Ticket #459 (closed task: fixed)

Opened 13 years ago

Last modified 13 years ago

[S] Change MyProxy Python client so that new users can be added from a remote client

Reported by: pjkersha Owned by: pjkersha
Priority: blocker Milestone: PreBeta
Component: security Version:
Keywords: Security, MyProxy Cc:

Description (last modified by pjkersha) (diff)

Currently, the NDG Python MyProxy client interface uses the myproxy-admin-load-credential command to load new credentials into the MyProxy repository. However, this command only works if the client is running on the same machine as the MyProxy host.

The likely configuration for NDG Security would put a MyProxy add user facility and MyProxy server on separate machines.

Therefore, change the client to use the new command available in GT4, myproxy-store. This enables credentials to be transfered over a secure network connection.

Nb. It may also be possible to write a pure python client and so replace the call to myproxy-store. See #446

Also see - #126

Change History

comment:1 Changed 13 years ago by pjkersha

  • Status changed from new to assigned

comment:2 Changed 13 years ago by pjkersha

  • Description modified (diff)

Thanks to Siva for spotting the typo

comment:3 Changed 13 years ago by pjkersha

  • Status changed from assigned to closed
  • Resolution set to fixed
  • Description modified (diff)

Completed !M2Crypto based client to MyProxy. This connects to myproxy-server over SSL and follows the protocol as outlined in:

 http://grid.ncsa.uiuc.edu/myproxy/protocol/

A patch to M2Crypto is required to support exchange of certificates and certificate requests in ASN1 format. TODO: submit to M2Crypto developers.

Note: See TracTickets for help on using tickets.