Hi,
Alvaro has covered this, but your point is valid, the documentation
could be more clear, and I also got bitten by this in the beginning. I
am collecting a number of VO management issues for the VO support
activity , and I think this is one of them
Maria Alandes Pradillo wrote:
>
> Hi Dimitris,
>
> I´m checking the new voms admin web interface (I´m not very familiar with it yet). How can I select now "any authenticated user"?
>
> Thanks!
> Maria
>
>> -----Original Message-----
>> From: LHC Computer Grid - Rollout
>> [mailto:[log in to unmask]] On Behalf Of Dimitris Zilaskos
>> Sent: Tuesday, July 22, 2008 11:09 AM
>> To: [log in to unmask]
>> Subject: Re: [LCG-ROLLOUT] edg-mkgridmap voms search Internal
>> Server Errors
>>
>> If it is indeed a new voms server from scratch, beware that
>> it has been found to suffer from serious issues. See
>>
>> http://glite.web.cern.ch/glite/packages/R3.1/updates.asp#3.1_Update_27
>>
>> Those issued force a downgrade to many sites.
>>
>> and about ACL
>>
>> [quote]
>>
>> Go to the VOMS_ADMIN web interface for each of your VOs
>> (https://SERVER_NAME:8443/voms/VO_NAME by default) and check
>> the access control lists. VOMS-ADMIN 2 has a redesigned
>> security model. The global ACL list is now deprecated. Grant
>> to any authenticated user Container
>> rights: Read permission and Membership rights: Read
>> permission for the top group so that the relevant grid hosts
>> can access the data they need to generate the gridmap file.
>>
>> [/quote]
>>
>> O/H Alvaro Simon Garcia έγραψε:
>>> Hi Maria
>>>
>>> Is a new voms server installed from scratch so I think ACL list is
>>> deprecated.
>>>
>>> Cheers
>>> Alvaro
>>>> Hi Alvaro,
>>>>
>>>> Do you still have an ACL to allow listing users to any
>> valid certificate?
>>>> Cheers,
>>>> Maria
>>>>
>>>>
>>>>> -----Original Message-----
>>>>> From: LHC Computer Grid - Rollout
>>>>> [mailto:[log in to unmask]]
>>>>> On Behalf Of Alvaro Simon Garcia
>>>>> Sent: Tuesday, July 22, 2008 10:45 AM
>>>>> To: [log in to unmask]
>>>>> Subject: [LCG-ROLLOUT] edg-mkgridmap voms search Internal Server
>>>>> Errors
>>>>>
>>>>> Dear All
>>>>>
>>>>> Since we have updated our voms server we got Server errors in our
>>>>> edg-mkgridmap log file like this:
>>>>>
>>>>> voms
>>>>> search(https://voms.egee.cesga.es:8443/voms/imath.cesga.es/ser
>>>>> vices/VOMSCompatibility?method=getGridmapUsers&container=%2Fim
>>>>> ath.cesga.es%2FRole%3DVO-Admin): Internal Server Error
>>>>>
>>>>> voms
>>>>> search(https://voms.egee.cesga.es:8443/voms/imath.cesga.es/ser
>>>>> vices/VOMSCompatibility?method=getGridmapUsers&container=%2Fim
>>>>> ath.cesga.es): Internal Server Error
>>>>>
>>>>>
>>>>> and /etc/grid-security/grid-mapfile is not updated
>>>>>
>>>>>
>>>>> If we check these endpoints it seems to be ok:
>>>>>
>>>>> <soapenv:Envelope>
>>>>> −
>>>>> <soapenv:Body>
>>>>> −
>>>>> <getGridmapUsersResponse
>>>>> soapenv:encodingStyle="http://schemas.xmlsoap.org/soap/encoding/">
>>>>> −
>>>>> <getGridmapUsersReturn soapenc:arrayType="soapenc:string[9]"
>>>>> xsi:type="soapenc:Array">
>>>>> <getGridmapUsersReturn
>>>>> xsi:type="soapenc:string">/DC=es/DC=irisgrid/O=cesga/CN=Pablo-
>>>>> Rey</getGridmapUsersReturn>
>>>>> <getGridmapUsersReturn
>>>>> xsi:type="soapenc:string">/DC=es/DC=irisgrid/O=cesga/CN=alvaro
>>>>> simon</getGridmapUsersReturn>
>>>>> ...
>>>>> ...
>>>>> ...
>>>>> </getGridmapUsersReturn>
>>>>> </getGridmapUsersResponse>
>>>>> </soapenv:Body>
>>>>> </soapenv:Envelope>
>>>>>
>>>>> Where is the problem?
>>>>>
>>>>>
>>>>> Cheers and thanks
>>>>> Alvaro
>>>>>
>>>>>
>> --
>> ==============================================================
>> ===============
>> Dimitris Zilaskos
>> GridAUTH Operations Centre @ Aristotle University of
>> Thessaloniki , Greece
>> Tel: +302310998988 Fax: +302310994309
>> http://www.grid.auth.gr
>> ==============================================================
>> ===============
>>
>>
--
=============================================================================
Dimitris Zilaskos
GridAUTH Operations Centre @ Aristotle University of Thessaloniki , Greece
Tel: +302310998988 Fax: +302310994309
http://www.grid.auth.gr
=============================================================================
|