Return-Path: X-Original-To: apmail-incubator-airavata-commits-archive@minotaur.apache.org Delivered-To: apmail-incubator-airavata-commits-archive@minotaur.apache.org Received: from mail.apache.org (hermes.apache.org [140.211.11.3]) by minotaur.apache.org (Postfix) with SMTP id 08E8B8C77 for ; Fri, 26 Aug 2011 20:29:56 +0000 (UTC) Received: (qmail 43444 invoked by uid 500); 26 Aug 2011 20:29:56 -0000 Delivered-To: apmail-incubator-airavata-commits-archive@incubator.apache.org Received: (qmail 43395 invoked by uid 500); 26 Aug 2011 20:29:55 -0000 Mailing-List: contact airavata-commits-help@incubator.apache.org; run by ezmlm Precedence: bulk List-Help: List-Unsubscribe: List-Post: List-Id: Reply-To: airavata-dev@incubator.apache.org Delivered-To: mailing list airavata-commits@incubator.apache.org Received: (qmail 43387 invoked by uid 99); 26 Aug 2011 20:29:55 -0000 Received: from nike.apache.org (HELO nike.apache.org) (192.87.106.230) by apache.org (qpsmtpd/0.29) with ESMTP; Fri, 26 Aug 2011 20:29:55 +0000 X-ASF-Spam-Status: No, hits=-2000.0 required=5.0 tests=ALL_TRUSTED X-Spam-Check-By: apache.org Received: from [140.211.11.4] (HELO eris.apache.org) (140.211.11.4) by apache.org (qpsmtpd/0.29) with ESMTP; Fri, 26 Aug 2011 20:29:51 +0000 Received: from eris.apache.org (localhost [127.0.0.1]) by eris.apache.org (Postfix) with ESMTP id C3BE72388847; Fri, 26 Aug 2011 20:29:29 +0000 (UTC) Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit Subject: svn commit: r1162238 - in /incubator/airavata/trunk/modules/gfac-core/src/main/java: META-INF/ org/apache/airavata/core/gfac/context/impl/ org/apache/airavata/core/gfac/provider/ org/apache/airavata/core/gfac/services/impl/ Date: Fri, 26 Aug 2011 20:29:29 -0000 To: airavata-commits@incubator.apache.org From: patanachai@apache.org X-Mailer: svnmailer-1.0.8 Message-Id: <20110826202929.C3BE72388847@eris.apache.org> X-Virus-Checked: Checked by ClamAV on apache.org Author: patanachai Date: Fri Aug 26 20:29:29 2011 New Revision: 1162238 URL: http://svn.apache.org/viewvc?rev=1162238&view=rev Log: Add properties for MyProxy and SSH providers Added: incubator/airavata/trunk/modules/gfac-core/src/main/java/META-INF/ incubator/airavata/trunk/modules/gfac-core/src/main/java/org/apache/airavata/core/gfac/context/impl/SSHSecurityContextImpl.java Modified: incubator/airavata/trunk/modules/gfac-core/src/main/java/org/apache/airavata/core/gfac/provider/SSHProvider.java incubator/airavata/trunk/modules/gfac-core/src/main/java/org/apache/airavata/core/gfac/services/impl/PropertiesBasedServiceImpl.java Added: incubator/airavata/trunk/modules/gfac-core/src/main/java/org/apache/airavata/core/gfac/context/impl/SSHSecurityContextImpl.java URL: http://svn.apache.org/viewvc/incubator/airavata/trunk/modules/gfac-core/src/main/java/org/apache/airavata/core/gfac/context/impl/SSHSecurityContextImpl.java?rev=1162238&view=auto ============================================================================== --- incubator/airavata/trunk/modules/gfac-core/src/main/java/org/apache/airavata/core/gfac/context/impl/SSHSecurityContextImpl.java (added) +++ incubator/airavata/trunk/modules/gfac-core/src/main/java/org/apache/airavata/core/gfac/context/impl/SSHSecurityContextImpl.java Fri Aug 26 20:29:29 2011 @@ -0,0 +1,52 @@ +/* + * + * Licensed to the Apache Software Foundation (ASF) under one + * or more contributor license agreements. See the NOTICE file + * distributed with this work for additional information + * regarding copyright ownership. The ASF licenses this file + * to you under the Apache License, Version 2.0 (the + * "License"); you may not use this file except in compliance + * with the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY + * KIND, either express or implied. See the License for the + * specific language governing permissions and limitations + * under the License. + * + */ + +package org.apache.airavata.core.gfac.context.impl; + +import org.apache.airavata.core.gfac.context.SecurityContext; + +public class SSHSecurityContextImpl implements SecurityContext { + + private String username; + private String privateKeyLoc; + private String keyPass; + + public String getUsername() { + return username; + } + public void setUsername(String username) { + this.username = username; + } + public String getPrivateKeyLoc() { + return privateKeyLoc; + } + public void setPrivateKeyLoc(String privateKeyLoc) { + this.privateKeyLoc = privateKeyLoc; + } + public String getKeyPass() { + return keyPass; + } + public void setKeyPass(String keyPass) { + this.keyPass = keyPass; + } + + +} Modified: incubator/airavata/trunk/modules/gfac-core/src/main/java/org/apache/airavata/core/gfac/provider/SSHProvider.java URL: http://svn.apache.org/viewvc/incubator/airavata/trunk/modules/gfac-core/src/main/java/org/apache/airavata/core/gfac/provider/SSHProvider.java?rev=1162238&r1=1162237&r2=1162238&view=diff ============================================================================== --- incubator/airavata/trunk/modules/gfac-core/src/main/java/org/apache/airavata/core/gfac/provider/SSHProvider.java (original) +++ incubator/airavata/trunk/modules/gfac-core/src/main/java/org/apache/airavata/core/gfac/provider/SSHProvider.java Fri Aug 26 20:29:29 2011 @@ -22,6 +22,7 @@ package org.apache.airavata.core.gfac.provider; import java.io.File; +import java.io.IOException; import java.util.ArrayList; import java.util.Iterator; import java.util.List; @@ -33,9 +34,11 @@ import javax.xml.namespace.QName; import net.schmizz.sshj.SSHClient; import net.schmizz.sshj.connection.channel.direct.Session; import net.schmizz.sshj.connection.channel.direct.Session.Command; +import net.schmizz.sshj.userauth.keyprovider.KeyProvider; import net.schmizz.sshj.xfer.scp.SCPFileTransfer; import org.apache.airavata.core.gfac.context.InvocationContext; +import org.apache.airavata.core.gfac.context.impl.SSHSecurityContextImpl; import org.apache.airavata.core.gfac.exception.GfacException; import org.apache.airavata.core.gfac.notification.NotificationService; import org.apache.airavata.core.gfac.type.HostDescription; @@ -49,6 +52,7 @@ import edu.indiana.extreme.lead.workflow public class SSHProvider extends AbstractProvider { private static final String SPACE = " "; + private static final String SSH_SECURITY_CONTEXT = "ssh"; private String buildCommand(List cmdList) { StringBuffer buff = new StringBuffer(); @@ -58,18 +62,34 @@ public class SSHProvider extends Abstrac } return buff.toString(); } + + private void initSSHSecurity(InvocationContext context, SSHClient ssh) throws GfacException, IOException{ + try { + SSHSecurityContextImpl sshContext = ((SSHSecurityContextImpl) context.getSecurityContext(SSH_SECURITY_CONTEXT)); + + KeyProvider pkey = ssh.loadKeys(sshContext.getPrivateKeyLoc(), sshContext.getKeyPass()); + + ssh.loadKnownHosts(); + ssh.authPublickey(sshContext.getUsername(), pkey); + + } catch (NullPointerException ne) { + throw new GfacException("Cannot load security context for SSH", ne); + } catch (IOException e){ + throw e; + } + + } public void initialize(InvocationContext context) throws GfacException { HostDescription host = context.getGfacContext().getHost(); - ShellApplicationDeployment app = (ShellApplicationDeployment)context.getGfacContext().getApp(); + ShellApplicationDeployment app = (ShellApplicationDeployment) context.getGfacContext().getApp(); SSHClient ssh = new SSHClient(); try { - ssh.loadKnownHosts(); + + initSSHSecurity(context, ssh); ssh.connect(host.getName()); - // TODO how to authenticate with system - ssh.authPublickey(System.getProperty("user.name")); final Session session = ssh.startSession(); try { StringBuilder command = new StringBuilder(); @@ -103,10 +123,10 @@ public class SSHProvider extends Abstrac } } } - + public void execute(InvocationContext context) throws GfacException { HostDescription host = context.getGfacContext().getHost(); - ShellApplicationDeployment app = (ShellApplicationDeployment)context.getGfacContext().getApp(); + ShellApplicationDeployment app = (ShellApplicationDeployment) context.getGfacContext().getApp(); // input parameter ArrayList tmp = new ArrayList(); @@ -114,7 +134,7 @@ public class SSHProvider extends Abstrac String key = iterator.next(); tmp.add(context.getMessageContext("input").getStringParameterValue(key)); } - + List cmdList = new ArrayList(); SSHClient ssh = new SSHClient(); @@ -154,15 +174,8 @@ public class SSHProvider extends Abstrac // notify start DurationObj compObj = notifier.computationStarted(); - /* - * Create ssh connection - */ - ssh.loadKnownHosts(); + initSSHSecurity(context, ssh); ssh.connect(host.getName()); - - // TODO how to authenticate with system - ssh.authPublickey(System.getProperty("user.name")); - final Session session = ssh.startSession(); try { /* @@ -190,8 +203,9 @@ public class SSHProvider extends Abstrac notifier.computationFinished(compObj); /* - * check return value. usually not very helpful to draw conclusions based on return values so don't - * bother. just provide warning in the log messages + * check return value. usually not very helpful to draw + * conclusions based on return values so don't bother. just + * provide warning in the log messages */ if (cmd.getExitStatus() != 0) { log.error("Process finished with non zero return value. Process may have failed"); Modified: incubator/airavata/trunk/modules/gfac-core/src/main/java/org/apache/airavata/core/gfac/services/impl/PropertiesBasedServiceImpl.java URL: http://svn.apache.org/viewvc/incubator/airavata/trunk/modules/gfac-core/src/main/java/org/apache/airavata/core/gfac/services/impl/PropertiesBasedServiceImpl.java?rev=1162238&r1=1162237&r2=1162238&view=diff ============================================================================== --- incubator/airavata/trunk/modules/gfac-core/src/main/java/org/apache/airavata/core/gfac/services/impl/PropertiesBasedServiceImpl.java (original) +++ incubator/airavata/trunk/modules/gfac-core/src/main/java/org/apache/airavata/core/gfac/services/impl/PropertiesBasedServiceImpl.java Fri Aug 26 20:29:29 2011 @@ -31,6 +31,8 @@ import java.util.Properties; import org.apache.airavata.core.gfac.api.Registry; import org.apache.airavata.core.gfac.api.impl.JCRRegistry; import org.apache.airavata.core.gfac.context.InvocationContext; +import org.apache.airavata.core.gfac.context.impl.GSISecurityContext; +import org.apache.airavata.core.gfac.context.impl.SSHSecurityContextImpl; import org.apache.airavata.core.gfac.exception.GfacException; import org.apache.airavata.core.gfac.exception.GfacException.FaultCode; import org.apache.airavata.core.gfac.extension.DataServiceChain; @@ -58,6 +60,12 @@ public class PropertiesBasedServiceImpl private static final String FILENAME = "service.properties"; /* + * context name + */ + public static final String MYPROXY_SECURITY_CONTEXT = "myproxy"; + public static final String SSH_SECURITY_CONTEXT = "ssh"; + + /* * Scheduler and chains */ public static final String SCHEDULER_CLASS = "scheduler.class"; @@ -72,6 +80,21 @@ public class PropertiesBasedServiceImpl public static final String JCR_USER = "jcr.user"; public static final String JCR_PASS = "jcr.pass"; + /* + * SSH properties + */ + public static final String SSH_PRIVATE_KEY = "ssh.key"; + public static final String SSH_PRIVATE_KEY_PASS = "ssh.keypass"; + public static final String SSH_USER_NAME = "ssh.username"; + + /* + * My proxy properties + */ + public static final String MYPROXY_SERVER = "myproxy.server"; + public static final String MYPROXY_USER = "myproxy.user"; + public static final String MYPROXY_PASS = "myproxy.pass"; + public static final String MYPROXY_LIFE = "myproxy.life"; + private Properties properties; private Scheduler scheduler; private PreExecuteChain[] preChain; @@ -138,11 +161,50 @@ public class PropertiesBasedServiceImpl @Override public void preProcess(InvocationContext context) throws GfacException { + /* + * Check Gram header + */ + if (context.getSecurityContext(MYPROXY_SECURITY_CONTEXT) == null) { + String proxyServer = loadFromProperty(MYPROXY_SERVER, false); + String proxyUser = loadFromProperty(MYPROXY_USER, false); + String proxyPass = loadFromProperty(MYPROXY_PASS, false); + String proxyTime = loadFromProperty(MYPROXY_LIFE, false); + if (proxyServer != null && proxyUser != null && proxyPass != null) { + GSISecurityContext gsi = new GSISecurityContext(); + gsi.setMyproxyServer(proxyServer); + gsi.setMyproxyUserName(proxyUser); + gsi.setMyproxyPasswd(proxyPass); + if (proxyTime != null) { + gsi.setMyproxyLifetime(Integer.parseInt(proxyTime)); + } + context.addSecurityContext(MYPROXY_SECURITY_CONTEXT, gsi); + } + } + + /* + * Check SSH properties + */ + if (context.getSecurityContext(SSH_SECURITY_CONTEXT) == null) { + String key = loadFromProperty(SSH_PRIVATE_KEY, false); + String pass = loadFromProperty(SSH_PRIVATE_KEY_PASS, false); + String user = loadFromProperty(SSH_USER_NAME, false); + if (key != null && user != null) { + SSHSecurityContextImpl ssh = new SSHSecurityContextImpl(); + ssh.setKeyPass(pass); + ssh.setPrivateKeyLoc(key); + ssh.setUsername(user); + context.addSecurityContext(SSH_SECURITY_CONTEXT, ssh); + } + } + + /* + * Check registry + */ if (context.getExecutionContext() == null || context.getExecutionContext().getRegistryService() == null) { if (this.registryService == null) { log.info("try to create default registry service (JCR Implementation)"); - + // JCR String jcrClass = loadFromProperty(JCR_CLASS, true); String userName = loadFromProperty(JCR_USER, false); @@ -153,22 +215,33 @@ public class PropertiesBasedServiceImpl */ Map map = new HashMap((Map) this.properties); map.remove(JCR_CLASS); + map.remove(JCR_USER); + map.remove(JCR_PASS); + map.remove(SCHEDULER_CLASS); map.remove(DATA_CHAIN_CLASS); map.remove(PRE_CHAIN_CLASS); map.remove(POST_CHAIN_CLASS); - map.remove(JCR_USER); - map.remove(JCR_PASS); + + map.remove(MYPROXY_SERVER); + map.remove(MYPROXY_USER); + map.remove(MYPROXY_PASS); + map.remove(MYPROXY_LIFE); + + map.remove(SSH_USER_NAME); + map.remove(SSH_PRIVATE_KEY); + map.remove(SSH_PRIVATE_KEY_PASS); + if (map.size() == 0) map = null; this.registryService = new JCRRegistry(jcrClass, userName, password, map); - + log.info("Default registry service is created"); } /* - * If there is no specific registry service, use the default one. + * If there is no specific registry service, use the default one. */ context.getExecutionContext().setRegistryService(this.registryService); } @@ -189,7 +262,7 @@ public class PropertiesBasedServiceImpl String className = null; if (this.scheduler == null) { log.info("try to create scheduler"); - + /* * get class names */