Hi,
Have a look at this: https://savannah.cern.ch/bugs/?39254
Best regards,
Dimitar
Arnau Bria wrote:
> Hi,
>
> I've added cdf VO support to our WMS server.
> After configuring yaim following:
> https://cic.gridops.org/index.php?section=vo&page=homepage&subpage=
>
> I submit a job like:
> glite-wms-job-submit -a -c rb03.vo.conf -r ifaece02.pic.es:2119/jobmanager-lcgpbs-ifae glite.jdl
> where
>
> $ cat rb03.vo.conf
> [
> VirtualOrganisation = "cdf";
> HLRLocation = "";
> WMProxyEndpoints = {
> "https://rb03.pic.es:7443/glite_wms_wmproxy_server"
> };
> LBAddresses = {
> {"rb03.pic.es"}
> };
> MyProxyServer = "myproxy.cern.ch";
> ]
>
>
> And I get:
>
> Connecting to the service https://rb03.pic.es:7443/glite_wms_wmproxy_server
>
>
> Warning - Unable to delegate the credential to the endpoint: https://rb03.pic.es:7443/glite_wms_wmproxy_server
> User not authorized:
> unable to check credential permission (/opt/glite/etc/glite_wms_wmproxy.gacl)
> (credential entry not found)
> credential type: person
> input dn: /DC=es/DC=irisgrid/O=pic/CN=arnau-bria
>
>
>
> Switching to next WMProxy Server...
>
>
> Error - Operation failed
> Unable to find any endpoint where to perform service request
>
> Here's my procy:
> [arnaubria@ui01 ~]$ voms-proxy-info -all
> subject : /DC=es/DC=irisgrid/O=pic/CN=arnau-bria/CN=proxy
> issuer : /DC=es/DC=irisgrid/O=pic/CN=arnau-bria
> identity : /DC=es/DC=irisgrid/O=pic/CN=arnau-bria
> type : proxy
> strength : 512 bits
> path : /tmp/x509up_u63003
> timeleft : 11:59:58
> === VO cdf extension information ===
> VO : cdf
> subject : /DC=es/DC=irisgrid/O=pic/CN=arnau-bria
> issuer : /C=IT/O=INFN/OU=Host/L=Padova/CN=voms-01.pd.infn.it
> attribute : /cdf/Role=NULL/Capability=NULL
> timeleft : 11:59:58
>
>
> Then, when I check WMS logs:
> 01 Oct, 16:50:58 -I- PID: 16144 - "wmproxy::main": Resetting signals handler
> 01 Oct, 16:50:59 -I- PID: 16144 - "wmpgsoapoperations::delegationns__getProxyReq": getProxyReq operation called
> 01 Oct, 16:50:59 -I- PID: 16144 - "wmpgsoapoperations::delegationns__getProxyReq": Setting signals handler
> 01 Oct, 16:50:59 -I- PID: 16144 - "wmpcommon::logRemoteHostInfo": -------------------------------- Incoming Request --------------------------------
> 01 Oct, 16:50:59 -I- PID: 16144 - "wmpcommon::logRemoteHostInfo": Remote Host IP: 193.109.175.133:60381 - Remote Host Name: ui01.pic.es
> 01 Oct, 16:50:59 -I- PID: 16144 - "wmpcommon::logRemoteHostInfo": Remote CLIENT S DN: /DC=es/DC=irisgrid/O=pic/CN=arnau-bria/CN=proxy
> 01 Oct, 16:50:59 -I- PID: 16144 - "wmpcommon::logRemoteHostInfo": Remote GRST CRED: Not Available
> 01 Oct, 16:50:59 -I- PID: 16144 - "wmpcommon::logRemoteHostInfo": Service GRST PROXY LIMIT: 6
> 01 Oct, 16:50:59 -I- PID: 16144 - "wmpcommon::logRemoteHostInfo": ----------------------------------------------------------------------------------
> 01 Oct, 16:50:59 -I- PID: 16144 - "wmpoperations::getProxyReq": Authorizing user...
> 01 Oct, 16:50:59 -W- PID: 16144 - "WMPAuthorizer::checkGaclUserAuthZ": Unknown voms fqan: GRST_CRED_2 environment variable not set
> 01 Oct, 16:50:59 -I- PID: 16144 - "WMPAuthorizer::checkGaclUserAuthZ": fqan=
> 01 Oct, 16:50:59 -C- PID: 16144 - "WMPAuthorizer::checkGaclUserAuthZ": User not authorized:
> unable to check credential permission (/opt/glite/etc/glite_wms_wmproxy.gacl)
> (credential entry not found)
> credential type: person
> input dn: /DC=es/DC=irisgrid/O=pic/CN=arnau-bria
>
> 01 Oct, 16:50:59 -I- PID: 16144 - "wmpgsoapoperations::delegationns__getProxyReq": getProxyReq operation completed
>
> 01 Oct, 16:50:59 -I- PID: 16144 - "wmproxy::main": Resetting signals handler
>
>
> And /opt/glite/etc/glite_wms_wmproxy.gacl file contents:
>
> <entry>
> <voms>
> <fqan>cdf</fqan>
> </voms>
> <allow>
> <exec/>
> </allow>
> </entry>
>
>
> So, could some one help me to diagnose the source of the problem?
>
> TIA,
> Arnau
>
