AW: AW: [geclipse-dev] GT4 status update

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] [List Home]

AW: AW: [geclipse-dev] GT4 status update

From: "Stuempert, Mathias IWR" <mathias.stuempert@xxxxxxxxxx>
Date: Thu, 23 Apr 2009 14:59:27 +0200
Delivered-to: geclipse-dev@xxxxxxxxxxx
List-archive: <https://dev.eclipse.org/mailman/private/geclipse-dev>
List-help: <mailto:geclipse-dev-request@eclipse.org?subject=help>
List-subscribe: <https://dev.eclipse.org/mailman/listinfo/geclipse-dev>, <mailto:geclipse-dev-request@eclipse.org?subject=subscribe>
List-unsubscribe: <https://dev.eclipse.org/mailman/listinfo/geclipse-dev>, <mailto:geclipse-dev-request@eclipse.org?subject=unsubscribe>
Thread-index: AcnED636YEhQf8N9RfuJhFEdAguUXwAAg21V
Thread-topic: AW: [geclipse-dev] GT4 status update

Hi Again,

> Well, I'm no Globus expert either, but as I understand it VOMS is one of the 
> options you have in Globus (but it is not required at all).
> See http://www.globus.org/grid_software/security/ in section "Components for 
> Access Control and Authorization". 

Jepp, you seem to be right. Anyways, as far as I understand it VOMS is only an addtional component and not very wide-spread in the GT4 community. Now making the GT4 projects depend on a VOMS VO may limit your users at the end to only use GT4 installations with a working VOMS system. So I definitely vote for a dedicated GT4 VO that also enables the user to define an optional VOMS binding (AND Shibboleth AND CAS ... good luck man ;-). But the first step should be a straightforward implementation with only basic Globus Proxy authentication. Highly sophisticated auth-ing makes stuff exponentially more difficult.

> As I understand it VOMS is something that might be used with BDII as well as 
> with MDS4 (although I'm not yet 100% sure how the VO mapping to resources 
> works there - I got dumps of some GT4.0 MDS servers where I can see some 
> pattern, but thats something to investigate further). 
> The binding of a info system type to a VO type that we have right now in g-
> Eclipse now might be to strict.

Wait, do not mix two different things here. BDII and MDS4 are information systems and are totally separated from the VO type. The binding you see mainly comes in through the VOMS Wizard, not through any core (ie model) feature. It may be the case that besides the GUI binding also the implementation (VOMS) has a binding to the BDII service (which would be more or less false) but there is definitely no core binding.

Anyways, yes, it is not a good solution to make the VOMS implementation depend on BDII (either in model or in UI). For the GT4 stuff it should not be an issue, at least if we go for a separate VO implementation as I suggest ;-)

> You are right - that is something to discuss 
> about, especially since this means touching stuff that is completely in the 
> core of g-Eclipse.

No, should not be required to touch the core. If something has to be touched then it is the VOMS VO.

Cheers, Mathias

References:
- [geclipse-dev] GT4 status update
  - From: Thomas Köckerbauer
- AW: [geclipse-dev] GT4 status update
  - From: Stuempert, Mathias IWR
- Re: AW: [geclipse-dev] GT4 status update
  - From: Thomas Köckerbauer

Prev by Date: Re: AW: [geclipse-dev] GT4 status update
Next by Date: [geclipse-dev] Httpg URL + equinox
Previous by thread: Re: AW: [geclipse-dev] GT4 status update
Next by thread: [geclipse-dev] Httpg URL + equinox
Index(es):
- Date
- Thread

Breadcrumbs