You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@airavata.apache.org by Neeraj Lad <nl...@umail.iu.edu> on 2017/10/04 14:56:11 UTC
Re: Running PGA locally on OS X
Hi all,
I was able to run PGA locally, then I changed the Virtual host to point to
a new directory to check out the new commits on PGA.
Now when I try to access localhost:8080, I get the following error:
Forbidden
You don't have permission to access / on this server.
Here is my httpd-pga.conf file
<VirtualHost *:8080>
DocumentRoot /Users/student/git/airavata-php-gateway
<Directory "/Users/student/git/airavata-php-gateway">
DirectoryIndex index.php
AllowOverride All
Require all granted
</Directory>
</VirtualHost>
Any ideas about this?
On Fri, Sep 29, 2017 at 11:59 AM, Neeraj Lad <nl...@umail.iu.edu> wrote:
> That sounds good to me.
>
> On Fri, Sep 29, 2017 at 11:56 AM, Marcus Christie <ma...@iu.edu> wrote:
>
>> Ok, we’ll probably have to debug this in person. I’ll be at the Science
>> Gateways course office hours today.
>>
>> On Sep 29, 2017, at 11:44 AM, Neeraj Lad <nl...@umail.iu.edu> wrote:
>>
>> I do have the server certificate file path in my pga_config, Marcus.
>>
>> On Fri, Sep 29, 2017 at 9:18 AM, Christie, Marcus Aaron <ma...@iu.edu>
>> wrote:
>>
>>> Neeraj,
>>>
>>> Make sure in pga_config.php you have the following
>>>
>>> /**
>>> * Path to the server certificate file
>>> */
>>> 'cafile-path' => app_path() . '/resources/security/incommon_
>>> rsa_server_ca.pem',
>>>
>>> On Sep 28, 2017, at 3:34 PM, Neeraj Lad <nl...@umail.iu.edu> wrote:
>>>
>>> Marcus,
>>>
>>> Thank you for the change.
>>>
>>> Now I can reach the CILogon page from localhost, but after selecting
>>> Indiana University as the Identity provider, I get this error:
>>>
>>> curl_exec() failed. Error: SSL certificate problem: Invalid certificate
>>> chain
>>>
>>> I tried to login in Incognito mode, but the error persists.
>>>
>>>
>>>
>>> On Thu, Sep 28, 2017 at 3:02 PM, Christie, Marcus Aaron <machrist@iu.edu
>>> > wrote:
>>>
>>>> Neeraj,
>>>>
>>>> Try again. This required a change in Keycloak to allow
>>>> http://localhost:8080 and http://localhost:8080/callback-url as
>>>> redirect URLs for the dev testdrive realm.
>>>>
>>>> On Sep 28, 2017, at 1:01 PM, Neeraj Lad <nl...@umail.iu.edu> wrote:
>>>>
>>>> Marcus,
>>>>
>>>> Changing the oauth-callback-url gives me the Keycloak error 'Invalid
>>>> parameter: redirect_uri'. It tried using https, 127.0.0.1 but both did not
>>>> work. A Stack Overflow question mentions that Keycloak admin console needs
>>>> to be configured. Here is the question:
>>>> https://stackoverflow.com/questions/45352880/keycloak-invali
>>>> d-parameter-redirect-uri
>>>>
>>>>
>>>> There are three of files apart from pga_config which make use of the
>>>> variable oauth-callback-url.
>>>>
>>>> 1. /app/config/pga_config.php.template: This sets the url to '
>>>> https://dev.seagrid.org/callback-url'. I guess this file is not
>>>> relevant here.
>>>>
>>>> 2. /app/libraries/Keycloak/KeycloakServiceProvider.php: This uses
>>>> Config::get('pga_config.wsis') to create a variable 'identityServerConfig'
>>>> which has the oauth-callback-url as a field. The file 'pga_config.wsis' is
>>>> not on the codebase. Config is related to Laravel. I am not sure how Config
>>>> returns back 'identityServerConfig'. Am I right in guessing that you are
>>>> extracting the pga_config.wsis from some server?
>>>>
>>>> 3. /app/libraries/Wsis/Wsis.php: This again makes use of
>>>> Config::get('pga_config.wsis')
>>>>
>>>>
>>>> Do you think there is a need to change some configuration on Keycloak.
>>>> If yes, how can I do it?
>>>>
>>>>
>>>>
>>>>
>>>> On Thu, Sep 28, 2017 at 9:15 AM, Christie, Marcus Aaron <
>>>> machrist@iu.edu> wrote:
>>>>
>>>>>
>>>>> On Sep 28, 2017, at 8:24 AM, Neeraj Lad <nl...@umail.iu.edu> wrote:
>>>>>
>>>>> Hi all,
>>>>>
>>>>> I've followed the instructions to install all the dependencies for the
>>>>> PGA. Now I need to run it locally.
>>>>>
>>>>> I got the pga_config file from Eroma, but using it and logging in with
>>>>> CILogon takes me to the dev.testdrive.airavata.org, instead of the
>>>>> version at localhost:8080. How can I avoid this?
>>>>>
>>>>>
>>>>> Neeraj,
>>>>>
>>>>> change oauth-callback-url in pga_config.php to have the value ‘
>>>>> http://localhost:8080/callback-url'
>>>>>
>>>>>
>>>>> As another option, I know there are instructions to set PGA on CentOS
>>>>> using Ansible. But are there any similar instructions for OS X?
>>>>>
>>>>>
>>>>> No. Closest thing would be to run VirtualBox on OS X and use Ansible
>>>>> to install PGA on the VirtualBox VM. Eric Coulter did a POC of this:
>>>>> https://github.com/ECoulter/airavata/tree/develop/dev-
>>>>> tools/ansible/inventories/local-vbox.
>>>>>
>>>>>
>>>>
>>>>
>>>
>>>
>>
>>
>
Re: Running PGA locally on OS X
Posted by "Pierce, Marlon" <ma...@iu.edu>.
Check permissions and make sure you know who the user is. You can always (ahem) chmod -R 777 to see if this solves the issue.
Marlon
From: Neeraj Lad <nl...@umail.iu.edu>
Reply-To: "dev@airavata.apache.org" <de...@airavata.apache.org>
Date: Wednesday, October 4, 2017 at 10:56 AM
To: "dev@airavata.apache.org" <de...@airavata.apache.org>
Subject: Re: Running PGA locally on OS X
Hi all,
I was able to run PGA locally, then I changed the Virtual host to point to a new directory to check out the new commits on PGA.
Now when I try to access localhost:8080, I get the following error:
Forbidden
You don't have permission to access / on this server.
Here is my httpd-pga.conf file
<VirtualHost *:8080>
DocumentRoot /Users/student/git/airavata-php-gateway
<Directory "/Users/student/git/airavata-php-gateway">
DirectoryIndex index.php
AllowOverride All
Require all granted
</Directory>
</VirtualHost>
Any ideas about this?
On Fri, Sep 29, 2017 at 11:59 AM, Neeraj Lad <nl...@umail.iu.edu> wrote:
That sounds good to me.
On Fri, Sep 29, 2017 at 11:56 AM, Marcus Christie <ma...@iu.edu> wrote:
Ok, we’ll probably have to debug this in person. I’ll be at the Science Gateways course office hours today.
On Sep 29, 2017, at 11:44 AM, Neeraj Lad <nl...@umail.iu.edu> wrote:
I do have the server certificate file path in my pga_config, Marcus.
On Fri, Sep 29, 2017 at 9:18 AM, Christie, Marcus Aaron <ma...@iu.edu> wrote:
Neeraj,
Make sure in pga_config.php you have the following
/**
* Path to the server certificate file
*/
'cafile-path' => app_path() . '/resources/security/incommon_rsa_server_ca.pem',
On Sep 28, 2017, at 3:34 PM, Neeraj Lad <nl...@umail.iu.edu> wrote:
Marcus,
Thank you for the change.
Now I can reach the CILogon page from localhost, but after selecting Indiana University as the Identity provider, I get this error:
curl_exec() failed. Error: SSL certificate problem: Invalid certificate chain
I tried to login in Incognito mode, but the error persists.
On Thu, Sep 28, 2017 at 3:02 PM, Christie, Marcus Aaron <ma...@iu.edu> wrote:
Neeraj,
Try again. This required a change in Keycloak to allow http://localhost:8080 and http://localhost:8080/callback-url as redirect URLs for the dev testdrive realm.
On Sep 28, 2017, at 1:01 PM, Neeraj Lad <nl...@umail.iu.edu> wrote:
Marcus,
Changing the oauth-callback-url gives me the Keycloak error 'Invalid parameter: redirect_uri'. It tried using https, 127.0.0.1 but both did not work. A Stack Overflow question mentions that Keycloak admin console needs to be configured. Here is the question:
https://stackoverflow.com/questions/45352880/keycloak-invalid-parameter-redirect-uri
There are three of files apart from pga_config which make use of the variable oauth-callback-url.
1. /app/config/pga_config.php.template: This sets the url to 'https://dev.seagrid.org/callback-url'. I guess this file is not relevant here.
2. /app/libraries/Keycloak/KeycloakServiceProvider.php: This uses Config::get('pga_config.wsis') to create a variable 'identityServerConfig' which has the oauth-callback-url as a field. The file 'pga_config.wsis' is not on the codebase. Config is related to Laravel. I am not sure how Config returns back 'identityServerConfig'. Am I right in guessing that you are extracting the pga_config.wsis from some server?
3. /app/libraries/Wsis/Wsis.php: This again makes use of Config::get('pga_config.wsis')
Do you think there is a need to change some configuration on Keycloak. If yes, how can I do it?
On Thu, Sep 28, 2017 at 9:15 AM, Christie, Marcus Aaron <ma...@iu.edu> wrote:
On Sep 28, 2017, at 8:24 AM, Neeraj Lad <nl...@umail.iu.edu> wrote:
Hi all,
I've followed the instructions to install all the dependencies for the PGA. Now I need to run it locally.
I got the pga_config file from Eroma, but using it and logging in with CILogon takes me to the dev.testdrive.airavata.org, instead of the version at localhost:8080. How can I avoid this?
Neeraj,
change oauth-callback-url in pga_config.php to have the value ‘http://localhost:8080/callback-url'
As another option, I know there are instructions to set PGA on CentOS using Ansible. But are there any similar instructions for OS X?
No. Closest thing would be to run VirtualBox on OS X and use Ansible to install PGA on the VirtualBox VM. Eric Coulter did a POC of this: https://github.com/ECoulter/airavata/tree/develop/dev-tools/ansible/inventories/local-vbox.
Re: Running PGA locally on OS X
Posted by Neeraj Lad <nl...@umail.iu.edu>.
Thanks for the catch Marcus, that was was the problem.
On Wed, Oct 4, 2017 at 1:00 PM, Christie, Marcus Aaron <ma...@iu.edu>
wrote:
> Neeraj,
>
> The DocumentRoute and Directory should be the public directory. Set them
> to /Users/student/git/airavata-php-gateway/public/. See earlier email [1].
>
> [1] http://mail-archives.apache.org/mod_mbox/airavata-dev/201709.mbox/%
> 3CCAJ4Ojz6o2RDEafovC7DB0L%2BjBfFqyMWGHSdpm1okKU6eX891Yg%
> 40mail.gmail.com%3E
> <http://mail-archives.apache.org/mod_mbox/airavata-dev/201709.mbox/%3CCAJ4Ojz6o2RDEafovC7DB0L+jBfFqyMWGHSdpm1okKU6eX891Yg@mail.gmail.com%3E>
>
>
>
> On Oct 4, 2017, at 10:56 AM, Neeraj Lad <nl...@umail.iu.edu> wrote:
>
> Hi all,
>
> I was able to run PGA locally, then I changed the Virtual host to point to
> a new directory to check out the new commits on PGA.
>
> Now when I try to access localhost:8080, I get the following error:
>
> Forbidden
>
> You don't have permission to access / on this server.
>
> Here is my httpd-pga.conf file
>
> <VirtualHost *:8080>
> DocumentRoot /Users/student/git/airavata-php-gateway
> <Directory "/Users/student/git/airavata-php-gateway">
> DirectoryIndex index.php
> AllowOverride All
> Require all granted
> </Directory>
> </VirtualHost>
>
> Any ideas about this?
>
> On Fri, Sep 29, 2017 at 11:59 AM, Neeraj Lad <nl...@umail.iu.edu> wrote:
>
>> That sounds good to me.
>>
>> On Fri, Sep 29, 2017 at 11:56 AM, Marcus Christie <ma...@iu.edu>
>> wrote:
>>
>>> Ok, we’ll probably have to debug this in person. I’ll be at the Science
>>> Gateways course office hours today.
>>>
>>> On Sep 29, 2017, at 11:44 AM, Neeraj Lad <nl...@umail.iu.edu> wrote:
>>>
>>> I do have the server certificate file path in my pga_config, Marcus.
>>>
>>> On Fri, Sep 29, 2017 at 9:18 AM, Christie, Marcus Aaron <machrist@iu.edu
>>> > wrote:
>>>
>>>> Neeraj,
>>>>
>>>> Make sure in pga_config.php you have the following
>>>>
>>>> /**
>>>> * Path to the server certificate file
>>>> */
>>>> 'cafile-path' => app_path() . '/resources/security/incommon_
>>>> rsa_server_ca.pem',
>>>>
>>>> On Sep 28, 2017, at 3:34 PM, Neeraj Lad <nl...@umail.iu.edu> wrote:
>>>>
>>>> Marcus,
>>>>
>>>> Thank you for the change.
>>>>
>>>> Now I can reach the CILogon page from localhost, but after selecting
>>>> Indiana University as the Identity provider, I get this error:
>>>>
>>>> curl_exec() failed. Error: SSL certificate problem: Invalid certificate
>>>> chain
>>>>
>>>> I tried to login in Incognito mode, but the error persists.
>>>>
>>>>
>>>>
>>>> On Thu, Sep 28, 2017 at 3:02 PM, Christie, Marcus Aaron <
>>>> machrist@iu.edu> wrote:
>>>>
>>>>> Neeraj,
>>>>>
>>>>> Try again. This required a change in Keycloak to allow
>>>>> http://localhost:8080 and http://localhost:8080/callback-url as
>>>>> redirect URLs for the dev testdrive realm.
>>>>>
>>>>> On Sep 28, 2017, at 1:01 PM, Neeraj Lad <nl...@umail.iu.edu> wrote:
>>>>>
>>>>> Marcus,
>>>>>
>>>>> Changing the oauth-callback-url gives me the Keycloak error 'Invalid
>>>>> parameter: redirect_uri'. It tried using https, 127.0.0.1 but both did not
>>>>> work. A Stack Overflow question mentions that Keycloak admin console needs
>>>>> to be configured. Here is the question:
>>>>> https://stackoverflow.com/questions/45352880/keycloak-invali
>>>>> d-parameter-redirect-uri
>>>>>
>>>>>
>>>>> There are three of files apart from pga_config which make use of the
>>>>> variable oauth-callback-url.
>>>>>
>>>>> 1. /app/config/pga_config.php.template: This sets the url to '
>>>>> https://dev.seagrid.org/callback-url'. I guess this file is not
>>>>> relevant here.
>>>>>
>>>>> 2. /app/libraries/Keycloak/KeycloakServiceProvider.php: This uses
>>>>> Config::get('pga_config.wsis') to create a variable 'identityServerConfig'
>>>>> which has the oauth-callback-url as a field. The file 'pga_config.wsis' is
>>>>> not on the codebase. Config is related to Laravel. I am not sure how Config
>>>>> returns back 'identityServerConfig'. Am I right in guessing that you are
>>>>> extracting the pga_config.wsis from some server?
>>>>>
>>>>> 3. /app/libraries/Wsis/Wsis.php: This again makes use of
>>>>> Config::get('pga_config.wsis')
>>>>>
>>>>>
>>>>> Do you think there is a need to change some configuration on Keycloak.
>>>>> If yes, how can I do it?
>>>>>
>>>>>
>>>>>
>>>>>
>>>>> On Thu, Sep 28, 2017 at 9:15 AM, Christie, Marcus Aaron <
>>>>> machrist@iu.edu> wrote:
>>>>>
>>>>>>
>>>>>> On Sep 28, 2017, at 8:24 AM, Neeraj Lad <nl...@umail.iu.edu> wrote:
>>>>>>
>>>>>> Hi all,
>>>>>>
>>>>>> I've followed the instructions to install all the dependencies for
>>>>>> the PGA. Now I need to run it locally.
>>>>>>
>>>>>> I got the pga_config file from Eroma, but using it and logging in
>>>>>> with CILogon takes me to the dev.testdrive.airavata.org, instead of
>>>>>> the version at localhost:8080. How can I avoid this?
>>>>>>
>>>>>>
>>>>>> Neeraj,
>>>>>>
>>>>>> change oauth-callback-url in pga_config.php to have the value ‘
>>>>>> http://localhost:8080/callback-url'
>>>>>>
>>>>>>
>>>>>> As another option, I know there are instructions to set PGA on CentOS
>>>>>> using Ansible. But are there any similar instructions for OS X?
>>>>>>
>>>>>>
>>>>>> No. Closest thing would be to run VirtualBox on OS X and use Ansible
>>>>>> to install PGA on the VirtualBox VM. Eric Coulter did a POC of this:
>>>>>> https://github.com/ECoulter/airavata/tree/develop/dev-
>>>>>> tools/ansible/inventories/local-vbox.
>>>>>>
>>>>>>
>>>>>
>>>>>
>>>>
>>>>
>>>
>>>
>>
>
>
Re: Running PGA locally on OS X
Posted by "Christie, Marcus Aaron" <ma...@iu.edu>.
Neeraj,
The DocumentRoute and Directory should be the public directory. Set them to /Users/student/git/airavata-php-gateway/public/. See earlier email [1].
[1] http://mail-archives.apache.org/mod_mbox/airavata-dev/201709.mbox/%3CCAJ4Ojz6o2RDEafovC7DB0L%2BjBfFqyMWGHSdpm1okKU6eX891Yg%40mail.gmail.com%3E<ht...@mail.gmail.com>>
On Oct 4, 2017, at 10:56 AM, Neeraj Lad <nl...@umail.iu.edu>> wrote:
Hi all,
I was able to run PGA locally, then I changed the Virtual host to point to a new directory to check out the new commits on PGA.
Now when I try to access localhost:8080, I get the following error:
Forbidden
You don't have permission to access / on this server.
Here is my httpd-pga.conf file
<VirtualHost *:8080>
DocumentRoot /Users/student/git/airavata-php-gateway
<Directory "/Users/student/git/airavata-php-gateway">
DirectoryIndex index.php
AllowOverride All
Require all granted
</Directory>
</VirtualHost>
Any ideas about this?
On Fri, Sep 29, 2017 at 11:59 AM, Neeraj Lad <nl...@umail.iu.edu>> wrote:
That sounds good to me.
On Fri, Sep 29, 2017 at 11:56 AM, Marcus Christie <ma...@iu.edu>> wrote:
Ok, we’ll probably have to debug this in person. I’ll be at the Science Gateways course office hours today.
On Sep 29, 2017, at 11:44 AM, Neeraj Lad <nl...@umail.iu.edu>> wrote:
I do have the server certificate file path in my pga_config, Marcus.
On Fri, Sep 29, 2017 at 9:18 AM, Christie, Marcus Aaron <ma...@iu.edu>> wrote:
Neeraj,
Make sure in pga_config.php you have the following
/**
* Path to the server certificate file
*/
'cafile-path' => app_path() . '/resources/security/incommon_rsa_server_ca.pem',
On Sep 28, 2017, at 3:34 PM, Neeraj Lad <nl...@umail.iu.edu>> wrote:
Marcus,
Thank you for the change.
Now I can reach the CILogon page from localhost, but after selecting Indiana University as the Identity provider, I get this error:
curl_exec() failed. Error: SSL certificate problem: Invalid certificate chain
I tried to login in Incognito mode, but the error persists.
On Thu, Sep 28, 2017 at 3:02 PM, Christie, Marcus Aaron <ma...@iu.edu>> wrote:
Neeraj,
Try again. This required a change in Keycloak to allow http://localhost:8080<http://localhost:8080/> and http://localhost:8080/callback-url as redirect URLs for the dev testdrive realm.
On Sep 28, 2017, at 1:01 PM, Neeraj Lad <nl...@umail.iu.edu>> wrote:
Marcus,
Changing the oauth-callback-url gives me the Keycloak error 'Invalid parameter: redirect_uri'. It tried using https, 127.0.0.1 but both did not work. A Stack Overflow question mentions that Keycloak admin console needs to be configured. Here is the question:
https://stackoverflow.com/questions/45352880/keycloak-invalid-parameter-redirect-uri
There are three of files apart from pga_config which make use of the variable oauth-callback-url.
1. /app/config/pga_config.php.template: This sets the url to 'https://dev.seagrid.org/callback-url'. I guess this file is not relevant here.
2. /app/libraries/Keycloak/KeycloakServiceProvider.php: This uses Config::get('pga_config.wsis') to create a variable 'identityServerConfig' which has the oauth-callback-url as a field. The file 'pga_config.wsis' is not on the codebase. Config is related to Laravel. I am not sure how Config returns back 'identityServerConfig'. Am I right in guessing that you are extracting the pga_config.wsis from some server?
3. /app/libraries/Wsis/Wsis.php: This again makes use of Config::get('pga_config.wsis')
Do you think there is a need to change some configuration on Keycloak. If yes, how can I do it?
On Thu, Sep 28, 2017 at 9:15 AM, Christie, Marcus Aaron <ma...@iu.edu>> wrote:
On Sep 28, 2017, at 8:24 AM, Neeraj Lad <nl...@umail.iu.edu>> wrote:
Hi all,
I've followed the instructions to install all the dependencies for the PGA. Now I need to run it locally.
I got the pga_config file from Eroma, but using it and logging in with CILogon takes me to the dev.testdrive.airavata.org<http://dev.testdrive.airavata.org/>, instead of the version at localhost:8080. How can I avoid this?
Neeraj,
change oauth-callback-url in pga_config.php to have the value ‘http://localhost:8080/callback-url'
As another option, I know there are instructions to set PGA on CentOS using Ansible. But are there any similar instructions for OS X?
No. Closest thing would be to run VirtualBox on OS X and use Ansible to install PGA on the VirtualBox VM. Eric Coulter did a POC of this: https://github.com/ECoulter/airavata/tree/develop/dev-tools/ansible/inventories/local-vbox.