Comment 1 Ariel Garcia 2008-11-12 11:10:37 EST

* GridFTP connection mount without having imported the certificates

- empty WS, create project
- try to mount GridFTP connection
- create a Globus proxy

=> Storage mount job fails with
    Mount failed
      Failed to mount SE @ iwrse.fzk.de
        Error contacting the server for mounting gecl://iwrse.fzk.de:2811/dpm/fzk.de/home/geclipse/?vo=geclipse&geclslave=gsiftp&gecluid=iwrse.fzk.de2811


* SRM connection mount without having imported the certificates

- empty WS, create project
- try to mount SRM connection (same with GridFTP+VOMS)
- create a VOMS proxy

=> VOMS proxy cannot be activated and the storage mount job error fails with
    An internal error occurred during: "Storage mount job".
    cred == null


Actually the storage mount job error reporting goes through a normal error dialog, no ProblemDialog.

Comment 2 Ariel Garcia 2008-11-12 11:29:41 EST

* Job updating

(this should be also a separate bugreport)

- import trusted certificates
- create a gLite VO/project
- create a new JSDL description
- submit it
- go to preferences, delete all trusted CAs
- try to refresh the job status

 => NO dialog appears at all, status is shown as "UNKNOWN",
    Reason is shown as ";nested exception is:"
    the following exception is logged in the console:


java.io.IOException: No CA files found matching "/tmp/ws-grid/.metadata/.plugins/eu.geclipse.core/.security
        at org.glite.security.trustmanager.ContextWrapper.initTrustAnchors(ContextWrapper.java:572)
        at org.glite.security.trustmanager.ContextWrapper.init(ContextWrapper.java:406)
        at org.glite.security.trustmanager.ContextWrapper.<init>(ContextWrapper.java:245)
        at org.glite.security.trustmanager.axis.AXISSocketFactory.create(AXISSocketFactory.java:84)
        at org.apache.axis.transport.http.HTTPSender.getSocket(HTTPSender.java:191)
        at org.apache.axis.transport.http.HTTPSender.writeToSocket(HTTPSender.java:404)
        at org.apache.axis.transport.http.HTTPSender.invoke(HTTPSender.java:138)
        at org.apache.axis.strategies.InvocationStrategy.visit(InvocationStrategy.java:32)
        at org.apache.axis.SimpleChain.doVisiting(SimpleChain.java:118)
        at org.apache.axis.SimpleChain.invoke(SimpleChain.java:83)
(...)

Comment 3 Ariel Garcia 2008-11-12 11:35:21 EST

* Job submission in gLite

- create VOMS vo, gLite project
- create JSDL description
- try to submit that w/o CA certificates
- a VOMS token is requested, accept it

 => a ProblemDialog pops up with
       Job submission failed
       Authentication token could not be created
    with solutions "Check your auth tokens" (passive)
                   "Open the JS wizard" (active)
    but no "missing trusted certs" kind of one.

Comment 4 Szymon Mueller 2008-11-19 04:53:34 EST

I am currently working on a fix for mount action.

Comment 5 Mathias Stümpert 2008-11-19 08:17:27 EST

* Browsing connections without CA certificates imported

- Existing VOMS project with gsiftp connection
- Expand connection

  => Problem dialog:
  "Error while fetching children [...]"
  solutions:
  - Check internet connection
  - Check server URL
  - Check proxy settings
  - Log Exception
  - Create problem report
  
"missing trusted certs" is missing

Comment 6 Mathias Stümpert 2008-11-19 08:19:49 EST

* Browsing SRM connection without CA certs

- Existing VOMS project with SRM connection
- Create VOMS proxy
- Expand connection

  => No problem dialog at all
       Just an error marker as child of the connection saying "cred == null"
       And an exception logged:
       
 eu.geclipse.core.auth.AuthenticationException: Unable to activate token
	at eu.geclipse.voms.auth.VomsProxy.setActive(VomsProxy.java:202)
	at eu.geclipse.core.auth.AbstractAuthenticationToken.setActive(AbstractAuthenticationToken.java:89)
	at eu.geclipse.core.auth.CoreAuthTokenProvider.requestToken(CoreAuthTokenProvider.java:66)
	at eu.geclipse.ui.UIAuthTokenProvider.requestToken(UIAuthTokenProvider.java:218)
	at eu.geclipse.core.auth.AbstractAuthTokenProvider.staticRequestToken(AbstractAuthTokenProvider.java:70)
	at eu.geclipse.efs.srm.SRMConnection.authenticate(SRMConnection.java:174)
	at eu.geclipse.efs.srm.SRMConnection.list(SRMConnection.java:201)
	at eu.geclipse.efs.srm.SRMStore.fetchChildren(SRMStore.java:946)
	at eu.geclipse.efs.srm.SRMStore.childInfos(SRMStore.java:234)
	at eu.geclipse.core.filesystem.internal.filesystem.GEclipseFileStore.childNames(GEclipseFileStore.java:226)
	at eu.geclipse.core.filesystem.internal.filesystem.ConnectionElement.fetchChildren(ConnectionElement.java:343)
	at eu.geclipse.core.model.impl.AbstractGridContainer$ChildFetcher.run(AbstractGridContainer.java:122)
	at org.eclipse.core.internal.jobs.Worker.run(Worker.java:55)
Caused by: eu.geclipse.core.reporting.ProblemException: Error while trying to query VOMS server
	at eu.geclipse.voms.server.VomsServer.query(VomsServer.java:181)
	at eu.geclipse.voms.auth.VomsProxy.setActive(VomsProxy.java:174)
	... 12 more
Caused by: org.globus.common.ChainedIOException: Authentication failed [Caused by: Failure unspecified at GSS-API level [Caused by: Unknown CA]]
	at org.globus.gsi.gssapi.net.GssSocket.startHandshake(GssSocket.java:150)
	at org.globus.gsi.gssapi.net.GssSocket.getOutputStream(GssSocket.java:166)
	at eu.geclipse.voms.server.VomsServer.getOutputStream(VomsServer.java:164)
	at eu.geclipse.voms.server.VomsServer.query(VomsServer.java:174)
	... 13 more
       

Comment 7 Szymon Mueller 2008-11-24 10:05:35 EST

Created attachment 118594 [details]
Patch for eu.geclipse.core.filesyste

Patch adds new problem, when server could not be contacted for various reasons. Solutions for this problem are as follows:
- Check your authentication tokens
- Check your imported CA-certificates
- Check your internet connection
- Check if firewall blocks your connection
- Contact the administrator, the server may be down

This problem is a general problem shown when mount action fails.

Comment 8 Szymon Mueller 2008-11-24 10:09:25 EST

Created attachment 118595 [details]
Patch for eu.geclipse.u

Comment 9 Szymon Mueller 2008-11-24 10:11:06 EST

Created attachment 118597 [details]
Patch for eu.geclipse.core.reportin

Comment 10 Szymon Mueller 2008-11-24 10:18:23 EST

Hmm - something went wrong with the descriptions of the last 2 patches when using Mylyn:

Patch for eu.geclipse.ui changes MountAction to display ProblemDialog after each failed mount, instead to gather them in the Eclipse job status and displaying the compiled status at the end of mount action.
General problem "Server could not be contacted is displayed" with exceptions thrown from underlying EFS.fetchInfo(options,monitor) in the details.

Patch for eu.geclipse.core.reporting removes duplicates from solutions of the problem. Only unique solutions of the problem and its slaves are added to the list of all possible solutions.

Also commited change to SRMConnection, to properly display error message when token could not be activated when browsing SRM connection.

Please commit the patches.

Comment 11 Ariel Garcia 2008-11-25 14:11:56 EST

Great, I committed your patches Szymon.

Comment 12 Mathias Stümpert 2008-11-27 05:47:55 EST

I had a look at Szymons patch and it seems to work ok, thanks Szymon. Nonetheless there was one issue left, i.e. if the user cancels the token creation then the problem dialog was also appearing. I just committed another patch that solved this issue. Now the problem dialog does only appear if a real problem occurred and not if the user canceled the token creation.

Comment 13 Mathias Stümpert 2008-11-27 07:24:39 EST

Just to have a list of TODO items:

Already solved:
Comment 1 - Mount Action

Not yet solved:
Comment 2 - Job Updating
Comment 3 - gLite Job Submission
Comment 5 - Browsing Connections
Comment 6 - Browsing SRM Connections
Comment 6

Comment 14 Szymon Mueller 2008-11-27 07:33:42 EST

Also,

Solved:
Comment 6 - Browsing SRM Connections
("Authentication token could not be activated" ProblemDialog is shown in this case with "Check your imported CA-certificates" as one of the possible solutions)