Testbed Support for GridPP member institutes
> [mailto:[log in to unmask]] On Behalf Of Alessandra Forti said:
> it has been pointed out to me that my reply might be misunderstood.
> So I'll rephrase it. The VOMS server on its own works, you can easily
> create roles, groups..... it is the client part of VOMS that
> created me
> problems i.e. voms-proxy-init wasn't working for me (and
> others) as it
> should have unless used in a very basic way i.e. like grid-proxy-init.
The glite voms-proxy-init works, I use it regularly. If people want to
try it it's supposed to be possible to ask for access to the
pre-production system, although it's still in a somewhat unstable state
at the moment. Also as I mentioned last week it might be useful for a UK
site to join the PPS, although it will take some work at the moment so I
guess not anyone involved with SC3!
> > to understand group roles etc. you need also at least a CE,
> (SE,RB?) that can
> > query the VOMS server and a voms-proxy-init that works.
One point on that, services don't need to contact the VOMS server, they
can verify the credentials directly as long as they have installed the
host certificate of the VOMS server. The RB does contact VOMS if/when it
renews a proxy.
Stephen
|