Hi,
it has been pointed out to me that my reply might be misunderstood.
So I'll rephrase it. The VOMS server on its own works, you can easily
create roles, groups..... it is the client part of VOMS that created me
problems i.e. voms-proxy-init wasn't working for me (and others) as it
should have unless used in a very basic way i.e. like grid-proxy-init.
This means that VOMS, unless things have changed, is not usable as
VOMS on the client side.
cheers
alessandra
On Mon, 27 Jun 2005, Alessandra Forti wrote:
> Hi Ian,
>
> to understand group roles etc. you need also at least a CE, (SE,RB?) that can
> query the VOMS server and a voms-proxy-init that works. My experience with
> the VOMS (LCG version) in Manchester was good up to the point in which I
> could build a grid-mapfile without roles and groups and then use
> voms-proxy-init as I would have used grid-proxy-init. In other words it eased
> the setup of small VOs but it wasn't yet ready to do more complicated ACL
> refinements for big VOs.
>
> I would be very interested to know what you find out.
>
> cheers
> alessandra
>
>
>
> On Sun, 26 Jun 2005, Ian Stokes-Rees wrote:
>
>> Hi Stephen and Jeremy,
>>
>> Burke, S (Stephen) wrote:
>>> The glite version is the most recent, documentation is here:
>>>
>>> http://glite.web.cern.ch/glite/documentation/
>>>
>>> LCG are about to switch to that version. However, I believe there are
>>> still some problems with the glite deployment scripts for the server.
>>> What do you want to achieve? Most people won't need to know about
>>> running a VOMS server; if you want to experiment as a user you could ask
>>> to join the pre-production system, or as an admin you can use an
>>> existing VOMS server, e.g. the one at RAL, for tests.
>>
>> Perhaps using the test one at RAL will meet my needs. I want to
>> understand the difference between roles, groups, and capabilities and how
>> those are attached to files, resource access rights, running jobs, and
>> proxy certificates. I want to understand what capabilities regular users
>> have to manipulate/control these things, and also what control is
>> available to running jobs and "grid services".
>>
>> The documentation I had found so far (old EDG stuff) only gave me a hint
>> as to many of these things, so I was hoping to try out an actual
>> implementation. Looking at the expanded gLite docs, though, it may be that
>> the 120+ pages of PDF will answer my questions. Thanks for the pointer to
>> that.
>>
>> Cheers,
>>
>> Ian
>>
>
>
--
********************************************
* Dr Alessandra Forti *
* Technical Coordinator - NorthGrid Tier2 *
* http://www.hep.man.ac.uk/u/aforti *
********************************************
|