Community
Participate
Working Groups
This bug is for collecting all the places where the "Import certificates" solutions seems to be missing in the corresponding problem dialog.
* GridFTP connection mount without having imported the certificates - empty WS, create project - try to mount GridFTP connection - create a Globus proxy => Storage mount job fails with Mount failed Failed to mount SE @ iwrse.fzk.de Error contacting the server for mounting gecl://iwrse.fzk.de:2811/dpm/fzk.de/home/geclipse/?vo=geclipse&geclslave=gsiftp&gecluid=iwrse.fzk.de2811 * SRM connection mount without having imported the certificates - empty WS, create project - try to mount SRM connection (same with GridFTP+VOMS) - create a VOMS proxy => VOMS proxy cannot be activated and the storage mount job error fails with An internal error occurred during: "Storage mount job". cred == null Actually the storage mount job error reporting goes through a normal error dialog, no ProblemDialog.
* Job updating (this should be also a separate bugreport) - import trusted certificates - create a gLite VO/project - create a new JSDL description - submit it - go to preferences, delete all trusted CAs - try to refresh the job status => NO dialog appears at all, status is shown as "UNKNOWN", Reason is shown as ";nested exception is:" the following exception is logged in the console: java.io.IOException: No CA files found matching "/tmp/ws-grid/.metadata/.plugins/eu.geclipse.core/.security at org.glite.security.trustmanager.ContextWrapper.initTrustAnchors(ContextWrapper.java:572) at org.glite.security.trustmanager.ContextWrapper.init(ContextWrapper.java:406) at org.glite.security.trustmanager.ContextWrapper.<init>(ContextWrapper.java:245) at org.glite.security.trustmanager.axis.AXISSocketFactory.create(AXISSocketFactory.java:84) at org.apache.axis.transport.http.HTTPSender.getSocket(HTTPSender.java:191) at org.apache.axis.transport.http.HTTPSender.writeToSocket(HTTPSender.java:404) at org.apache.axis.transport.http.HTTPSender.invoke(HTTPSender.java:138) at org.apache.axis.strategies.InvocationStrategy.visit(InvocationStrategy.java:32) at org.apache.axis.SimpleChain.doVisiting(SimpleChain.java:118) at org.apache.axis.SimpleChain.invoke(SimpleChain.java:83) (...)
* Job submission in gLite - create VOMS vo, gLite project - create JSDL description - try to submit that w/o CA certificates - a VOMS token is requested, accept it => a ProblemDialog pops up with Job submission failed Authentication token could not be created with solutions "Check your auth tokens" (passive) "Open the JS wizard" (active) but no "missing trusted certs" kind of one.
I am currently working on a fix for mount action.
* Browsing connections without CA certificates imported - Existing VOMS project with gsiftp connection - Expand connection => Problem dialog: "Error while fetching children [...]" solutions: - Check internet connection - Check server URL - Check proxy settings - Log Exception - Create problem report "missing trusted certs" is missing
* Browsing SRM connection without CA certs - Existing VOMS project with SRM connection - Create VOMS proxy - Expand connection => No problem dialog at all Just an error marker as child of the connection saying "cred == null" And an exception logged: eu.geclipse.core.auth.AuthenticationException: Unable to activate token at eu.geclipse.voms.auth.VomsProxy.setActive(VomsProxy.java:202) at eu.geclipse.core.auth.AbstractAuthenticationToken.setActive(AbstractAuthenticationToken.java:89) at eu.geclipse.core.auth.CoreAuthTokenProvider.requestToken(CoreAuthTokenProvider.java:66) at eu.geclipse.ui.UIAuthTokenProvider.requestToken(UIAuthTokenProvider.java:218) at eu.geclipse.core.auth.AbstractAuthTokenProvider.staticRequestToken(AbstractAuthTokenProvider.java:70) at eu.geclipse.efs.srm.SRMConnection.authenticate(SRMConnection.java:174) at eu.geclipse.efs.srm.SRMConnection.list(SRMConnection.java:201) at eu.geclipse.efs.srm.SRMStore.fetchChildren(SRMStore.java:946) at eu.geclipse.efs.srm.SRMStore.childInfos(SRMStore.java:234) at eu.geclipse.core.filesystem.internal.filesystem.GEclipseFileStore.childNames(GEclipseFileStore.java:226) at eu.geclipse.core.filesystem.internal.filesystem.ConnectionElement.fetchChildren(ConnectionElement.java:343) at eu.geclipse.core.model.impl.AbstractGridContainer$ChildFetcher.run(AbstractGridContainer.java:122) at org.eclipse.core.internal.jobs.Worker.run(Worker.java:55) Caused by: eu.geclipse.core.reporting.ProblemException: Error while trying to query VOMS server at eu.geclipse.voms.server.VomsServer.query(VomsServer.java:181) at eu.geclipse.voms.auth.VomsProxy.setActive(VomsProxy.java:174) ... 12 more Caused by: org.globus.common.ChainedIOException: Authentication failed [Caused by: Failure unspecified at GSS-API level [Caused by: Unknown CA]] at org.globus.gsi.gssapi.net.GssSocket.startHandshake(GssSocket.java:150) at org.globus.gsi.gssapi.net.GssSocket.getOutputStream(GssSocket.java:166) at eu.geclipse.voms.server.VomsServer.getOutputStream(VomsServer.java:164) at eu.geclipse.voms.server.VomsServer.query(VomsServer.java:174) ... 13 more
Created attachment 118594 [details] Patch for eu.geclipse.core.filesyste Patch adds new problem, when server could not be contacted for various reasons. Solutions for this problem are as follows: - Check your authentication tokens - Check your imported CA-certificates - Check your internet connection - Check if firewall blocks your connection - Contact the administrator, the server may be down This problem is a general problem shown when mount action fails.
Created attachment 118595 [details] Patch for eu.geclipse.u
Created attachment 118597 [details] Patch for eu.geclipse.core.reportin
Hmm - something went wrong with the descriptions of the last 2 patches when using Mylyn: Patch for eu.geclipse.ui changes MountAction to display ProblemDialog after each failed mount, instead to gather them in the Eclipse job status and displaying the compiled status at the end of mount action. General problem "Server could not be contacted is displayed" with exceptions thrown from underlying EFS.fetchInfo(options,monitor) in the details. Patch for eu.geclipse.core.reporting removes duplicates from solutions of the problem. Only unique solutions of the problem and its slaves are added to the list of all possible solutions. Also commited change to SRMConnection, to properly display error message when token could not be activated when browsing SRM connection. Please commit the patches.
Great, I committed your patches Szymon.
I had a look at Szymons patch and it seems to work ok, thanks Szymon. Nonetheless there was one issue left, i.e. if the user cancels the token creation then the problem dialog was also appearing. I just committed another patch that solved this issue. Now the problem dialog does only appear if a real problem occurred and not if the user canceled the token creation.
Just to have a list of TODO items: Already solved: Comment 1 - Mount Action Not yet solved: Comment 2 - Job Updating Comment 3 - gLite Job Submission Comment 5 - Browsing Connections Comment 6 - Browsing SRM Connections Comment 6
Also, Solved: Comment 6 - Browsing SRM Connections ("Authentication token could not be activated" ProblemDialog is shown in this case with "Check your imported CA-certificates" as one of the possible solutions)