airavata-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Hasini Gunasinghe <hasi7...@gmail.com>
Subject Re: Airavata User management
Date Mon, 13 Apr 2015 23:23:35 GMT
Hi Dimuthu,

Please find the answers inline.

On Mon, Apr 13, 2015 at 6:37 PM, DImuthu Upeksha <dimuthu.upeksha2@gmail.com
> wrote:

> Hi all,
>
> I have few points to get clarified about user management in Airavata server
>
> 1. When I start the server there is an error log
>
> [ERROR] The Credential Store Server did not start!!!
>
> Where is this credential store? How should I configure it?
>
This has been answered in a previous thread. I am copying below the answer
given by Chathuri in the thread "Resolving the issues in the Airavata
server statup"

*"Credential store thrift service is not starting by default. If you want
to start credential store service, you need to configure it in
airavata-server.properties. You will see below set of properties under
"Credential Store module Configuration" in airavata-server.properties*

*start.credential.store=false*
*credential.store.keystore.url=**/Users/chathuri/dev/airavata/*
*credential-store/oa4mp/**airavata_sym.jks*
*credential.store.keystore.**alias=airavata*
*credential.store.keystore.**password=airavata*
*credential.store.jdbc.url=**jdbc:derby://localhost:1527/*
*experiment_catalog;create=**true;user=airavata;password=**airavata*
*credential.store.jdbc.user=**airavata*
*credential.store.jdbc.**password=airavata*
*credential.store.jdbc.driver=**org.apache.derby.jdbc.**ClientDriver*
*credential.store.server.host=**localhost*
*credential.store.server.port=**8960*
*credentialstore=org.apache.**airavata.credential.store.*
*server.CredentialStoreServer*
*credential.store.thrift.**server.keystore=/Users/**chathuri/dev/airavata/*
*credential-store/oa4mp/**airavata.jks*
*credential.store.thrift.**server.keystore.password=**airavata*

*You need to make start.credential.store as true. You need to generate
symmetric key and specify that path for credential.store.keystore.url.
Credential store thrift service is a secured TLS service.  You need to
generate a keystore file and specify the path and password in the
properties credential.store.thrift.**server.keystore,
credential.store.thrift.*

*server.keystore.password. If you specify all these properties, credential
store will be start as a secured thrift service."*

> What is the usage of this credential store?
>
AFAIU, Credential store is used to store the credentials/tokens that are
used by Airavata to authenticate to different grid servers. This paper is
on Airavata Credential Store:
https://scholarworks.iu.edu/dspace/bitstream/handle/2022/17379/ccgrid_2014_credential_store.pdf?sequence=1


> 2. When I go through Airavata.Client API and client samples I could not
> see that there is a authentication mechanism for users who access it
> (Please correct me if there is a way). If so what is the use of a
> Credentials Store?
>

As mentioned before, credential store stores the tokens for Airavata to
authenticate to grid servers, not the end-user credentials.

>
> 3. How does the user authorisation is done in Airavata?
>

Currently, end users are not authenticated/authorized at the Airavata API.
This https://issues.apache.org/jira/browse/AIRAVATA-1624 proposes a
solution for that.

Thanks,
Hasini.

>
> Thanks
> Dimuthu
>
> --
> Regards
>
> W.Dimuthu Upeksha
> Undergraduate
> Department of Computer Science And Engineering
>
> University of Moratuwa, Sri Lanka
>

Mime
View raw message