential-store/src/main/java/org/apache/airavata/credential/store/servlet/CredentialStoreCallbackServlet.java
airavata/trunk/modules/credential-store/src/main/java/org/apache/airavata/credential/store/servlet/CredentialStoreOA4MPServer.java
airavata/trunk/modules/credential-store/src/main/java/org/apache/airavata/credential/store/servlet/CredentialStoreStartServlet.java
airavata/trunk/modules/credential-store/src/main/java/org/apache/airavata/credential/store/store/CredentialReader.java
airavata/trunk/modules/credential-store/src/main/java/org/apache/airavata/credential/store/store/impl/CredentialReaderImpl.java
airavata/trunk/modules/credential-store/src/test/java/org/apache/airavata/credential/store/store/impl/db/CommunityUserDAOTest.java
airavata/trunk/modules/credential-store/src/test/java/org/apache/airavata/credential/store/store/impl/db/CredentialsDAOTest.java
airavata/trunk/modules/gfac-core/pom.xml
airavata/trunk/modules/gfac-core/src/main/java/org/apache/airavata/gfac/Constants.java
airavata/trunk/modules/gfac-core/src/main/java/org/apache/airavata/gfac/context/security/GSISecurityContext.java
airavata/trunk/modules/gfac-core/src/main/java/org/apache/airavata/gfac/handler/GramDirectorySetupHandler.java
airavata/trunk/modules/gfac-core/src/main/java/org/apache/airavata/gfac/handler/GridFTPInputHandler.java
airavata/trunk/modules/gfac-core/src/main/java/org/apache/airavata/gfac/handler/GridFTPOutputHandler.java
airavata/trunk/modules/gfac-core/src/main/java/org/apache/airavata/gfac/provider/impl/BESProvider.java
airavata/trunk/modules/gfac-core/src/main/java/org/apache/airavata/gfac/provider/impl/GramProvider.java
airavata/trunk/modules/gfac-core/src/main/java/org/apache/airavata/gfac/utils/GramJobSubmissionListener.java
airavata/trunk/modules/gfac-core/src/main/java/org/apache/airavata/gfac/utils/MyProxyManager.java
airavata/trunk/modules/gfac-core/src/test/java/org/apache/airavata/core/gfac/services/impl/AbstractBESTest.java
airavata/trunk/modules/gfac-core/src/test/java/org/apache/airavata/core/gfac/services/impl/GramProviderTest.java
airavata/trunk/modules/gfac-core/src/test/java/org/apache/airavata/core/gfac/services/impl/JSDLGeneratorTest.java
airavata/trunk/modules/gfac-core/src/test/java/org/apache/airavata/core/gfac/services/impl/ParamChemTest.java
airavata/trunk/modules/integration-tests/src/test/java/org/apache/airavata/integration/BaseCaseIT.java
airavata/trunk/modules/registry/airavata-jpa-registry/src/main/resources/data-derby.sql
airavata/trunk/modules/registry/airavata-jpa-registry/src/main/resources/data-mysql.sql
airavata/trunk/modules/rest/webapp/src/main/resources/credential-store/client.xml
airavata/trunk/modules/rest/webapp/src/main/resources/credential-store/oauth-privkey.pk8
airavata/trunk/modules/rest/webapp/src/main/resources/credential-store/oauth-pubkey.pem
airavata/trunk/modules/rest/webapp/src/main/webapp/acs/index.jsp
airavata/trunk/modules/xbaya-gui/src/main/java/org/apache/airavata/xbaya/interpretor/WorkflowInterpretorSkeleton.java
airavata/trunk/modules/xbaya-gui/src/main/java/org/apache/airavata/xbaya/invoker/EmbeddedGFacInvoker.java
airavata/trunk/modules/xbaya-gui/src/main/java/org/apache/airavata/xbaya/ui/experiment/WorkflowInterpreterLaunchWindow.java
airavata/trunk/pom.xml
Modified: airavata/trunk/modules/airavata-client/src/main/java/org/apache/airavata/client/api/AiravataAPI.java
URL: http://svn.apache.org/viewvc/airavata/trunk/modules/airavata-client/src/main/java/org/apache/airavata/client/api/AiravataAPI.java?rev=1481671&r1=1481670&r2=1481671&view=diff
==============================================================================
--- airavata/trunk/modules/airavata-client/src/main/java/org/apache/airavata/client/api/AiravataAPI.java (original)
+++ airavata/trunk/modules/airavata-client/src/main/java/org/apache/airavata/client/api/AiravataAPI.java Sun May 12 23:38:06 2013
@@ -98,4 +98,10 @@ public interface AiravataAPI {
public void setGateway(String gateway);
+ /**
+ * Gets the gateway id.
+ * @return The gateway id.
+ */
+ public String getGateway();
+
}
\ No newline at end of file
Copied: airavata/trunk/modules/airavata-client/src/main/java/org/apache/airavata/client/api/CredentialStoreSecuritySettings.java (from r1479906, airavata/trunk/modules/airavata-client/src/main/java/org/apache/airavata/client/api/CredentialManagementServiceSettings.java)
URL: http://svn.apache.org/viewvc/airavata/trunk/modules/airavata-client/src/main/java/org/apache/airavata/client/api/CredentialStoreSecuritySettings.java?p2=airavata/trunk/modules/airavata-client/src/main/java/org/apache/airavata/client/api/CredentialStoreSecuritySettings.java&p1=airavata/trunk/modules/airavata-client/src/main/java/org/apache/airavata/client/api/CredentialManagementServiceSettings.java&r1=1479906&r2=1481671&rev=1481671&view=diff
==============================================================================
--- airavata/trunk/modules/airavata-client/src/main/java/org/apache/airavata/client/api/CredentialManagementServiceSettings.java (original)
+++ airavata/trunk/modules/airavata-client/src/main/java/org/apache/airavata/client/api/CredentialStoreSecuritySettings.java Sun May 12 23:38:06 2013
@@ -21,13 +21,23 @@
package org.apache.airavata.client.api;
-public interface CredentialManagementServiceSettings {
- public String getExecutionSessionId();
- public String getScmsURL();
-
- public void setExecutionSessionId(String executionSessionId);
- public void setScmsURL(String scmsURL);
-
- public void resetExecutionSessionId();
- public void resetScmsURL();
+/**
+ * Encapsulates security information related to credential-store.
+ * Mainly we need information about the token id and and user id of the portal user
+ * who is invoking the workflow.
+ */
+public interface CredentialStoreSecuritySettings {
+
+ /**
+ * Returns the token id to get the credentials.
+ * @return The token id.
+ */
+ public String getTokenId();
+
+ /**
+ * Sets the token to be used when accessing the credential store.
+ * @param token The token.
+ */
+ public void setTokenId(String token);
+
}
Modified: airavata/trunk/modules/airavata-client/src/main/java/org/apache/airavata/client/api/SecuritySettings.java
URL: http://svn.apache.org/viewvc/airavata/trunk/modules/airavata-client/src/main/java/org/apache/airavata/client/api/SecuritySettings.java?rev=1481671&r1=1481670&r2=1481671&view=diff
==============================================================================
--- airavata/trunk/modules/airavata-client/src/main/java/org/apache/airavata/client/api/SecuritySettings.java (original)
+++ airavata/trunk/modules/airavata-client/src/main/java/org/apache/airavata/client/api/SecuritySettings.java Sun May 12 23:38:06 2013
@@ -23,7 +23,7 @@ package org.apache.airavata.client.api;
public interface SecuritySettings {
public AmazonWebServicesSettings getAmazonWSSettings() throws AiravataAPIInvocationException;
- public CredentialManagementServiceSettings getCMServiceSettings() throws AiravataAPIInvocationException;
+ public CredentialStoreSecuritySettings getCredentialStoreSecuritySettings() throws AiravataAPIInvocationException;
public GridMyProxyRepositorySettings getGridMyProxyRepositorySettings() throws AiravataAPIInvocationException;
public SSHAuthenticationSettings getSSHAuthenticationSettings() throws AiravataAPIInvocationException;
}
Added: airavata/trunk/modules/airavata-client/src/main/java/org/apache/airavata/client/impl/CredentialStoreSecuritySettingsImpl.java
URL: http://svn.apache.org/viewvc/airavata/trunk/modules/airavata-client/src/main/java/org/apache/airavata/client/impl/CredentialStoreSecuritySettingsImpl.java?rev=1481671&view=auto
==============================================================================
--- airavata/trunk/modules/airavata-client/src/main/java/org/apache/airavata/client/impl/CredentialStoreSecuritySettingsImpl.java (added)
+++ airavata/trunk/modules/airavata-client/src/main/java/org/apache/airavata/client/impl/CredentialStoreSecuritySettingsImpl.java Sun May 12 23:38:06 2013
@@ -0,0 +1,55 @@
+/*
+ *
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+
+package org.apache.airavata.client.impl;
+
+import org.apache.airavata.client.api.CredentialStoreSecuritySettings;
+
+/**
+ * User: AmilaJ (amilaj@apache.org)
+ * Date: 5/7/13
+ * Time: 2:44 PM
+ */
+
+/**
+ * Implementation of credential store security settings class.
+ */
+public class CredentialStoreSecuritySettingsImpl implements CredentialStoreSecuritySettings {
+
+ private String tokenId;
+
+ public CredentialStoreSecuritySettingsImpl(String tokenId) {
+ this.tokenId = tokenId;
+ }
+
+ public CredentialStoreSecuritySettingsImpl() {
+ }
+
+ public void setTokenId(String tokenId) {
+ this.tokenId = tokenId;
+ }
+
+
+ public String getTokenId() {
+ return tokenId;
+ }
+
+}
Modified: airavata/trunk/modules/airavata-client/src/main/java/org/apache/airavata/client/impl/ExecutionManagerImpl.java
URL: http://svn.apache.org/viewvc/airavata/trunk/modules/airavata-client/src/main/java/org/apache/airavata/client/impl/ExecutionManagerImpl.java?rev=1481671&r1=1481670&r2=1481671&view=diff
==============================================================================
--- airavata/trunk/modules/airavata-client/src/main/java/org/apache/airavata/client/impl/ExecutionManagerImpl.java (original)
+++ airavata/trunk/modules/airavata-client/src/main/java/org/apache/airavata/client/impl/ExecutionManagerImpl.java Sun May 12 23:38:06 2013
@@ -245,6 +245,14 @@ public class ExecutionManagerImpl implem
builder.setAmazonWebServices(options.getCustomSecuritySettings().getAmazonWSSettings().getAccessKeyId(),
options.getCustomSecuritySettings().getAmazonWSSettings().getSecretAccessKey());
}
+
+ if (options.getCustomSecuritySettings().getCredentialStoreSecuritySettings() != null) {
+ builder.setCredentialManagementService(options.getCustomSecuritySettings().
+ getCredentialStoreSecuritySettings().getTokenId(),
+ submissionUser);
+ }
+
+
return builder;
}
Modified: airavata/trunk/modules/airavata-client/src/main/java/org/apache/airavata/client/impl/SecuritySettingsImpl.java
URL: http://svn.apache.org/viewvc/airavata/trunk/modules/airavata-client/src/main/java/org/apache/airavata/client/impl/SecuritySettingsImpl.java?rev=1481671&r1=1481670&r2=1481671&view=diff
==============================================================================
--- airavata/trunk/modules/airavata-client/src/main/java/org/apache/airavata/client/impl/SecuritySettingsImpl.java (original)
+++ airavata/trunk/modules/airavata-client/src/main/java/org/apache/airavata/client/impl/SecuritySettingsImpl.java Sun May 12 23:38:06 2013
@@ -25,23 +25,20 @@ import org.apache.airavata.client.api.*;
public class SecuritySettingsImpl implements SecuritySettings {
private AmazonWebServicesSettings amazonWebServicesSettings = new AmazonWebServicesSettingsImpl();
+ private CredentialStoreSecuritySettings credentialStoreSecuritySettings = new CredentialStoreSecuritySettingsImpl();
- @Override
public AmazonWebServicesSettings getAmazonWSSettings() {
return amazonWebServicesSettings;
}
- @Override
- public CredentialManagementServiceSettings getCMServiceSettings() throws AiravataAPIUnimplementedException {
- throw new AiravataAPIUnimplementedException("Customizing security is not supported by the client in this binary!!!");
+ public CredentialStoreSecuritySettings getCredentialStoreSecuritySettings() throws AiravataAPIUnimplementedException {
+ return credentialStoreSecuritySettings;
}
- @Override
public GridMyProxyRepositorySettings getGridMyProxyRepositorySettings() throws AiravataAPIUnimplementedException {
throw new AiravataAPIUnimplementedException("Customizing security is not supported by the client in this binary!!!");
}
- @Override
public SSHAuthenticationSettings getSSHAuthenticationSettings() throws AiravataAPIUnimplementedException {
throw new AiravataAPIUnimplementedException("Customizing security is not supported by the client in this binary!!!");
}
Modified: airavata/trunk/modules/commons/workflow-execution-context/src/main/java/org/apache/airavata/common/workflow/execution/context/WorkflowContextHeaderBuilder.java
URL: http://svn.apache.org/viewvc/airavata/trunk/modules/commons/workflow-execution-context/src/main/java/org/apache/airavata/common/workflow/execution/context/WorkflowContextHeaderBuilder.java?rev=1481671&r1=1481670&r2=1481671&view=diff
==============================================================================
--- airavata/trunk/modules/commons/workflow-execution-context/src/main/java/org/apache/airavata/common/workflow/execution/context/WorkflowContextHeaderBuilder.java (original)
+++ airavata/trunk/modules/commons/workflow-execution-context/src/main/java/org/apache/airavata/common/workflow/execution/context/WorkflowContextHeaderBuilder.java Sun May 12 23:38:06 2013
@@ -265,14 +265,14 @@ public class WorkflowContextHeaderBuilde
return this;
}
- public WorkflowContextHeaderBuilder setCredentialManagementService(String scmUrl, String securitySessionId) {
+ public WorkflowContextHeaderBuilder setCredentialManagementService(String tokenId, String portalUser) {
if (this.securityContext == null) {
this.securityContext = SecurityContextDocument.SecurityContext.Factory.newInstance();
}
SecurityContextDocument.SecurityContext.CredentialManagementService credentialManagementService = this.securityContext
.addNewCredentialManagementService();
- credentialManagementService.setScmsUrl(scmUrl);
- credentialManagementService.setExecutionSessionId(securitySessionId);
+ credentialManagementService.setTokenId(tokenId);
+ credentialManagementService.setPortalUser(portalUser);
return this;
}
Modified: airavata/trunk/modules/commons/workflow-execution-context/src/main/resources/workflow_execution_context.xsd
URL: http://svn.apache.org/viewvc/airavata/trunk/modules/commons/workflow-execution-context/src/main/resources/workflow_execution_context.xsd?rev=1481671&r1=1481670&r2=1481671&view=diff
==============================================================================
--- airavata/trunk/modules/commons/workflow-execution-context/src/main/resources/workflow_execution_context.xsd (original)
+++ airavata/trunk/modules/commons/workflow-execution-context/src/main/resources/workflow_execution_context.xsd Sun May 12 23:38:06 2013
@@ -509,22 +509,15 @@
</annotation>
<complexType>
<sequence>
- <element name="scms-url" type="anyURI">
+ <element name="token_id" type="string">
<annotation>
- <documentation xml:lang="en"> Location of the SCMS
- (Session
- Credential Management Service).
+ <documentation xml:lang="en"> Token id used in credential-store. Represents the community user.
</documentation>
</annotation>
</element>
- <element name="execution-session-id" type="string">
+ <element name="portal-user" type="string">
<annotation>
- <documentation xml:lang="en"> The ID of the session
- credential
- to be used for executing grid operations
- as needed
- by the
- workflow.
+ <documentation xml:lang="en"> The portal user id who is invoking the workflow.
</documentation>
</annotation>
</element>
Modified: airavata/trunk/modules/credential-store/src/main/java/org/apache/airavata/credential/store/servlet/CredentialStoreCallbackServlet.java
URL: http://svn.apache.org/viewvc/airavata/trunk/modules/credential-store/src/main/java/org/apache/airavata/credential/store/servlet/CredentialStoreCallbackServlet.java?rev=1481671&r1=1481670&r2=1481671&view=diff
==============================================================================
--- airavata/trunk/modules/credential-store/src/main/java/org/apache/airavata/credential/store/servlet/CredentialStoreCallbackServlet.java (original)
+++ airavata/trunk/modules/credential-store/src/main/java/org/apache/airavata/credential/store/servlet/CredentialStoreCallbackServlet.java Sun May 12 23:38:06 2013
@@ -57,7 +57,7 @@ public class CredentialStoreCallbackServ
private static final String GATEWAY_NAME_QUERY_PARAMETER = "gatewayName";
private static final String PORTAL_USER_QUERY_PARAMETER = "portalUserName";
private static final String PORTAL_USER_EMAIL_QUERY_PARAMETER = "email";
- private static final String PORTAL_TOKEN_ID_ASSIGNED = "tokenId";
+ private static final String PORTAL_TOKEN_ID_ASSIGNED = "associatedToken";
private static final String DURATION_QUERY_PARAMETER = "duration";
private OA4MPService oa4mpService;
@@ -137,11 +137,12 @@ public class CredentialStoreCallbackServ
OA4MPResponse oa4MPResponse = null;
Map<String, String> parameters = createQueryParameters(gatewayName, portalUserName,
- contactEmail, duration);
+ contactEmail, portalTokenId);
try {
info("Requesting private key ...");
oa4MPResponse = getOA4MPService().requestCert(parameters);
+ //oa4MPResponse = getOA4MPService().requestCert();
info("2.a. Getting the cert(s) from the service");
assetResponse = getOA4MPService().getCert(token, verifier);
@@ -190,7 +191,7 @@ public class CredentialStoreCallbackServ
private Map<String, String> createQueryParameters (String gatewayName,
String portalUserName,
String portalEmail,
- long duration) {
+ String tokenId) {
String callbackUriKey = getEnvironment().getConstants().get(CALLBACK_URI_KEY);
ClientEnvironment clientEnvironment = (ClientEnvironment) getEnvironment();
@@ -202,7 +203,9 @@ public class CredentialStoreCallbackServ
stringBuilder.append("?").append(GATEWAY_NAME_QUERY_PARAMETER).append("=").append(gatewayName)
.append("&").append(PORTAL_USER_QUERY_PARAMETER).append("=").append(portalUserName)
.append("&")
- .append(PORTAL_USER_EMAIL_QUERY_PARAMETER).append("=").append(portalEmail);
+ .append(PORTAL_USER_EMAIL_QUERY_PARAMETER).append("=").append(portalEmail)
+ .append("&")
+ .append(PORTAL_TOKEN_ID_ASSIGNED).append("=").append(tokenId);
info("Callback URI is set to - " + stringBuilder.toString());
Modified: airavata/trunk/modules/credential-store/src/main/java/org/apache/airavata/credential/store/servlet/CredentialStoreOA4MPServer.java
URL: http://svn.apache.org/viewvc/airavata/trunk/modules/credential-store/src/main/java/org/apache/airavata/credential/store/servlet/CredentialStoreOA4MPServer.java?rev=1481671&r1=1481670&r2=1481671&view=diff
==============================================================================
--- airavata/trunk/modules/credential-store/src/main/java/org/apache/airavata/credential/store/servlet/CredentialStoreOA4MPServer.java (original)
+++ airavata/trunk/modules/credential-store/src/main/java/org/apache/airavata/credential/store/servlet/CredentialStoreOA4MPServer.java Sun May 12 23:38:06 2013
@@ -58,7 +58,7 @@ public class CredentialStoreOA4MPServer
PKCS10CertificationRequest certReq = createCertRequest(keyPair);
OA4MPResponse mpdsResponse = new OA4MPResponse();
mpdsResponse.setPrivateKey(keyPair.getPrivate());
- additionalParameters.put(ClientEnvironment.CERT_REQUEST_KEY, Base64.encodeBase64(certReq.getDEREncoded()));
+ additionalParameters.put(ClientEnvironment.CERT_REQUEST_KEY, Base64.encodeBase64String(certReq.getDEREncoded()));
if (additionalParameters.get(getEnvironment().getConstants().get(CALLBACK_URI_KEY)) == null) {
additionalParameters.put(getEnvironment().getConstants().get(CALLBACK_URI_KEY), getEnvironment().
Modified: airavata/trunk/modules/credential-store/src/main/java/org/apache/airavata/credential/store/servlet/CredentialStoreStartServlet.java
URL: http://svn.apache.org/viewvc/airavata/trunk/modules/credential-store/src/main/java/org/apache/airavata/credential/store/servlet/CredentialStoreStartServlet.java?rev=1481671&r1=1481670&r2=1481671&view=diff
==============================================================================
--- airavata/trunk/modules/credential-store/src/main/java/org/apache/airavata/credential/store/servlet/CredentialStoreStartServlet.java (original)
+++ airavata/trunk/modules/credential-store/src/main/java/org/apache/airavata/credential/store/servlet/CredentialStoreStartServlet.java Sun May 12 23:38:06 2013
@@ -82,6 +82,7 @@ public class CredentialStoreStartServlet
String gatewayName = request.getParameter("gatewayName");
String portalUserName = request.getParameter("portalUserName");
String contactEmail = request.getParameter("email");
+ String associatedToken = request.getParameter("associatedToken");
if (gatewayName == null) {
JSPUtil.handleException(new RuntimeException("Please specify a gateway name."), request,
@@ -109,6 +110,7 @@ public class CredentialStoreStartServlet
queryParameters.put("gatewayName", gatewayName);
queryParameters.put("portalUserName", portalUserName);
queryParameters.put("email", contactEmail);
+ queryParameters.put("associatedToken", associatedToken);
Map<String, String> additionalParameters = new HashMap<String, String>();
Modified: airavata/trunk/modules/credential-store/src/main/java/org/apache/airavata/credential/store/store/CredentialReader.java
URL: http://svn.apache.org/viewvc/airavata/trunk/modules/credential-store/src/main/java/org/apache/airavata/credential/store/store/CredentialReader.java?rev=1481671&r1=1481670&r2=1481671&view=diff
==============================================================================
--- airavata/trunk/modules/credential-store/src/main/java/org/apache/airavata/credential/store/store/CredentialReader.java (original)
+++ airavata/trunk/modules/credential-store/src/main/java/org/apache/airavata/credential/store/store/CredentialReader.java Sun May 12 23:38:06 2013
@@ -1,6 +1,7 @@
package org.apache.airavata.credential.store.store;
import org.apache.airavata.credential.store.credential.AuditInfo;
+import org.apache.airavata.credential.store.credential.Credential;
/**
* This interface provides an API for Credential Store.
@@ -8,6 +9,16 @@ import org.apache.airavata.credential.st
*/
public interface CredentialReader {
+
+ /**
+ * Retrieves the credential from the credential store.
+ * @param gatewayId The gateway id
+ * @param tokenId The token id associated with the credential
+ * @return The Credential object associated with the token.
+ * @throws CredentialStoreException If an error occurred while retrieving a credential.
+ */
+ Credential getCredential(String gatewayId, String tokenId) throws CredentialStoreException;
+
/**
* Gets the admin portal user name who retrieved given community user for
* given portal user name.
Added: airavata/trunk/modules/credential-store/src/main/java/org/apache/airavata/credential/store/store/CredentialReaderFactory.java
URL: http://svn.apache.org/viewvc/airavata/trunk/modules/credential-store/src/main/java/org/apache/airavata/credential/store/store/CredentialReaderFactory.java?rev=1481671&view=auto
==============================================================================
--- airavata/trunk/modules/credential-store/src/main/java/org/apache/airavata/credential/store/store/CredentialReaderFactory.java (added)
+++ airavata/trunk/modules/credential-store/src/main/java/org/apache/airavata/credential/store/store/CredentialReaderFactory.java Sun May 12 23:38:06 2013
@@ -0,0 +1,41 @@
+/*
+ *
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+
+package org.apache.airavata.credential.store.store;
+
+/**
+ * User: AmilaJ (amilaj@apache.org)
+ * Date: 5/8/13
+ * Time: 3:44 PM
+ */
+
+import org.apache.airavata.common.utils.DBUtil;
+import org.apache.airavata.credential.store.store.impl.CredentialReaderImpl;
+
+/**
+ * Factory class to create credential store readers.
+ */
+public class CredentialReaderFactory {
+
+ public static CredentialReader createCredentialStoreReader(DBUtil dbUti) {
+ return new CredentialReaderImpl(dbUti);
+ }
+}
Modified: airavata/trunk/modules/credential-store/src/main/java/org/apache/airavata/credential/store/store/impl/CredentialReaderImpl.java
URL: http://svn.apache.org/viewvc/airavata/trunk/modules/credential-store/src/main/java/org/apache/airavata/credential/store/store/impl/CredentialReaderImpl.java?rev=1481671&r1=1481670&r2=1481671&view=diff
==============================================================================
--- airavata/trunk/modules/credential-store/src/main/java/org/apache/airavata/credential/store/store/impl/CredentialReaderImpl.java (original)
+++ airavata/trunk/modules/credential-store/src/main/java/org/apache/airavata/credential/store/store/impl/CredentialReaderImpl.java Sun May 12 23:38:06 2013
@@ -38,6 +38,19 @@ public class CredentialReaderImpl implem
}
}
+
+ @Override
+ public Credential getCredential(String gatewayId, String tokenId) throws CredentialStoreException {
+
+ Connection connection = getConnection();
+
+ try {
+ return this.credentialsDAO.getCredential(gatewayId, tokenId, connection);
+ } finally {
+ DBUtil.cleanup(connection);
+ }
+ }
+
public String getPortalUser(String gatewayName, String tokenId) throws CredentialStoreException {
Connection connection = getConnection();
Modified: airavata/trunk/modules/credential-store/src/test/java/org/apache/airavata/credential/store/store/impl/db/CommunityUserDAOTest.java
URL: http://svn.apache.org/viewvc/airavata/trunk/modules/credential-store/src/test/java/org/apache/airavata/credential/store/store/impl/db/CommunityUserDAOTest.java?rev=1481671&r1=1481670&r2=1481671&view=diff
==============================================================================
--- airavata/trunk/modules/credential-store/src/test/java/org/apache/airavata/credential/store/store/impl/db/CommunityUserDAOTest.java (original)
+++ airavata/trunk/modules/credential-store/src/test/java/org/apache/airavata/credential/store/store/impl/db/CommunityUserDAOTest.java Sun May 12 23:38:06 2013
@@ -32,6 +32,7 @@ public class CommunityUserDAOTest extend
" PRIMARY KEY (GATEWAY_NAME, COMMUNITY_USER_NAME, TOKEN_ID)\n" +
" )";
+
String dropTable = "drop table COMMUNITY_USER";
try {
Modified: airavata/trunk/modules/credential-store/src/test/java/org/apache/airavata/credential/store/store/impl/db/CredentialsDAOTest.java
URL: http://svn.apache.org/viewvc/airavata/trunk/modules/credential-store/src/test/java/org/apache/airavata/credential/store/store/impl/db/CredentialsDAOTest.java?rev=1481671&r1=1481670&r2=1481671&view=diff
==============================================================================
--- airavata/trunk/modules/credential-store/src/test/java/org/apache/airavata/credential/store/store/impl/db/CredentialsDAOTest.java (original)
+++ airavata/trunk/modules/credential-store/src/test/java/org/apache/airavata/credential/store/store/impl/db/CredentialsDAOTest.java Sun May 12 23:38:06 2013
@@ -64,6 +64,7 @@ public class CredentialsDAOTest extends
" PRIMARY KEY (GATEWAY_ID, TOKEN_ID)\n" +
")";
+
String dropTable = "drop table CREDENTIALS";
try {
Modified: airavata/trunk/modules/gfac-core/pom.xml
URL: http://svn.apache.org/viewvc/airavata/trunk/modules/gfac-core/pom.xml?rev=1481671&r1=1481670&r2=1481671&view=diff
==============================================================================
--- airavata/trunk/modules/gfac-core/pom.xml (original)
+++ airavata/trunk/modules/gfac-core/pom.xml Sun May 12 23:38:06 2013
@@ -85,6 +85,13 @@
<version>0.8.0</version>
</dependency>
+ <!-- Credential Store -->
+ <dependency>
+ <groupId>org.apache.airavata</groupId>
+ <artifactId>airavata-credential-store</artifactId>
+ <version>${pom.version}</version>
+ </dependency>
+
<!-- Amazon EC2 Provider -->
<dependency>
<groupId>com.amazonaws</groupId>
Modified: airavata/trunk/modules/gfac-core/src/main/java/org/apache/airavata/gfac/Constants.java
URL: http://svn.apache.org/viewvc/airavata/trunk/modules/gfac-core/src/main/java/org/apache/airavata/gfac/Constants.java?rev=1481671&r1=1481670&r2=1481671&view=diff
==============================================================================
--- airavata/trunk/modules/gfac-core/src/main/java/org/apache/airavata/gfac/Constants.java (original)
+++ airavata/trunk/modules/gfac-core/src/main/java/org/apache/airavata/gfac/Constants.java Sun May 12 23:38:06 2013
@@ -55,6 +55,7 @@ public class Constants {
public static final String TRUSTED_CERT_LOCATION = "trusted.cert.location";
public static final String MYPROXY_SERVER = "myproxy.server";
+ public static final String MYPROXY_SERVER_PORT = "myproxy.port";
public static final String MYPROXY_USER = "myproxy.user";
public static final String MYPROXY_PASS = "myproxy.pass";
public static final String MYPROXY_LIFE = "myproxy.life";
Modified: airavata/trunk/modules/gfac-core/src/main/java/org/apache/airavata/gfac/context/security/GSISecurityContext.java
URL: http://svn.apache.org/viewvc/airavata/trunk/modules/gfac-core/src/main/java/org/apache/airavata/gfac/context/security/GSISecurityContext.java?rev=1481671&r1=1481670&r2=1481671&view=diff
==============================================================================
--- airavata/trunk/modules/gfac-core/src/main/java/org/apache/airavata/gfac/context/security/GSISecurityContext.java (original)
+++ airavata/trunk/modules/gfac-core/src/main/java/org/apache/airavata/gfac/context/security/GSISecurityContext.java Sun May 12 23:38:06 2013
@@ -22,136 +22,106 @@ package org.apache.airavata.gfac.context
import java.util.Properties;
-import org.apache.airavata.gfac.Constants;
import org.apache.airavata.gfac.GFacException;
import org.apache.airavata.gfac.utils.MyProxyManager;
import org.globus.gsi.GlobusCredential;
-import org.globus.tools.MyProxy;
import org.ietf.jgss.GSSCredential;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
+/**
+ * Handles GRID related security.
+ */
public class GSISecurityContext extends SecurityContext {
+
protected final Logger log = LoggerFactory.getLogger(this.getClass());
/*
* context name
*/
public static final String GSI_SECURITY_CONTEXT = "gsi";
- private MyProxyManager proxyRenewer;
-
- private String myproxyUserName;
-
- private String myproxyPasswd;
+ private MyProxyManager myProxyManager;
- private String myproxyServer;
+ private GSSCredential gssCredentials;
- private int myproxyLifetime;
+ private GlobusCredential globusCredential;
- private String trustedCertLoc;
+ private String tokenId;
- private GSSCredential gssCredentails;
+ private String gatewayId;
- private GlobusCredential globusCredential;
+ private String gatewayUser;
- public GSISecurityContext(){
+ public GSISecurityContext() {
}
- public GSISecurityContext(Properties configuration) throws GFacException{
- this.setMyproxyUserName(configuration.getProperty(Constants.MYPROXY_USER));
- this.setMyproxyServer(configuration.getProperty(Constants.MYPROXY_SERVER));
- this.setMyproxyPasswd(configuration.getProperty(Constants.MYPROXY_PASS));
- this.setMyproxyLifetime(Integer.parseInt(configuration.getProperty(Constants.MYPROXY_LIFE)));
- this.setTrustedCertLoc(configuration.getProperty(Constants.TRUSTED_CERT_LOCATION));
- }
- public GSISecurityContext(String myproxyServer, String myproxyUserName,String myproxyPasswd, int myproxyLifetime, String trustedCertLoc){
- this.myproxyServer = myproxyServer;
- this.myproxyUserName = myproxyUserName;
- this.myproxyPasswd = myproxyPasswd;
- this.myproxyLifetime = myproxyLifetime;
- this.trustedCertLoc = trustedCertLoc;
- }
- public GSSCredential getGssCredentails() throws SecurityException {
- try {
- if (gssCredentails == null || gssCredentails.getRemainingLifetime() < 10 * 90) {
- if (proxyRenewer != null) {
- gssCredentails = proxyRenewer.renewProxy();
- } else if (myproxyUserName != null && myproxyPasswd != null && myproxyServer != null) {
- this.proxyRenewer = new MyProxyManager(myproxyUserName, myproxyPasswd, MyProxy.MYPROXY_SERVER_PORT,
- myproxyLifetime, myproxyServer, trustedCertLoc);
- log.debug("loaded credentails from Proxy server");
- gssCredentails = this.proxyRenewer.renewProxy();
- }
- }
- return gssCredentails;
- } catch (Exception e) {
- throw new SecurityException(e.getMessage(), e);
- }
+
+ public GSISecurityContext(Properties configuration, String token, String gateway, String user) {
+ this.tokenId = token;
+ this.gatewayId = gateway;
+ this.gatewayUser = user;
+ myProxyManager = new MyProxyManager(configuration);
}
+ public GSISecurityContext(Properties configuration) throws GFacException {
- public GlobusCredential getGlobusCredential() {
- try{
- if (gssCredentails == null || gssCredentails.getRemainingLifetime() < 10 * 90) {
- if (proxyRenewer != null) {
-// gssCredentails = proxyRenewer.renewProxy();
- globusCredential = proxyRenewer.getGlobusCredential();
- } else if (myproxyUserName != null && myproxyPasswd != null && myproxyServer != null) {
- this.proxyRenewer = new MyProxyManager(myproxyUserName, myproxyPasswd, MyProxy.MYPROXY_SERVER_PORT,
- myproxyLifetime, myproxyServer, trustedCertLoc);
- log.debug("loaded credentails from Proxy server");
-// gssCredentails = this.proxyRenewer.renewProxy();
- globusCredential = proxyRenewer.getGlobusCredential();
- }
- }
- return globusCredential;
- } catch (Exception e) {
- throw new SecurityException(e.getMessage(), e);
+ myProxyManager = new MyProxyManager(configuration);
}
+
+ public GSISecurityContext(String myProxyServer, String myProxyUserName, String myProxyPassword, int myProxyLifetime, String trustedCertLoc) {
+
+ myProxyManager = new MyProxyManager(myProxyUserName, myProxyPassword,
+ myProxyLifetime, myProxyServer, trustedCertLoc);
}
+ public GSSCredential getGssCredentials() throws SecurityException {
+ try {
+ GSSCredential credential = this.myProxyManager.getCredentialsFromStore(gatewayId, tokenId);
- public String getTrustedCertLoc() {
- return trustedCertLoc;
- }
+ if (credential == null)
+ return getGssCredentialsFromUserPassword();
+ else
+ return credential;
- public void setTrustedCertLoc(String trustedCertLoc) {
- this.trustedCertLoc = trustedCertLoc;
+ } catch (Exception e) {
+ throw new SecurityException(e.getMessage(), e);
+ }
}
- public String getMyproxyUserName() {
- return myproxyUserName;
- }
- public void setMyproxyUserName(String myproxyUserName) {
- this.myproxyUserName = myproxyUserName;
+ public GSSCredential getGssCredentialsFromUserPassword() throws SecurityException {
+ try {
+ if (gssCredentials == null || gssCredentials.getRemainingLifetime() < 10 * 90) {
+ gssCredentials = myProxyManager.renewProxy();
+ }
+ return gssCredentials;
+ } catch (Exception e) {
+ throw new SecurityException(e.getMessage(), e);
+ }
}
- public String getMyproxyPasswd() {
- return myproxyPasswd;
- }
- public void setMyproxyPasswd(String myproxyPasswd) {
- this.myproxyPasswd = myproxyPasswd;
- }
+ @SuppressWarnings("UnusedDeclaration")
+ public GlobusCredential getGlobusCredential() {
+ try {
+ if (gssCredentials == null || gssCredentials.getRemainingLifetime() < 10 * 90) {
+ globusCredential = myProxyManager.getGlobusCredential();
+ }
+ return globusCredential;
+ } catch (Exception e) {
+ throw new SecurityException(e.getMessage(), e);
+ }
- public String getMyproxyServer() {
- return myproxyServer;
}
- public void setMyproxyServer(String myproxyServer) {
- this.myproxyServer = myproxyServer;
- }
- public int getMyproxyLifetime() {
- return myproxyLifetime;
+ @SuppressWarnings("UnusedDeclaration")
+ public String getGatewayUser() {
+ return gatewayUser;
}
- public void setMyproxyLifetime(int myproxyLifetime) {
- this.myproxyLifetime = myproxyLifetime;
+ public MyProxyManager getMyProxyManager() {
+ return myProxyManager;
}
-
-
-
}
Modified: airavata/trunk/modules/gfac-core/src/main/java/org/apache/airavata/gfac/handler/GramDirectorySetupHandler.java
URL: http://svn.apache.org/viewvc/airavata/trunk/modules/gfac-core/src/main/java/org/apache/airavata/gfac/handler/GramDirectorySetupHandler.java?rev=1481671&r1=1481670&r2=1481671&view=diff
==============================================================================
--- airavata/trunk/modules/gfac-core/src/main/java/org/apache/airavata/gfac/handler/GramDirectorySetupHandler.java (original)
+++ airavata/trunk/modules/gfac-core/src/main/java/org/apache/airavata/gfac/handler/GramDirectorySetupHandler.java Sun May 12 23:38:06 2013
@@ -73,7 +73,12 @@ public class GramDirectorySetupHandler i
GridFtp ftp = new GridFtp();
try {
- GSSCredential gssCred = ((GSISecurityContext)jobExecutionContext.getSecurityContext(GSISecurityContext.GSI_SECURITY_CONTEXT)).getGssCredentails();
+
+
+
+
+ GSSCredential gssCred = ((GSISecurityContext)jobExecutionContext.
+ getSecurityContext(GSISecurityContext.GSI_SECURITY_CONTEXT)).getGssCredentials();
if (gridFTPEndpointArray == null || gridFTPEndpointArray.length == 0) {
gridFTPEndpointArray = new String[]{hostType.getHostAddress()};
Modified: airavata/trunk/modules/gfac-core/src/main/java/org/apache/airavata/gfac/handler/GridFTPInputHandler.java
URL: http://svn.apache.org/viewvc/airavata/trunk/modules/gfac-core/src/main/java/org/apache/airavata/gfac/handler/GridFTPInputHandler.java?rev=1481671&r1=1481670&r2=1481671&view=diff
==============================================================================
--- airavata/trunk/modules/gfac-core/src/main/java/org/apache/airavata/gfac/handler/GridFTPInputHandler.java (original)
+++ airavata/trunk/modules/gfac-core/src/main/java/org/apache/airavata/gfac/handler/GridFTPInputHandler.java Sun May 12 23:38:06 2013
@@ -111,7 +111,7 @@ public class GridFTPInputHandler impleme
ApplicationDeploymentDescriptionType app = jobExecutionContext.getApplicationContext().getApplicationDeploymentDescription().getType();
GridFtp ftp = new GridFtp();
URI destURI = null;
- GSSCredential gssCred = ((GSISecurityContext)jobExecutionContext.getSecurityContext(GSISecurityContext.GSI_SECURITY_CONTEXT)).getGssCredentails();
+ GSSCredential gssCred = ((GSISecurityContext)jobExecutionContext.getSecurityContext(GSISecurityContext.GSI_SECURITY_CONTEXT)).getGssCredentials();
for (String endpoint : gridFTPEndpointArray) {
URI inputURI = GFacUtils.createGsiftpURI(endpoint, app.getInputDataDirectory());
Modified: airavata/trunk/modules/gfac-core/src/main/java/org/apache/airavata/gfac/handler/GridFTPOutputHandler.java
URL: http://svn.apache.org/viewvc/airavata/trunk/modules/gfac-core/src/main/java/org/apache/airavata/gfac/handler/GridFTPOutputHandler.java?rev=1481671&r1=1481670&r2=1481671&view=diff
==============================================================================
--- airavata/trunk/modules/gfac-core/src/main/java/org/apache/airavata/gfac/handler/GridFTPOutputHandler.java (original)
+++ airavata/trunk/modules/gfac-core/src/main/java/org/apache/airavata/gfac/handler/GridFTPOutputHandler.java Sun May 12 23:38:06 2013
@@ -91,7 +91,7 @@ public class GridFTPOutputHandler implem
File localStdErrFile = null;
Map<String, ActualParameter> stringMap = new HashMap<String, ActualParameter>();
try {
- GSSCredential gssCred = ((GSISecurityContext)jobExecutionContext.getSecurityContext(GSISecurityContext.GSI_SECURITY_CONTEXT)).getGssCredentails();
+ GSSCredential gssCred = ((GSISecurityContext)jobExecutionContext.getSecurityContext(GSISecurityContext.GSI_SECURITY_CONTEXT)).getGssCredentials();
String[] hostgridFTP = gridFTPEndpointArray;
if (hostgridFTP == null || hostgridFTP.length == 0) {
hostgridFTP = new String[]{hostName};
@@ -276,7 +276,7 @@ public class GridFTPOutputHandler implem
.get(paramName);
GridFtp ftp = new GridFtp();
- GSSCredential gssCred = ((GSISecurityContext)jobExecutionContext.getSecurityContext(GSISecurityContext.GSI_SECURITY_CONTEXT)).getGssCredentails();
+ GSSCredential gssCred = ((GSISecurityContext)jobExecutionContext.getSecurityContext(GSISecurityContext.GSI_SECURITY_CONTEXT)).getGssCredentials();
try {
if ("URI".equals(actualParameter.getType().getType().toString())) {
for (String endpoint : gridFTPEndpointArray) {
Modified: airavata/trunk/modules/gfac-core/src/main/java/org/apache/airavata/gfac/provider/impl/BESProvider.java
URL: http://svn.apache.org/viewvc/airavata/trunk/modules/gfac-core/src/main/java/org/apache/airavata/gfac/provider/impl/BESProvider.java?rev=1481671&r1=1481670&r2=1481671&view=diff
==============================================================================
--- airavata/trunk/modules/gfac-core/src/main/java/org/apache/airavata/gfac/provider/impl/BESProvider.java (original)
+++ airavata/trunk/modules/gfac-core/src/main/java/org/apache/airavata/gfac/provider/impl/BESProvider.java Sun May 12 23:38:06 2013
@@ -32,7 +32,6 @@ import org.apache.airavata.gfac.context.
import org.apache.airavata.gfac.context.security.GSISecurityContext;
import org.apache.airavata.gfac.provider.GFacProvider;
import org.apache.airavata.gfac.provider.GFacProviderException;
-import org.apache.airavata.gfac.provider.utils.JSDLGenerator;
import org.apache.airavata.schemas.gfac.UnicoreHostType;
import org.apache.xmlbeans.XmlCursor;
import org.ggf.schemas.bes.x2006.x08.besFactory.ActivityStateEnumeration;
@@ -177,10 +176,10 @@ public class BESProvider implements GFac
- GSISecurityContext gssContext = (GSISecurityContext)jobExecutionContext.getSecurityContext(GSISecurityContext.GSI_SECURITY_CONTEXT);
-// GlobusCredential credentials = gssContext.getGlobusCredential();
-
- GlobusGSSCredentialImpl gss = (GlobusGSSCredentialImpl) gssContext.getGssCredentails();
+ GSISecurityContext gssContext = (GSISecurityContext)jobExecutionContext.
+ getSecurityContext(GSISecurityContext.GSI_SECURITY_CONTEXT);
+
+ GlobusGSSCredentialImpl gss = (GlobusGSSCredentialImpl) gssContext.getGssCredentials();
ByteArrayOutputStream bos = new ByteArrayOutputStream();
@@ -196,8 +195,8 @@ public class BESProvider implements GFac
//TODO: to be supported by airavata gsscredential class
List<String> trustedCert = new ArrayList<String>();
- trustedCert.add(gssContext.getTrustedCertLoc()+"/*.0");
- trustedCert.add(gssContext.getTrustedCertLoc()+"/*.pem");
+ trustedCert.add(gssContext.getMyProxyManager().getTrustedCertsLoc() + "/*.0");
+ trustedCert.add(gssContext.getMyProxyManager().getTrustedCertsLoc() + "/*.pem");
char[] c = null;
Modified: airavata/trunk/modules/gfac-core/src/main/java/org/apache/airavata/gfac/provider/impl/GramProvider.java
URL: http://svn.apache.org/viewvc/airavata/trunk/modules/gfac-core/src/main/java/org/apache/airavata/gfac/provider/impl/GramProvider.java?rev=1481671&r1=1481670&r2=1481671&view=diff
==============================================================================
--- airavata/trunk/modules/gfac-core/src/main/java/org/apache/airavata/gfac/provider/impl/GramProvider.java (original)
+++ airavata/trunk/modules/gfac-core/src/main/java/org/apache/airavata/gfac/provider/impl/GramProvider.java Sun May 12 23:38:06 2013
@@ -64,7 +64,7 @@ public class GramProvider implements GFa
StringBuffer buf = new StringBuffer();
try {
- GSSCredential gssCred = ((GSISecurityContext)jobExecutionContext.getSecurityContext(GSISecurityContext.GSI_SECURITY_CONTEXT)).getGssCredentails();
+ GSSCredential gssCred = ((GSISecurityContext)jobExecutionContext.getSecurityContext(GSISecurityContext.GSI_SECURITY_CONTEXT)).getGssCredentials();
job.setCredentials(gssCred);
// We do not support multiple gatekeepers in XBaya GUI, so we simply pick the 0th element in the array
String gateKeeper = host.getGlobusGateKeeperEndPointArray(0);
Modified: airavata/trunk/modules/gfac-core/src/main/java/org/apache/airavata/gfac/utils/GramJobSubmissionListener.java
URL: http://svn.apache.org/viewvc/airavata/trunk/modules/gfac-core/src/main/java/org/apache/airavata/gfac/utils/GramJobSubmissionListener.java?rev=1481671&r1=1481670&r2=1481671&view=diff
==============================================================================
--- airavata/trunk/modules/gfac-core/src/main/java/org/apache/airavata/gfac/utils/GramJobSubmissionListener.java (original)
+++ airavata/trunk/modules/gfac-core/src/main/java/org/apache/airavata/gfac/utils/GramJobSubmissionListener.java Sun May 12 23:38:06 2013
@@ -62,7 +62,7 @@ public class GramJobSubmissionListener i
int proxyExpTime = job.getCredentials().getRemainingLifetime();
if (proxyExpTime < JOB_PROXY_REMAINING_TIME_LIMIT) {
log.info("Job proxy expired. Trying to renew proxy");
- GSSCredential gssCred = ((GSISecurityContext)context.getSecurityContext(GSISecurityContext.GSI_SECURITY_CONTEXT)).getGssCredentails();
+ GSSCredential gssCred = ((GSISecurityContext)context.getSecurityContext(GSISecurityContext.GSI_SECURITY_CONTEXT)).getGssCredentials();
job.renew(gssCred);
log.info("Myproxy renewed");
}
Modified: airavata/trunk/modules/gfac-core/src/main/java/org/apache/airavata/gfac/utils/MyProxyManager.java
URL: http://svn.apache.org/viewvc/airavata/trunk/modules/gfac-core/src/main/java/org/apache/airavata/gfac/utils/MyProxyManager.java?rev=1481671&r1=1481670&r2=1481671&view=diff
==============================================================================
--- airavata/trunk/modules/gfac-core/src/main/java/org/apache/airavata/gfac/utils/MyProxyManager.java (original)
+++ airavata/trunk/modules/gfac-core/src/main/java/org/apache/airavata/gfac/utils/MyProxyManager.java Sun May 12 23:38:06 2013
@@ -23,19 +23,31 @@ package org.apache.airavata.gfac.utils;
import java.io.File;
import java.io.FileOutputStream;
import java.io.IOException;
+import java.security.cert.X509Certificate;
+import java.util.Properties;
import java.util.UUID;
+import org.apache.airavata.common.utils.DBUtil;
+import org.apache.airavata.common.utils.ServerSettings;
+import org.apache.airavata.credential.store.credential.Credential;
+import org.apache.airavata.credential.store.credential.impl.certificate.CertificateCredential;
+import org.apache.airavata.credential.store.store.CredentialReader;
+import org.apache.airavata.credential.store.store.CredentialReaderFactory;
+import org.apache.airavata.gfac.Constants;
import org.globus.gsi.GlobusCredential;
import org.globus.gsi.TrustedCertificates;
import org.globus.gsi.gssapi.GlobusGSSCredentialImpl;
import org.globus.myproxy.MyProxy;
import org.globus.myproxy.MyProxyException;
-import org.gridforum.jgss.ExtendedGSSCredential;
import org.ietf.jgss.GSSCredential;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
+/**
+ * Manages communication with MyProxy. Does all the authentications.
+ */
public class MyProxyManager {
+
private final Logger log = LoggerFactory.getLogger(this.getClass());
private final String username;
@@ -45,23 +57,50 @@ public class MyProxyManager {
private final String hostname;
private String trustedCertsLoc;
+ private CredentialReader credentialReader;
+
+ public MyProxyManager(Properties configuration) {
+
+ this.username = configuration.getProperty(Constants.MYPROXY_USER);
+ this.hostname = configuration.getProperty(Constants.MYPROXY_SERVER);
+ this.password = configuration.getProperty(Constants.MYPROXY_PASS);
+ this.lifetime = Integer.parseInt(configuration.getProperty(Constants.MYPROXY_LIFE));
+ this.trustedCertsLoc = configuration.getProperty(Constants.TRUSTED_CERT_LOCATION);
+
+ String strPort = configuration.getProperty(Constants.MYPROXY_SERVER_PORT);
+
+ if (strPort != null) {
+ this.port = Integer.parseInt(strPort);
+ } else {
+ this.port = org.globus.tools.MyProxy.MYPROXY_SERVER_PORT;
+ }
+
+ init();
+
+ }
+
+ @SuppressWarnings("UnusedDeclaration")
public MyProxyManager(final String username, final String password, final int port, final int lifetime,
- final String hostname) {
+ final String hostname) throws MyProxyException {
this.username = username;
this.password = password;
this.port = port;
this.lifetime = lifetime;
this.hostname = hostname;
+
+ init();
}
- public MyProxyManager(final String username, final String password, final int port, final int lifetime,
+ public MyProxyManager(final String username, final String password, final int lifetime,
final String hostname, String trustedCertsLoc) {
this.username = username;
this.password = password;
- this.port = port;
+ this.port = org.globus.tools.MyProxy.MYPROXY_SERVER_PORT;
this.lifetime = lifetime;
this.hostname = hostname;
this.trustedCertsLoc = trustedCertsLoc;
+
+ init();
}
private void init() {
@@ -69,13 +108,33 @@ public class MyProxyManager {
TrustedCertificates certificates = TrustedCertificates.load(trustedCertsLoc);
TrustedCertificates.setDefaultTrustedCertificates(certificates);
}
+
+ initCredentialStoreReader();
+ }
+
+ private void initCredentialStoreReader() {
+ try {
+ String dbUser = ServerSettings.getCredentialStoreDBUser();
+ String password = ServerSettings.getCredentialStoreDBPassword();
+ String dbUrl = ServerSettings.getCredentialStoreDBURL();
+ String driver = ServerSettings.getCredentialStoreDBDriver();
+
+ DBUtil dbUtil = new DBUtil(dbUrl, dbUser, password, driver);
+
+ credentialReader = CredentialReaderFactory.createCredentialStoreReader(dbUtil);
+
+ } catch (Exception e) {
+ credentialReader = null;
+ log.error("Unable initialize credential store connection.");
+ log.warn("Continuing operations with password based my-proxy configurations");
+ }
}
// not thread safe
public GSSCredential renewProxy() throws MyProxyException, IOException {
init();
- String proxyloc = null;
+ String proxyLocation = null;
MyProxy myproxy = new MyProxy(hostname, port);
GSSCredential proxy = myproxy.get(username, password, lifetime);
GlobusCredential globusCred = null;
@@ -85,11 +144,11 @@ public class MyProxyManager {
String uid = username;
// uid = XpolaUtil.getSysUserid();
log.debug("uid: " + uid);
- proxyloc = "/tmp/x509up_u" + uid + UUID.randomUUID().toString();
- log.debug("proxy location: " + proxyloc);
- File proxyfile = new File(proxyloc);
+ proxyLocation = "/tmp/x509up_u" + uid + UUID.randomUUID().toString();
+ log.debug("proxy location: " + proxyLocation);
+ File proxyfile = new File(proxyLocation);
if (!proxyfile.exists()) {
- String dirpath = proxyloc.substring(0, proxyloc.lastIndexOf('/'));
+ String dirpath = proxyLocation.substring(0, proxyLocation.lastIndexOf('/'));
File dir = new File(dirpath);
if (!dir.exists()) {
if (dir.mkdirs()) {
@@ -98,8 +157,12 @@ public class MyProxyManager {
log.error("error in creating directory " + dirpath);
}
}
- proxyfile.createNewFile();
- log.debug("new proxy file " + proxyloc + " is created.");
+
+ if (!proxyfile.createNewFile()) {
+ log.error("Unable to create proxy file. File - " + proxyfile.getAbsolutePath());
+ } else {
+ log.debug("new proxy file " + proxyLocation + " is created. File - " + proxyfile.getAbsolutePath());
+ }
}
FileOutputStream fout = null;
try {
@@ -110,8 +173,8 @@ public class MyProxyManager {
fout.close();
}
}
- Runtime.getRuntime().exec("/bin/chmod 600 " + proxyloc);
- log.info("Proxy file renewed to " + proxyloc + " for the user " + username + " with " + lifetime
+ Runtime.getRuntime().exec("/bin/chmod 600 " + proxyLocation);
+ log.info("Proxy file renewed to " + proxyLocation + " for the user " + username + " with " + lifetime
+ " lifetime.");
}
@@ -134,9 +197,85 @@ public class MyProxyManager {
return globusCred;
}
-
-
-
-
-
+
+ /**
+ * Reads the credentials from credential store.
+ * @param gatewayId The gateway id.
+ * @param tokenId The token id associated with the credential.
+ * @return If token is found in the credential store, will return a valid credential. Else returns null.
+ * @throws Exception If an error occurred while retrieving credentials.
+ */
+ public GSSCredential getCredentialsFromStore(String gatewayId, String tokenId) throws Exception {
+
+ if (credentialReader == null) {
+ return null;
+ }
+
+ Credential credential = credentialReader.getCredential(gatewayId, tokenId);
+
+ if (credential != null) {
+ if (credential instanceof CertificateCredential) {
+
+ log.info("Successfully found credentials for token id - " + tokenId +
+ " gateway id - " + gatewayId);
+
+ CertificateCredential certificateCredential = (CertificateCredential) credential;
+
+ X509Certificate[] certificates = new X509Certificate[1];
+ certificates[0] = certificateCredential.getCertificate();
+
+ //TODO suspecting about the certificate chain .... need to sort that out
+ GlobusCredential newCredential = new GlobusCredential(certificateCredential.getPrivateKey(),
+ certificates);
+
+ return new GlobusGSSCredentialImpl(newCredential,
+ GSSCredential.INITIATE_AND_ACCEPT);
+ } else {
+ log.info("Credential type is not CertificateCredential. Cannot create mapping globus credentials. " +
+ "Credential type - " + credential.getClass().getName());
+ }
+ } else {
+ log.info("Could not find credentials for token - " + tokenId + " and "
+ + "gateway id - " + gatewayId);
+ }
+
+ return null;
+
+ }
+
+ public String getUsername() {
+ return username;
+ }
+
+ public String getPassword() {
+ return password;
+ }
+
+ public int getPort() {
+ return port;
+ }
+
+ public int getLifetime() {
+ return lifetime;
+ }
+
+ public String getHostname() {
+ return hostname;
+ }
+
+ public String getTrustedCertsLoc() {
+ return trustedCertsLoc;
+ }
+
+ public void setTrustedCertsLoc(String trustedCertsLoc) {
+ this.trustedCertsLoc = trustedCertsLoc;
+ }
+
+ public CredentialReader getCredentialReader() {
+ return credentialReader;
+ }
+
+ public void setCredentialReader(CredentialReader credentialReader) {
+ this.credentialReader = credentialReader;
+ }
}
Modified: airavata/trunk/modules/gfac-core/src/test/java/org/apache/airavata/core/gfac/services/impl/AbstractBESTest.java
URL: http://svn.apache.org/viewvc/airavata/trunk/modules/gfac-core/src/test/java/org/apache/airavata/core/gfac/services/impl/AbstractBESTest.java?rev=1481671&r1=1481670&r2=1481671&view=diff
==============================================================================
--- airavata/trunk/modules/gfac-core/src/test/java/org/apache/airavata/core/gfac/services/impl/AbstractBESTest.java (original)
+++ airavata/trunk/modules/gfac-core/src/test/java/org/apache/airavata/core/gfac/services/impl/AbstractBESTest.java Sun May 12 23:38:06 2013
@@ -125,13 +125,8 @@ public abstract class AbstractBESTest {
protected abstract MessageContext getOutMessageContext();
private GSISecurityContext getSecurityContext() {
- GSISecurityContext context = new GSISecurityContext();
- context.setMyproxyLifetime(3600);
- context.setMyproxyServer("myproxy.teragrid.org");
- context.setMyproxyUserName("******");
- context.setMyproxyPasswd("*******");
- // Add Unicore certificate to this folder
- context.setTrustedCertLoc("/Users/raminder/.globus/certificates");
+ GSISecurityContext context = new GSISecurityContext("myproxy.teragrid.org", "******", "*******", 3600,
+ "/Users/raminder/.globus/certificates");
return context;
}
Modified: airavata/trunk/modules/gfac-core/src/test/java/org/apache/airavata/core/gfac/services/impl/GramProviderTest.java
URL: http://svn.apache.org/viewvc/airavata/trunk/modules/gfac-core/src/test/java/org/apache/airavata/core/gfac/services/impl/GramProviderTest.java?rev=1481671&r1=1481670&r2=1481671&view=diff
==============================================================================
--- airavata/trunk/modules/gfac-core/src/test/java/org/apache/airavata/core/gfac/services/impl/GramProviderTest.java (original)
+++ airavata/trunk/modules/gfac-core/src/test/java/org/apache/airavata/core/gfac/services/impl/GramProviderTest.java Sun May 12 23:38:06 2013
@@ -211,12 +211,7 @@ public class GramProviderTest {
}
private GSISecurityContext getSecurityContext() {
- GSISecurityContext context = new GSISecurityContext();
- context.setMyproxyLifetime(3600);
- context.setMyproxyServer("myproxy.teragrid.org");
- context.setMyproxyUserName("xxx");
- context.setMyproxyPasswd("xxx");
- context.setTrustedCertLoc("/Users/path");
+ GSISecurityContext context = new GSISecurityContext("myproxy.teragrid.org", "xxx", "xxx", 3600, "/Users/path");
return context;
}
Modified: airavata/trunk/modules/gfac-core/src/test/java/org/apache/airavata/core/gfac/services/impl/JSDLGeneratorTest.java
URL: http://svn.apache.org/viewvc/airavata/trunk/modules/gfac-core/src/test/java/org/apache/airavata/core/gfac/services/impl/JSDLGeneratorTest.java?rev=1481671&r1=1481670&r2=1481671&view=diff
==============================================================================
--- airavata/trunk/modules/gfac-core/src/test/java/org/apache/airavata/core/gfac/services/impl/JSDLGeneratorTest.java (original)
+++ airavata/trunk/modules/gfac-core/src/test/java/org/apache/airavata/core/gfac/services/impl/JSDLGeneratorTest.java Sun May 12 23:38:06 2013
@@ -270,12 +270,8 @@ public class JSDLGeneratorTest {
}
private GSISecurityContext getSecurityContext() {
- GSISecurityContext context = new GSISecurityContext();
- context.setMyproxyLifetime(3600);
- context.setMyproxyServer("myproxy.teragrid.org");
- context.setMyproxyUserName("******");
- context.setMyproxyPasswd("*********");
- context.setTrustedCertLoc("**********");
+ GSISecurityContext context = new GSISecurityContext("myproxy.teragrid.org", "******", "*********", 3600,
+ "**********");
return context;
}
Modified: airavata/trunk/modules/gfac-core/src/test/java/org/apache/airavata/core/gfac/services/impl/ParamChemTest.java
URL: http://svn.apache.org/viewvc/airavata/trunk/modules/gfac-core/src/test/java/org/apache/airavata/core/gfac/services/impl/ParamChemTest.java?rev=1481671&r1=1481670&r2=1481671&view=diff
==============================================================================
--- airavata/trunk/modules/gfac-core/src/test/java/org/apache/airavata/core/gfac/services/impl/ParamChemTest.java (original)
+++ airavata/trunk/modules/gfac-core/src/test/java/org/apache/airavata/core/gfac/services/impl/ParamChemTest.java Sun May 12 23:38:06 2013
@@ -60,12 +60,7 @@ public class ParamChemTest {
public void setUp() throws Exception {
GFacConfiguration gFacConfiguration = new GFacConfiguration(null);
- GSISecurityContext context = new GSISecurityContext();
- context.setMyproxyLifetime(3600);
- context.setMyproxyServer("myproxy.teragrid.org");
- context.setMyproxyUserName("*****");
- context.setMyproxyPasswd("*****");
- context.setTrustedCertLoc("./certificates");
+ GSISecurityContext context = new GSISecurityContext("myproxy.teragrid.org", "*****", "*****", 3600, "./certificates");
//have to set InFlwo Handlers and outFlowHandlers
gFacConfiguration.setInHandlers(Arrays.asList(new GFacHandlerConfig[]{new GFacHandlerConfig(null,"org.apache.airavata.gfac.handler.GramDirectorySetupHandler"), new GFacHandlerConfig(null,"org.apache.airavata.gfac.handler.GridFTPInputHandler")}));
Modified: airavata/trunk/modules/integration-tests/src/test/java/org/apache/airavata/integration/BaseCaseIT.java
URL: http://svn.apache.org/viewvc/airavata/trunk/modules/integration-tests/src/test/java/org/apache/airavata/integration/BaseCaseIT.java?rev=1481671&r1=1481670&r2=1481671&view=diff
==============================================================================
--- airavata/trunk/modules/integration-tests/src/test/java/org/apache/airavata/integration/BaseCaseIT.java (original)
+++ airavata/trunk/modules/integration-tests/src/test/java/org/apache/airavata/integration/BaseCaseIT.java Sun May 12 23:38:06 2013
@@ -391,6 +391,9 @@ public class BaseCaseIT {
String workflowName = workflow.getName();
ExperimentAdvanceOptions options = airavataAPI.getExecutionManager().createExperimentAdvanceOptions(
workflowName, getUserName(), null);
+
+ options.getCustomSecuritySettings().getCredentialStoreSecuritySettings().setTokenId("1234");
+
String experimentId = airavataAPI.getExecutionManager().runExperiment(workflowName, workflowInputs, options);
Assert.assertNotNull(experimentId);
@@ -411,7 +414,6 @@ public class BaseCaseIT {
workflowName, getUserName(), null);
String experimentId = airavataAPI.getExecutionManager().runExperiment(workflowName, workflowInputs, options,
new EventDataListenerAdapter() {
- @Override
public void notify(EventDataRepository eventDataRepo, EventData eventData) {
// do nothing
}
@@ -496,7 +498,6 @@ public class BaseCaseIT {
final Monitor experimentMonitor = airavataAPI.getExecutionManager().getExperimentMonitor(experimentId,
new EventDataListenerAdapter() {
- @Override
public void notify(EventDataRepository eventDataRepo, EventData eventData) {
Assert.assertNotNull(eventDataRepo);
Assert.assertNotNull(eventData);
Modified: airavata/trunk/modules/registry/airavata-jpa-registry/src/main/resources/data-derby.sql
URL: http://svn.apache.org/viewvc/airavata/trunk/modules/registry/airavata-jpa-registry/src/main/resources/data-derby.sql?rev=1481671&r1=1481670&r2=1481671&view=diff
==============================================================================
--- airavata/trunk/modules/registry/airavata-jpa-registry/src/main/resources/data-derby.sql (original)
+++ airavata/trunk/modules/registry/airavata-jpa-registry/src/main/resources/data-derby.sql Sun May 12 23:38:06 2013
@@ -195,27 +195,25 @@ create table Gram_Data
FOREIGN KEY (workflow_instanceID) REFERENCES Workflow_Data(workflow_instanceID) ON DELETE CASCADE
);
+
CREATE TABLE COMMUNITY_USER
(
GATEWAY_NAME VARCHAR(256) NOT NULL,
COMMUNITY_USER_NAME VARCHAR(256) NOT NULL,
+ TOKEN_ID VARCHAR(256) NOT NULL,
COMMUNITY_USER_EMAIL VARCHAR(256) NOT NULL,
- PRIMARY KEY (GATEWAY_NAME, COMMUNITY_USER_NAME)
+ PRIMARY KEY (GATEWAY_NAME, COMMUNITY_USER_NAME, TOKEN_ID)
);
CREATE TABLE CREDENTIALS
(
- GATEWAY_NAME VARCHAR(256) NOT NULL,
- COMMUNITY_USER_NAME VARCHAR(256) NOT NULL,
+ GATEWAY_ID VARCHAR(256) NOT NULL,
+ TOKEN_ID VARCHAR(256) NOT NULL,
CREDENTIAL BLOB NOT NULL,
- PRIVATE_KEY BLOB NOT NULL,
- NOT_BEFORE VARCHAR(256) NOT NULL,
- NOT_AFTER VARCHAR(256) NOT NULL,
- LIFETIME INTEGER NOT NULL,
- REQUESTING_PORTAL_USER_NAME VARCHAR(256) NOT NULL,
- REQUESTED_TIME TIMESTAMP DEFAULT '0000-00-00 00:00:00',
- PRIMARY KEY (GATEWAY_NAME, COMMUNITY_USER_NAME)
+ PORTAL_USER_ID VARCHAR(256) NOT NULL,
+ TIME_PERSISTED TIMESTAMP DEFAULT CURRENT_TIMESTAMP,
+ PRIMARY KEY (GATEWAY_ID, TOKEN_ID)
);
CREATE TABLE Execution_Error
@@ -239,6 +237,3 @@ CREATE TABLE Execution_Error
FOREIGN KEY (experiment_ID) REFERENCES Experiment_Data(experiment_ID) ON DELETE CASCADE
);
-
-
-
Modified: airavata/trunk/modules/registry/airavata-jpa-registry/src/main/resources/data-mysql.sql
URL: http://svn.apache.org/viewvc/airavata/trunk/modules/registry/airavata-jpa-registry/src/main/resources/data-mysql.sql?rev=1481671&r1=1481670&r2=1481671&view=diff
==============================================================================
--- airavata/trunk/modules/registry/airavata-jpa-registry/src/main/resources/data-mysql.sql (original)
+++ airavata/trunk/modules/registry/airavata-jpa-registry/src/main/resources/data-mysql.sql Sun May 12 23:38:06 2013
@@ -193,27 +193,25 @@ create table Gram_Data
FOREIGN KEY (workflow_instanceID) REFERENCES Workflow_Data(workflow_instanceID) ON DELETE CASCADE
);
+
CREATE TABLE COMMUNITY_USER
(
- GATEWAY_NAME VARCHAR(256) NOT NULL,
- COMMUNITY_USER_NAME VARCHAR(256) NOT NULL,
- COMMUNITY_USER_EMAIL VARCHAR(256) NOT NULL,
- PRIMARY KEY (GATEWAY_NAME, COMMUNITY_USER_NAME)
+ GATEWAY_NAME VARCHAR(256) NOT NULL,
+ COMMUNITY_USER_NAME VARCHAR(256) NOT NULL,
+ TOKEN_ID VARCHAR(256) NOT NULL,
+ COMMUNITY_USER_EMAIL VARCHAR(256) NOT NULL,
+ PRIMARY KEY (GATEWAY_NAME, COMMUNITY_USER_NAME, TOKEN_ID)
);
CREATE TABLE CREDENTIALS
(
- GATEWAY_NAME VARCHAR(256) NOT NULL,
- COMMUNITY_USER_NAME VARCHAR(256) NOT NULL,
- CREDENTIAL TEXT NOT NULL,
- PRIVATE_KEY TEXT NOT NULL,
- NOT_BEFORE VARCHAR(256) NOT NULL,
- NOT_AFTER VARCHAR(256) NOT NULL,
- LIFETIME MEDIUMINT NOT NULL,
- REQUESTING_PORTAL_USER_NAME VARCHAR(256) NOT NULL,
- REQUESTED_TIME TIMESTAMP DEFAULT '0000-00-00 00:00:00',
- PRIMARY KEY (GATEWAY_NAME, COMMUNITY_USER_NAME)
+ GATEWAY_ID VARCHAR(256) NOT NULL,
+ TOKEN_ID VARCHAR(256) NOT NULL,
+ CREDENTIAL TEXT NOT NULL,
+ PORTAL_USER_ID VARCHAR(256) NOT NULL,
+ TIME_PERSISTED TIMESTAMP DEFAULT '0000-00-00 00:00:00',
+ PRIMARY KEY (GATEWAY_ID, TOKEN_ID)
);
CREATE TABLE Execution_Error
Modified: airavata/trunk/modules/rest/webapp/src/main/resources/credential-store/client.xml
URL: http://svn.apache.org/viewvc/airavata/trunk/modules/rest/webapp/src/main/resources/credential-store/client.xml?rev=1481671&r1=1481670&r2=1481671&view=diff
==============================================================================
--- airavata/trunk/modules/rest/webapp/src/main/resources/credential-store/client.xml (original)
+++ airavata/trunk/modules/rest/webapp/src/main/resources/credential-store/client.xml Sun May 12 23:38:06 2013
@@ -1,21 +1,9 @@
-<!-- ~ Licensed to the Apache Software Foundation (ASF) under one ~ or more
- contributor license agreements. See the NOTICE file ~ distributed with this
- work for additional information ~ regarding copyright ownership. The ASF
- licenses this file ~ to you under the Apache License, Version 2.0 (the ~
- "License"); you may not use this file except in compliance ~ with the License.
- You may obtain a copy of the License at ~ ~ http://www.apache.org/licenses/LICENSE-2.0
- ~ ~ Unless required by applicable law or agreed to in writing, ~ software
- distributed under the License is distributed on an ~ "AS IS" BASIS, WITHOUT
- WARRANTIES OR CONDITIONS OF ANY ~ KIND, either express or implied. See the
- License for the ~ specific language governing permissions and limitations
- ~ under the License. -->
-
<config>
<client name="sample">
<id>myproxy:oa4mp,2012:/client/24c45c2eb65d93231d02d423e94d0362</id>
<serviceUri>https://portal.xsede.org/oauth</serviceUri>
<!--callbackUri>https://156.56.179.104:8443/client/pages/client-success.jsp</callbackUri-->
- <callbackUri>https://149.160.181.212:8443/airavata-registry/callback</callbackUri>
+ <callbackUri>https://156.56.179.169:8443/airavata-registry/callback</callbackUri>
<lifetime>864000</lifetime>
<!--publicKeyFile>/Users/thejaka/manager-server/webapps/airavata-registry/WEB-INF/classes/credential-store/oauth-pubkey.pem</publicKeyFile-->
<publicKeyFile>../webapps/airavata-registry/WEB-INF/classes/credential-store/oauth-pubkey.pem</publicKeyFile>
Modified: airavata/trunk/modules/rest/webapp/src/main/resources/credential-store/oauth-privkey.pk8
URL: http://svn.apache.org/viewvc/airavata/trunk/modules/rest/webapp/src/main/resources/credential-store/oauth-privkey.pk8?rev=1481671&r1=1481670&r2=1481671&view=diff
==============================================================================
--- airavata/trunk/modules/rest/webapp/src/main/resources/credential-store/oauth-privkey.pk8 (original)
+++ airavata/trunk/modules/rest/webapp/src/main/resources/credential-store/oauth-privkey.pk8 Sun May 12 23:38:06 2013
@@ -1,23 +1,9 @@
-#
-# Licensed to the Apache Software Foundation (ASF) under one
-# or more contributor license agreements. See the NOTICE file
-# distributed with this work for additional information
-# regarding copyright ownership. The ASF licenses this file
-# to you under the Apache License, Version 2.0 (the
-# "License"); you may not use this file except in compliance
-# with the License. You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing,
-# software distributed under the License is distributed on an
-# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
-# KIND, either express or implied. See the License for the
-# specific language governing permissions and limitations
-# under the License.
-#
-
-----BEGIN PRIVATE KEY-----
+MIIEvgIBADANBgkqhkiG9w0BAQEFAASCBKgwggSkAgEAAoIBAQDJAc14swfpUZOb
+T9VFGIgSGfBBnfJXcf/Pa9s6igXQBevRohJ1FdQ9y3kaLDXngVh6/xIKAgfCu10O
+7o2ZNi7K5NS37LDYehw+fzrRlOVHLOkHQ/XVvJfMENPv8emMmAkiFK1WxeITKBC8
+GkrbQGy3k7kfo8om2op7Tc0wAUZOcOrd0VQE5yUeF7ODmg7YwYgILlNSHTrK9rmz
+5WvJRwAnouAWQZxir/+Zzb9ynMK/2AraOWaHHO7V41B/JU55lqLI8DZOrLk5ZAAN
OXEMIFAoeSyRbQMDDJ0QzMjRovuz15IaEMpn83p4q7pAwPK7UkK3yO5bWP15qiM2
daWVJv55AgMBAAECggEAEzcZ5lTvB63lt24tTBqpP1m9bvhjZ1qdgr2jynfRUG6Q
eYzNyOWaUYH3BLp/OK9TvwZNOimxhjsVDU1euevFE15Gu4Jj8X3S32KYQ9rBBEnV
Modified: airavata/trunk/modules/rest/webapp/src/main/resources/credential-store/oauth-pubkey.pem
URL: http://svn.apache.org/viewvc/airavata/trunk/modules/rest/webapp/src/main/resources/credential-store/oauth-pubkey.pem?rev=1481671&r1=1481670&r2=1481671&view=diff
==============================================================================
--- airavata/trunk/modules/rest/webapp/src/main/resources/credential-store/oauth-pubkey.pem (original)
+++ airavata/trunk/modules/rest/webapp/src/main/resources/credential-store/oauth-pubkey.pem Sun May 12 23:38:06 2013
@@ -1,26 +1,9 @@
-#
-# Licensed to the Apache Software Foundation (ASF) under one
-# or more contributor license agreements. See the NOTICE file
-# distributed with this work for additional information
-# regarding copyright ownership. The ASF licenses this file
-# to you under the Apache License, Version 2.0 (the
-# "License"); you may not use this file except in compliance
-# with the License. You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing,
-# software distributed under the License is distributed on an
-# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
-# KIND, either express or implied. See the License for the
-# specific language governing permissions and limitations
-# under the License.
-#
-
-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyQHNeLMH6VGTm0/VRRiI
+EhnwQZ3yV3H/z2vbOooF0AXr0aISdRXUPct5Giw154FYev8SCgIHwrtdDu6NmTYu
yuTUt+yw2HocPn860ZTlRyzpB0P11byXzBDT7/HpjJgJIhStVsXiEygQvBpK20Bs
t5O5H6PKJtqKe03NMAFGTnDq3dFUBOclHhezg5oO2MGICC5TUh06yva5s+VryUcA
+J6LgFkGcYq//mc2/cpzCv9gK2jlmhxzu1eNQfyVOeZaiyPA2Tqy5OWQADTlxDCBQ
KHkskW0DAwydEMzI0aL7s9eSGhDKZ/N6eKu6QMDyu1JCt8juW1j9eaojNnWllSb+
eQIDAQAB
-----END PUBLIC KEY-----
Modified: airavata/trunk/modules/rest/webapp/src/main/webapp/acs/index.jsp
URL: http://svn.apache.org/viewvc/airavata/trunk/modules/rest/webapp/src/main/webapp/acs/index.jsp?rev=1481671&r1=1481670&r2=1481671&view=diff
==============================================================================
--- airavata/trunk/modules/rest/webapp/src/main/webapp/acs/index.jsp (original)
+++ airavata/trunk/modules/rest/webapp/src/main/webapp/acs/index.jsp Sun May 12 23:38:06 2013
@@ -23,9 +23,24 @@
<p>This demonstrates how portal can use Credential Store to obtain community credentials ...</p>
<form name="input" action="../credential-store" method="post">
- Gateway Name : <input type="text" name="gatewayName"><br>
- Portal Username: <input type="text" name="portalUserName"><br>
- Contact Email: <input type="text" name="email">
+ <table border="0">
+ <tr>
+ <td>Gateway Name</td>
+ <td><input type="text" name="gatewayName"></td>
+ </tr>
+ <tr>
+ <td>Portal Username</td>
+ <td><input type="text" name="portalUserName"></td>
+ </tr>
+ <tr>
+ <td>Contact Email</td>
+ <td><input type="text" name="email"></td>
+ </tr>
+ <tr>
+ <td>Associated Token</td>
+ <td><input type="password" name="associatedToken"></td>
+ </tr>
+ </table>
<input type="submit" value="Submit">
</form>
Modified: airavata/trunk/modules/xbaya-gui/src/main/java/org/apache/airavata/xbaya/interpretor/WorkflowInterpretorSkeleton.java
URL: http://svn.apache.org/viewvc/airavata/trunk/modules/xbaya-gui/src/main/java/org/apache/airavata/xbaya/interpretor/WorkflowInterpretorSkeleton.java?rev=1481671&r1=1481670&r2=1481671&view=diff
==============================================================================
--- airavata/trunk/modules/xbaya-gui/src/main/java/org/apache/airavata/xbaya/interpretor/WorkflowInterpretorSkeleton.java (original)
+++ airavata/trunk/modules/xbaya-gui/src/main/java/org/apache/airavata/xbaya/interpretor/WorkflowInterpretorSkeleton.java Sun May 12 23:38:06 2013
@@ -294,7 +294,8 @@ public class WorkflowInterpretorSkeleton
}
private String setupAndLaunch(String workflowAsString, String topic, String gatewayId, String username,
- NameValue[] inputs,Map<String,String>configurations,boolean inNewThread,WorkflowContextHeaderBuilder builder) throws XMLStreamException, MalformedURLException, RepositoryException, RegistryException, AiravataAPIInvocationException {
+ NameValue[] inputs,Map<String,String>configurations,boolean inNewThread,
+ WorkflowContextHeaderBuilder builder) throws XMLStreamException, MalformedURLException, RepositoryException, RegistryException, AiravataAPIInvocationException {
log.debug("Launch is called for topic:"+topic);
Workflow workflow = null;
Modified: airavata/trunk/modules/xbaya-gui/src/main/java/org/apache/airavata/xbaya/invoker/EmbeddedGFacInvoker.java
URL: http://svn.apache.org/viewvc/airavata/trunk/modules/xbaya-gui/src/main/java/org/apache/airavata/xbaya/invoker/EmbeddedGFacInvoker.java?rev=1481671&r1=1481670&r2=1481671&view=diff
==============================================================================
--- airavata/trunk/modules/xbaya-gui/src/main/java/org/apache/airavata/xbaya/invoker/EmbeddedGFacInvoker.java (original)
+++ airavata/trunk/modules/xbaya-gui/src/main/java/org/apache/airavata/xbaya/invoker/EmbeddedGFacInvoker.java Sun May 12 23:38:06 2013
@@ -379,12 +379,18 @@ public class EmbeddedGFacInvoker impleme
private void addSecurityContext(HostDescription registeredHost, Properties configurationProperties,
JobExecutionContext jobExecutionContext) {
if (registeredHost.getType() instanceof GlobusHostType || registeredHost.getType() instanceof UnicoreHostType) {
- GSISecurityContext context = new GSISecurityContext();
- context.setMyproxyLifetime(Integer.parseInt(configurationProperties.getProperty(Constants.MYPROXY_LIFE)));
- context.setMyproxyServer(configurationProperties.getProperty(Constants.MYPROXY_SERVER));
- context.setMyproxyUserName(configurationProperties.getProperty(Constants.MYPROXY_USER));
- context.setMyproxyPasswd(configurationProperties.getProperty(Constants.MYPROXY_PASS));
- context.setTrustedCertLoc(configurationProperties.getProperty(Constants.TRUSTED_CERT_LOCATION));
+
+ String tokenId
+ = jobExecutionContext.getContextHeader().getSecurityContext().
+ getCredentialManagementService().getTokenId();
+ String gatewayUser = jobExecutionContext.getContextHeader().getSecurityContext().
+ getCredentialManagementService().getPortalUser();
+
+ String gatewayId = jobExecutionContext.getGFacConfiguration().getAiravataAPI().getGateway();
+
+ GSISecurityContext context = new GSISecurityContext(configurationProperties, tokenId, gatewayId,
+ gatewayUser);
+
jobExecutionContext.addSecurityContext(GSISecurityContext.GSI_SECURITY_CONTEXT, context);
} else if (registeredHost.getType() instanceof Ec2HostType) {
Modified: airavata/trunk/modules/xbaya-gui/src/main/java/org/apache/airavata/xbaya/ui/experiment/WorkflowInterpreterLaunchWindow.java
URL: http://svn.apache.org/viewvc/airavata/trunk/modules/xbaya-gui/src/main/java/org/apache/airavata/xbaya/ui/experiment/WorkflowInterpreterLaunchWindow.java?rev=1481671&r1=1481670&r2=1481671&view=diff
==============================================================================
--- airavata/trunk/modules/xbaya-gui/src/main/java/org/apache/airavata/xbaya/ui/experiment/WorkflowInterpreterLaunchWindow.java (original)
+++ airavata/trunk/modules/xbaya-gui/src/main/java/org/apache/airavata/xbaya/ui/experiment/WorkflowInterpreterLaunchWindow.java Sun May 12 23:38:06 2013
@@ -319,6 +319,12 @@ public class WorkflowInterpreterLaunchWi
options.getCustomSecuritySettings().getAmazonWSSettings().setSecretAccessKey(AmazonCredential.getInstance().getAwsSecretAccessKey());
}
+ //TODO get the token id from UI
+ // For the moment hard code it
+ // TODO Build UI to get the token id
+ //options.getCustomSecuritySettings().getCredentialStoreSecuritySettings().setTokenId("1234");
+
+
String experimentId = api.getExecutionManager().runExperiment(api.getWorkflowManager().getWorkflowAsString(workflow), workflowInputs,options);
try {
WorkflowInterpreterLaunchWindow.this.engine.getMonitor().getConfiguration().setTopic(experimentId);
Modified: airavata/trunk/pom.xml
URL: http://svn.apache.org/viewvc/airavata/trunk/pom.xml?rev=1481671&r1=1481670&r2=1481671&view=diff
==============================================================================
--- airavata/trunk/pom.xml (original)
+++ airavata/trunk/pom.xml Sun May 12 23:38:06 2013
@@ -346,14 +346,6 @@
<enabled>false</enabled>
</snapshots>
</repository>
- <repository>
- <name>oa4mp.repo</name>
- <id>oa4mp.repo</id>
- <url>http://cilogon.svn.sourceforge.net/viewvc/cilogon/m2-repo/</url>
- <snapshots>
- <enabled>true</enabled>
- </snapshots>
- </repository>
<repository>
<id>m2-snapshot-repository</id>