home list archives users mailing list
 

Subject: RE: Probelm in using Grid FTP

Date view Thread view Subject view Author view Attachment view

From: Ally Hume (a.hume@epcc.ed.ac.uk)
Date: Mar 28, 2006 12:47

Hi Samatha,

I see what is happening now. Sorry for not looking so closely the
last time.

The error says "Cannot open a GridFTP connection without credentials".
This is because in order to contact the GridFTP server using your
credentials some sort of delegation is required. The OGSA-DAI service
cannot contact other services on your behalf unless you explicitly
allow it to do so using some method of delegation.

When using message level security you can specify this delegation
within your client-side security descriptor. You will need to specify
a delegation value of 'limited' or 'full'. Limited allows only a
single hop delegation. Full allows the service to further delegate
your credential to other services. When using GridFTP limited
delegation will be sufficient.

When using transport level security things are more complicated.
Globus Toolkit provides delegation services to do this type of thing
but unfortunately this is not something we have got round to
supporting yet in OGSA-DAI and I'm not even sure if the GridFTP server
supports the use of delegation services.

Thus in order to get your example to work you will have to switch from
transport level security to message level security and specify a
delegation value of at least 'limited'.

Regards,

Ally

-------------------------------------------------------------
Ally Hume
Software Architect
EPCC, University of Edinburgh
James Clerk Maxwell Building
Mayfield Road E-mail: a.hume@epcc.ed.ac.uk
Edinburgh, EH9 3JZ Phone: + 44 (0) 131 651 3397
United Kingdom Fax: + 44 (0) 131 650 6555
-------------------------------------------------------------

-----Original Message-----
From: owner-users@ogsadai.org.uk [mailto:owner-users@ogsadai.org.uk]
On Behalf Of Samatha Kottha
Sent: 28 March 2006 09:23
To: Ally Hume
Cc: users@ogsadai.org.uk; ogsa-dai-ug@grouchy.cs.indiana.edu
Subject: Re: Probelm in using Grid FTP

Hi Ally,

Ofcourse I configured the security properly and I when I use the
synchronous and asynchronous mode of data retrievel I did not face any
problems with that. In my previous mail, I attached my code (here its
again). From that you can see that I set the securtiy properly. I am
pretty sure it has nothing to do with that because I could transfer
the
results using normal ftp, but for GridFTP its reporting the missed
credential. Like I mentioned in my last mail, I could not figure out
where and how the "mContext" is defined in
DeliverFromGFTActivity.javaregards. Exactly at this place the
exception
thrown.

regards,
Samatha

Ally Hume wrote:
> Are you contacting OGSA-DAI using message level security? If so do
> you have delegation set either limited to full? OGSA-DAI attempts
to
> uses your security credentials to contract the GridFTP server so you
> must have specifying that you are allowing this delegation.
>
> If you are using our client toolkit details of how to specify the
> security are given in:
>
http://www.ogsadai.org.uk/documentation/ogsadai-wsrf-2.1/doc/clients/c
> lienttoolkit/SecureServices.html
>
> When using GridFTP I have always done so with an OGSA-DAI server
that
> is configured for security as described in:
>
http://www.ogsadai.org.uk/documentation/ogsadai-wsrf-2.1/doc/wsrf/depl
> oy/Security.html
>
> Regards,
>
> Ally
>
> -------------------------------------------------------------
> Ally Hume
> Software Architect
> EPCC, University of Edinburgh
> James Clerk Maxwell Building
> Mayfield Road E-mail: a.hume@epcc.ed.ac.uk
> Edinburgh, EH9 3JZ Phone: + 44 (0) 131 651 3397
> United Kingdom Fax: + 44 (0) 131 650 6555
> -------------------------------------------------------------
>
>
> -----Original Message-----
> From: owner-users@ogsadai.org.uk [mailto:owner-users@ogsadai.org.uk]
> On Behalf Of Samatha Kottha
> Sent: 27 March 2006 11:36
> To: users@ogsadai.org.uk; ogsa-dai-ug@grouchy.cs.indiana.edu
> Subject: Re: Probelm in using Grid FTP
>
> Ohpps! I attached wrong file. Here it is. In class
> DeliverFromGFTActivity.java file it was not able to fetch the
> credential
> (line 115). But can anyone tell me what is mContext is and where it
> defined.
>
> thank you,
> Samatha
>
> Samatha Kottha wrote:
>
>> Hi!
>>
>> We are trying to get the results of query using Grid FTP to a file
>>
> but
>
>> we are facing this error message. I do not understand why I am
>>
> getting
>
>> this message as the globus-url-copy command is working fine as well
>>
> as
>
>> the program code with SOAP messages and have a valid proxy. If any
>>
> one
>
>> have idea, please let me know.
>>
>> thank you,
>> Samatha
>>
>> ********Program error
>> Exception in thread "main"
>> uk.org.ogsadai.client.toolkit.exception.RequestException: There was
>>
> a
>
>> request fault: Cannot open a GridFTP co
>> nnection without credentials - ensure the GDS is being called with
>>
> an
>
>> appropriate certificate
>> at
>>
>>
>
uk.org.ogsadai.client.toolkit.exception.FaultToException.getRequestExc
> eption(FaultToException.java:166)
>
>> at
>>
>>
>
uk.org.ogsadai.client.toolkit.wsrf.WSRFDataServiceStub.perform(WSRFDat
> aServiceStub.java:546)
>
>> at
>>
>>
>
uk.org.ogsadai.client.toolkit.wsrf.WSRFDataService.perform(WSRFDataSer
> vice.java:110)
>
>> at xmltocsv.main(xmltocsv.java:79)
>> Java Result: 1
>>
>> ********Globus container error message
>> 2006-03-27 11:45:18,701 ERROR
>>
> activity.ActivityPipelineRequestComponent
>
>> [ServiceThread-17,logError:213] An exception has been raised.
>> uk.org.ogsadai.engine.controlflow.RequestUserException: Cannot open
>>
> a
>
>> GridFTP connection without credentials - ensure the GDS is being
>>
> called
>
>> with an appro
>> priate certificate
>> at
>>
>>
>
uk.org.ogsadai.activity.ActivityPipelineRequestComponent.prepareActivi
> ties(ActivityPipelineRequestComponent.java:218)
>
>> at
>>
>>
>
uk.org.ogsadai.activity.ActivityPipelineRequestComponent.initialise(Ac
> tivityPipelineRequestComponent.java:86)
>
>> at
>>
>>
>
uk.org.ogsadai.engine.controlflow.CompositeRequestComponent.initialise
> (CompositeRequestComponent.java:77)
>
>> at
>>
>>
>
uk.org.ogsadai.activity.ActivityRequest.initialise(ActivityRequest.jav
> a:168)
>
>> at
>> uk.org.ogsadai.engine.RequestEngine.perform(RequestEngine.java:145)
>> at
>>
>>
>
uk.org.ogsadai.dataresource.BasicDataResourceManager.perform(BasicData
> ResourceManager.java:141)
>
>> at
>>
>>
>
uk.org.ogsadai.service.wsrf.dataservice.impl.DataServiceImpl.perform(D
> ataServiceImpl.java:594)
>
>> at
>>
>>
>
uk.org.ogsadai.service.wsrf.dataservice.impl.DataServiceImpl.perform(D
> ataServiceImpl.java:535)
>
>> at sun.reflect.NativeMethodAccessorImpl.invoke0(Native
>>
> Method)
>
>> at
>>
>>
>
sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.j
> ava:39)
>
>> at
>>
>>
>
sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccess
> orImpl.java:25)
>
>> at java.lang.reflect.Method.invoke(Method.java:324)
>> at
>>
>>
>
org.apache.axis.providers.java.RPCProvider.invokeMethod(RPCProvider.ja
> va:384)
>
>> at
>>
>>
>
org.globus.axis.providers.RPCProvider.invokeMethodSub(RPCProvider.java
> :107)
>
>> at
>>
>>
>
org.globus.axis.providers.PrivilegedInvokeMethodAction.run(PrivilegedI
> nvokeMethodAction.java:42)
>
>> at java.security.AccessController.doPrivileged(Native
>>
> Method)
>
>> at javax.security.auth.Subject.doAs(Subject.java:379)
>> at
>>
> org.globus.gsi.jaas.GlobusSubject.runAs(GlobusSubject.java:55)
>
>> at
org.globus.gsi.jaas.JaasSubject.doAs(JaasSubject.java:90)
>> at
>>
>>
>
org.globus.axis.providers.RPCProvider.invokeMethod(RPCProvider.java:97
> )
>
>> at
>>
>>
>
org.apache.axis.providers.java.RPCProvider.processMessage(RPCProvider.
> java:281)
>
>> at
>>
>>
>
org.apache.axis.providers.java.JavaProvider.invoke(JavaProvider.java:3
> 19)
>
>> at
>>
>>
>
org.apache.axis.strategies.InvocationStrategy.visit(InvocationStrategy
> .java:32)
>
>> at
>>
> org.apache.axis.SimpleChain.doVisiting(SimpleChain.java:118)
>
>> at org.apache.axis.SimpleChain.invoke(SimpleChain.java:83)
>> at
>>
>>
>
org.apache.axis.handlers.soap.SOAPService.invoke(SOAPService.java:450)
>
>> at
>>
> org.apache.axis.server.AxisServer.invoke(AxisServer.java:285)
>
>> at
>>
>>
>
org.globus.wsrf.container.ServiceThread.doPost(ServiceThread.java:677)
>
>> at
>>
>>
>
org.globus.wsrf.container.ServiceThread.process(ServiceThread.java:398
> )
>
>> at
>>
>>
>
org.globus.wsrf.container.GSIServiceThread.process(GSIServiceThread.ja
> va:130)
>
>> at
>> org.globus.wsrf.container.ServiceThread.run(ServiceThread.java:302)
>> Caused by: ActivityUserException: Cannot open a GridFTP connection
>> without credentials - ensure the GDS is being called with an
>>
> appropriate
>
>> certificate
>> at
>>
>>
>
uk.org.ogsadai.activity.delivery.wsrf.DeliverToGFTPActivity.initialise
> (DeliverToGFTPActivity.java:128)
>
>> at
>>
>>
>
uk.org.ogsadai.activity.ActivityPipelineRequestComponent.prepareActivi
> ties(ActivityPipelineRequestComponent.java:201)
>
>> ... 30 more
>>
>>
>>
>>
>
----------------------------------------------------------------------
> --
>
>> import uk.org.ogsadai.client.Util;
>> import uk.org.ogsadai.client.toolkit.GenericServiceFetcher;
>> import uk.org.ogsadai.client.toolkit.Response;
>> import uk.org.ogsadai.client.toolkit.activity.ActivityRequest;
>> import
>>
> uk.org.ogsadai.client.toolkit.activity.delivery.DeliverFromURL;
>
>> import
>>
> uk.org.ogsadai.client.toolkit.activity.delivery.DeliverToGFTP;
>
>> import
uk.org.ogsadai.client.toolkit.activity.delivery.DeliverToURL;
>> import uk.org.ogsadai.client.toolkit.activity.sql.SQLQuery;
>> import uk.org.ogsadai.client.toolkit.activity.sql.WebRowSet;
>> import
>>
> uk.org.ogsadai.client.toolkit.activity.transform.XSLTransform;
>
>> import
>>
>
uk.org.ogsadai.client.toolkit.security.wsrf.GSITransportEncryptionProp
> erty;
>
>> import uk.org.ogsadai.client.toolkit.service.DataService;
>>
>>
>> public class xmltocsv
>> {
>>
>> //register transport security
>> static
>> {
>> Util.registerTransport();
>> }
>>
>>
>> public static void main(String[] args) throws Exception
>> {
>>
>> if(!Util.isRegistered())
>> {
>> System.out.println(Util.getRegistrationErrorMessage() +
>>
> Util.getRegistrationException());
>
>> return;
>> }
>>
>> String handle =
>>
>
"https://romeo.urz.tu-dresden.de:8443/wsrf/services/ogsadai/MyService"
> ;
>
>> String id = "MyPQSPSIMAP169";
>> DataService service =
>>
> GenericServiceFetcher.getInstance().getDataService(handle,id);
>
>>
>> //Setup encryption
>> service.setConnectionProperty(new
>>
> GSITransportEncryptionProperty());
>
>> System.out.println("Ready to connect to secure data service at
>>
> " + service.getURL());
>
>>
>> // Create a deliverToURL object
>> DeliverToGFTP deliverto = new DeliverToGFTP(
>>
> "romeo.urz.tu-dresden.de",2811,"/tmp/mytext.csv" );
>
>> // Create a deliverFromURL object
>> DeliverFromURL deliverfrom = new DeliverFromURL(
>>
> "http://141.76.17.139:8080/tutorial/csvtransform.xsl" );
>
>> // Construct a query
>> SQLQuery query = new SQLQuery("SELECT * FROM if_string
>>
> limit 100") ;
>
>> WebRowSet rowset = new WebRowSet(query.getOutput());

>>
>> // Construct the transformation activity
>> XSLTransform transform = new XSLTransform();
>> transform.setXMLInput( rowset.getOutput() );
>> transform.setXSLTInput( deliverfrom.getOutput() );
>>
>> deliverto.setInput(transform.getOutput());
>>
>> //Construct the request
>> ActivityRequest request = new ActivityRequest();
>> request.add(deliverfrom);
>> request.add(query);
>> request.add(rowset);
>> request.add(transform);
>> request.add(deliverto);
>>
>> System.out.println("Performing request...");
>> Response response = service.perform( request );
>>
>> System.out.println(response);
>>
>> service.terminate();
>>
>> }
>> }
>>
>>
>
>
> 

-- 
Samatha Kottha
Zentrum für Informationsdienste und Hochleistungsrechnen (ZIH)
Technische Universität Dresden			Tel: (+49) 351
463-38553
Hauptgebäude 322 c				Fax: (+49) 351
463-38245
Hans-Grundig-Straße 25
01307 Dresden
Germany
Date view Thread view Subject view Author view Attachment view