LISTSERV 14.4

NIH LISTSERV

CAGRID_USERS-L archives -- March 2008 (#29)

Content-class: urn:content-classes:message Content-Type: multipart/alternative; Thread-Topic: Accessing secure caArray 2.0 service using user-credentials Thread-Index: AciFOpX2aEFan43ISTq8Vs/neSVFLQABAHOgAAAwC1AAATsLEAAC8ARw References: A<007601c8853a$99b9d7f0$0399270a@LAP531> <[log in to unmask]> A<000601c8853f$d8f41d90$0399270a@LAP531> A<[log in to unmask]> Message-ID: <[log in to unmask]> Date: Thu, 13 Mar 2008 16:23:13 -0500 Reply-To: caGrid Users discussion Forum <[log in to unmask]> Sender: caGrid Users discussion Forum <[log in to unmask]> From: "Nagarajan, Rakesh" <[log in to unmask]> Subject: Re: Accessing secure caArray 2.0 service using user-credentials Comments: cc: [log in to unmask] In-Reply-To: A<[log in to unmask]>

Steve, Makes sense. Now the questions are, is the caArray user local to the web application only, and is the caGrid user for accessing the service through the caGrid? Are they linked in any way?? Thanks, Rakesh ________________________________ From: caGrid Users discussion Forum [mailto:[log in to unmask]] On Behalf Of Stephen A. Langella Sent: Thursday, March 13, 2008 3:22 PM To: [log in to unmask] Subject: Re: Accessing secure caArray 2.0 service using user-credentials Chandrakant, The GAARDS UI provides a method of logging onto the Grid via an Authentication Service and Dorian. You can think of Dorian as an account management system for the Grid. Dorian issues accounts to user whom directly register with it or whom have an account with an identity provider that Dorian trusts. The Authentication Service provides a uniform grid service interface to Identity providers providing clients with a standards means of authenticating with Identity Provider over the Grid. Once authenticated locally the Authentication Service provides proof that they authenticated to Dorian at which time Dorian issues grid credentials that may be used to authenticate to Grid services. The User Provisioning Tool (UPT) may not be used to log onto to the Grid since it is not an Authentication Service and since it is most likely not a trusted identity provider. In our production environment it is not anticipated that we would add application specific identity providers such as the UPT as trusted identity providers. For trusted identity providers we are targeting leveraging existing credentials at the institution level. For example if I work for Ohio State I should use my Ohio State username and password for accessing the Grid, likewise if I work for NCI I would use my NCI username and password. For our production environment we are targeting issuing credentials in accordance with the federal eAuthentication guidelines, which defines 4 levels of assurance with respect for credentials. For levels 2 and higher we are planning on leveraging organization identity providers as I just described. Currently we issue level 1 grid credentials to anybody that requests them. You can request a level 1 grid credential through the GAARDS UI as follows: http://www.cagrid.org/wiki/CaGrid:How-To:RequestAnAccount:1.1:Production :LOA1:UI You can also request credentials via the caGrid browser as follows: http://www.cagrid.org/wiki/CaGrid:How-To:RequestAnAccount:1.1:Production :LOA1:Browser Once you have requested credentials you can log onto the Grid via the GAARDS UI or via the browser. --Steve Stephen Langella co-Director Software Research Institute Department of Biomedical Informatics Ohio State University Office: (614) 292-1065 Lab: (614) 292-9845 [log in to unmask] From: caGrid Users discussion Forum [mailto:[log in to unmask]] On Behalf Of Chandrakant Talele Sent: Thursday, March 13, 2008 3:24 PM To: [log in to unmask] Subject: Re: Accessing secure caArray 2.0 service using user-credentials caArray 2.0 installs 3 things, application, grid-service and a CSM related web application (they call it User Provisioning Tool (UPT)) It is http://caarray.wustl.edu:28080/upt/ for our installation. Thanks and regards, Chandrakant J. Talele Module Lead Direct: +91(20)3023 5156 Persistent Systems Ltd. Visit us at www.persistentsys.com ________________________________ From: caGrid Users discussion Forum [mailto:[log in to unmask]] On Behalf Of Stephen A. Langella Sent: Thursday, March 13, 2008 2:17 PM To: [log in to unmask] Subject: Re: Accessing secure caArray 2.0 service using user-credentials Chandrakant, Can you please specify what you mean by the UPT URL? --Steve Stephen Langella co-Director Software Research Institute Department of Biomedical Informatics Ohio State University Office: (614) 292-1065 Lab: (614) 292-9845 [log in to unmask] From: caGrid Users discussion Forum [mailto:[log in to unmask]] On Behalf Of Chandrakant Talele Sent: Thursday, March 13, 2008 2:47 PM To: [log in to unmask] Subject: Accessing secure caArray 2.0 service using user-credentials We have a caArray 2.0 installed and running. I have a user created for me. I am able to login to caArray application using my user name and password. Now I want to access caArray grid service (installed locally along with caArray application) using same user-credentials. I launched GAARDS UI, provided my username and password. In Dorian Service and Authentication Service I have the UPT URL (I am not sure whether this is correct) On clicking authenticate I got following exception. java.rmi.RemoteException: (302)Moved Temporarily at gov.nih.nci.cagrid.authentication.client.AuthenticationClient.authentica te(AuthenticationClient.java:47) at gov.nih.nci.cagrid.dorian.ui.ifs.CreateProxyWindow.authenticate(CreatePr oxyWindow.java:413) at gov.nih.nci.cagrid.dorian.ui.ifs.CreateProxyWindow.access$000(CreateProx yWindow.java:38) at gov.nih.nci.cagrid.dorian.ui.ifs.CreateProxyWindow$1$1.execute(CreatePro xyWindow.java:373) at gov.nih.nci.cagrid.common.Runner.run(Runner.java:23) at EDU.oswego.cs.dl.util.concurrent.PooledExecutor$Worker.run(Unknown Source) at java.lang.Thread.run(Thread.java:619) Kindly let me know how to login to our caArray service? Thanks and regards, Chandrakant J. Talele Module Lead Direct: +91(20)3023 5156 Persistent Systems Ltd. Visit us at www.persistentsys.com <file:///\\www.persistentsys.com> DISCLAIMER ========== This e-mail may contain privileged and confidential information which is the property of Persistent Systems Ltd. It is intended only for the use of the individual or entity to which it is addressed. If you are not the intended recipient, you are not authorized to read, retain, copy, print, distribute or use this message. If you have received this communication in error, please notify the sender and delete all copies of this message. Persistent Systems Ltd. does not accept any liability for virus infected mails. DISCLAIMER ========== This e-mail may contain privileged and confidential information which is the property of Persistent Systems Ltd. It is intended only for the use of the individual or entity to which it is addressed. If you are not the intended recipient, you are not authorized to read, retain, copy, print, distribute or use this message. If you have received this communication in error, please notify the sender and delete all copies of this message. Persistent Systems Ltd. does not accept any liability for virus infected mails.

[text/html]

Back to: Top of message | Previous page | Main CAGRID_USERS-L page

Center for Information Technology
National Institutes of Health
Bethesda, Maryland 20892
301 594 6248 (v) 301 496 8294 (TDD)
Comments and Assistance
Accessibility

	Previous Message \| Next Message Previous in Topic \| Next in Topic Previous by Same Author \| Next by Same Author Previous Page (March 2008) \| Back to Main CAGRID_USERS-L Page

	Reply \| Post a New Message \| Join or Leave CAGRID_USERS-L, or Change Options \| Search
	Chronologically \| Most Recent First \| Wrap Text (Proportional Font) \| Don't Wrap Text (Non-proportional Font)