This is the Windows version of the student notes. If you are using unix, you should use the Unix version of the notes.
One window will be used to run Globus Toolkit software and will be referred to as the GT window in these notes. Commands typed in the GT window will be bounded by a box of this color.
The second window will be used to modify and execute student code and will be referred to as the Exercise window. Exercise commands will be bounded by a box of this color.
Later in the tutorial a third command window will be required.
File modified:
The release tarball is a standard Globus Toolkit installer available for download on the Globus web.
$ mkdir C:\tutorial
$ cd C:\tutorial
Unzip feb-09-05-bas-gt.zip into C:\tutorial
$ cd feb-09-05-bas-gt
$ set GLOBUS_LOCATION=C:\tutorial\feb-09-05-bas-gt
$ echo %GLOBUS_LOCATION%
C:\tutorial\feb-09-05-bas-gt
This installer contains demonstration code that has been written for today's tutorial.
$ cd C:\tutorial
Unzip feb-09-05-bas-tut.zip into C:\tutorial
$ cd C:\tutorial\feb-09-05-bas-tut\stickynote
$ set GLOBUS_LOCATION=[use the value that was echoed earlier in the GT window]
$ ant deploy
Buildfile: build.xml
init:
bindings:
[... many more build messages...]
BUILD SUCCESSFUL
Total time: 27 seconds
$ dir %GLOBUS_LOCATION%\bin\show-note.bat
C:\tutorial\feb-09-05-bas-gt\bin\show-note.bat
If you get an error, see the Chapter 1 troubleshooting section.
$ bin\globus-start-container -nosec
Starting SOAP server at: http://192.168.123.100:8080/wsrf/services/
With the following services:
[1]: http://192.168.123.100:8080/wsrf/services/InMemoryServiceGroupEntry
[2]: http://192.168.123.100:8080/wsrf/services/TriggerFactoryService
[3]: http://192.168.123.100:8080/wsrf/services/IndexFactoryService
[4]: http://192.168.123.100:8080/wsrf/services/Version
[5]: http://192.168.123.100:8080/wsrf/services/IndexService
[6]: http://192.168.123.100:8080/wsrf/services/NotificationConsumerService
[7]: http://192.168.123.100:8080/wsrf/services/DefaultTriggerServiceEntry
[8]: http://192.168.123.100:8080/wsrf/services/TriggerServiceEntry
[9]: http://192.168.123.100:8080/wsrf/services/IndexServiceEntry
[10]: http://192.168.123.100:8080/wsrf/services/StickyNoteService
[11]: http://192.168.123.100:8080/wsrf/services/AdminService
[12]: http://192.168.123.100:8080/wsrf/services/DefaultIndexService
[13]: http://192.168.123.100:8080/wsrf/services/DefaultIndexServiceEntry
[14]: http://192.168.123.100:8080/wsrf/services/DefaultTriggerService
[15]: http://192.168.123.100:8080/wsrf/services/ShutdownService
[16]: http://192.168.123.100:8080/wsrf/services/ContainerRegistryService
[17]: http://192.168.123.100:8080/wsrf/services/TriggerService
[18]: http://192.168.123.100:8080/wsrf/services/gsi/AuthenticationService
[19]: http://192.168.123.100:8080/wsrf/services/InMemoryServiceGroupFactory
[20]: http://192.168.123.100:8080/wsrf/services/InMemoryServiceGroup
[21]: http://192.168.123.100:8080/wsrf/services/ContainerRegistryEntryService
[22]: http://192.168.123.100:8080/wsrf/services/SubscriptionManagerService
Control will not return to the prompt. This container will stay running until you exit it with Control-C.
$ %GLOBUS_LOCATION%\bin\show-note -s http://localhost:8080/wsrf/services/StickyNoteService
<ns1:message xmlns:ns1="http://tutorial.globus.org/stickynote">hello.</ns1:message>
In the GT window, you should see a message appear like the following:
2005-01-24 12:48:54,668 INFO stickynote.SingleNoteHome [Thread-2,findSingleton:29] Creating a single StickyNote.
This is just a debugging message printed by your service. See if you can find where in the code this message came from.
$ %GLOBUS_LOCATION%\bin\write-note -s http://localhost:8080/wsrf/services/StickyNoteService cheese
Message written.
$ %GLOBUS_LOCATION%\bin\show-note -s http://localhost:8080/wsrf/services/StickyNoteService
<ns1:message xmlns:ns1="http://tutorial.globus.org/stickynote">cheese</ns1:message>
BUILD FAILED
file:/home/bacon/tmp/playground/java/stickynote/source/build.xml:62: /home/bacon/tmp/install/share/schema not found.
Check to make sure that GLOBUS_LOCATION
is set correctly,
and that $GLOBUS_LOCATION/share/schema
exists.
Error: JAVA_HOME is not defined correctly.
We cannot execute java
Make sure you have Java installed, that the javac command is on your PATH, and that JAVA_HOME is set to the directory where Java is installed.
Warning: JAVA_HOME environment variable is not set (or not exported).
If build fails because sun.* classes could not be found
you will need to set the JAVA_HOME environment variable
to the installation directory of java.
Make sure you have JAVA_HOME set to the directory where JAVA is installed on your machine.
Error: GLOBUS_LOCATION invalid or not set:
Your GLOBUS_LOCATION is either not set, or set to an incorrect directory.
Run echo $GLOBUS_LOCATION
to see what the value is set to.
If necessary, correct it to the same location you had set when you ran
ant deploy
. Remember, you have to have this value set
in both windows you're using.
Failed to start container: Container failed to initialize [Caused by: Secure container requires valid credentials]
Remember to include the "-nosec" option when starting the container.
Failed to start container: Container failed to initialize [Caused by: Address in use]
You already have a server running on the same port as the container is trying to use. Make sure to either stop that server or start the container on some other port using the -p option.
Failed to obtain a list of services from 'http://140.221.57.104:8080/wsrf/services/ContainerRegistryService' service: ; nested exception is:
java.net.ConnectException: Connection timed out
Then your machine probably has a name assigned to it that does not correspond
to the IP address you have during this tutorial. Find out your current
IP address, and add a line to
$GLOBUS_LOCATION/etc/globus_wsrf_core/server-config.wsdd
under
the <globalConfiguration>
section:
<parameter name="logicalHost" value="xxx.xxx.xxx.xxx"/>
Here's an example of the file with that parameter set:
<globalConfiguration>
<parameter name="sendXsiTypes" value="true"/>
<parameter name="logicalHost" value="192.168.123.104"/>
<!-- @CONTAINER_SECURITY_DESCRIPTOR@ -->
Take care not to edit the files in the build/ subdirectory, as files in the build/ tree are overwritten by the "ant deploy" command. You should run
ant clean
first to make sure the
temporary build files are cleaned up. Also, make sure you are editing
the files in the TUTORIAL location, not in the GLOBUS_LOCATION.
If you are not familiar with commenting out XML or WSDL, the comment characters are <!-- and -->. For instance:
This is not commented out
<!-- This line is commented out -->
<!--
These lines
are both commented out
-->
schema/tutorial/stickynote_port_type.wsdl:
Add the create operation definition, and associated message and types.
There are a total of three sections to uncomment.
src/org/globus/tutorial/stickynote/StickyNoteService.java:
Implement the create operation. There is one section to uncomment.
src/org/globus/tutorial/stickynote/client/CreateNote.java:
Write the client for the create operation. There is one section to
uncomment.
deploy-jndi-config.xml:
Change the ResourceHome to support multiple resources. There is
one section to comment out, and one section to uncomment.
Execute these commands from the /tmp/tutorial/stickynote/ directory of the Exercise window.
$ ant clean
$ ant deploy
$ [ctrl-c]
$ bin\globus-start-container -nosec
$ %GLOBUS_LOCATION%\bin\create-note -s http://localhost:8080/wsrf/services/StickyNoteService
new note created...
EPR written to file: note--1947556620.epr
$ %GLOBUS_LOCATION%\bin\show-note -e note--1947556620.epr
<ns1:StickyNoteResourceProperties xmlns:ns1="http://tutorial.globus.org/stickynote">
<ns1:message>hello.</ns1:message>
</ns1:StickyNoteResourceProperties>
Note that your filename will be different than the one shown. Also notice that the message displayed by the container has changed from a SingleNoteHome to the ManyNoteHome:
2005-01-24 13:31:02,139 INFO stickynote.ManyNoteHome [Thread-2,create:52] Creating a new StickyNote.
$ %GLOBUS_LOCATION%\bin\create-note -s http://localhost:8080/wsrf/services/StickyNoteService
new note created...
EPR written to file: note--18887662.epr
Write different messages on each note, verifying that they keep independent messages:
$ %GLOBUS_LOCATION%\bin\write-note -e note--18887662.epr haggis
Message written.
$ %GLOBUS_LOCATION%\bin\write-note -e note--1947556620.epr lutefisk
Message written.
$ %GLOBUS_LOCATION%\bin\show-note -e note--1947556620.epr
<ns1:message xmlns:ns1="http://tutorial.globus.org/stickynote">lutefisk</ns1:message>
$ %GLOBUS_LOCATION%\bin\show-note -e note--18887662.epr
<ns1:message xmlns:ns1="http://tutorial.globus.org/stickynote">haggis</ns1:message>
Error: java.lang.Exception: [CORE] Operation 'Create' defined in wsdl but it's not implemented in the 'StickyNoteService' service.
Make sure you have stopped and restarted your container after modifying the code. In other words, stop the container by pressing Control-C, and restart it. Your service changes should then take effect.
Error: note--1947556620.epr (No such file or directory)
Make sure you used the filename returned by your create-note command. You cannot copy and paste the filenames in these instructions, as the filenames are randomly generated.
Error: No scheme found in URI.
Make sure you used the "-e" option with show-note and the EPR filename, not the "-s" option from the last exercise.
Error: org.oasis.wsrf.properties.ResourceUnknownFaultType
Your resources exist only as long as the container is still running. If you stop and restart your container, your old EPR files are no longer valid. Make sure you show-note on notes that were created while your current container was running.
schema/tutorial/stickynote_port_type.wsdl:
Add a Destroy operation
deploy-server.wsdd:
Add the DestroyProvider operation provider
Execute these commands from the C:\tutorial\stickynote\ directory of the Exercise window.
$ ant clean
$ ant deploy
$ [ctrl-c]
$ bin\globus-start-container -nosec
$ %GLOBUS_LOCATION%\bin\create-note -s http://localhost:8080/wsrf/services/StickyNoteService
new note created...
EPR written to file: note--1107777.epr
$ more note--1107777.epr
<StickyNoteEndpoint xsi:type="ns1:EndpointReferenceType" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:ns1="http://schemas.xmlsoap.org/ws/2004/03/addressing">
<ns1:Address xsi:type="ns1:AttributedURI">http://192.168.123.106:8080/wsrf/services/StickyNoteService</ns1:Address>
<ns1:ReferenceProperties xsi:type="ns1:ReferencePropertiesType">
<ns1:NoteKey xmlns:ns1="http://sticky.com">1107777</ns1:NoteKey>
</ns1:ReferenceProperties>
<ns1:ReferenceParameters xsi:type="ns1:ReferenceParametersType"/>
<StickyNoteEndpoint/>
$ %GLOBUS_LOCATION%\bin\wsrf-destroy -e note-1107777.epr
Destroy operation was successful
Note that wsrf-destroy is a command-line client tool distributed with the Globus Toolkit -- it is not demonstration code.
Execute this command from the Exercise window.
$ %GLOBUS_LOCATION%\bin\show-note -e note-1107777.epr Error: org.oasis.wsrf.properties.ResourceUnknownFaultType
An "unknown resource" fault will be triggered if you've completed this exercise correctly.
WSRF and WSN provide a set of standard faults (WS-BaseFaults) that are derived from a well-defined structure for expressing error conditions. The faults returned by the StickyNote service are from the set of standard faults. We recommend that service developers who wish to define custom faults for their services derive from the BaseFault structure.
Error: java.lang.Exception: [CORE] Operation 'Destroy' defined in wsdl but it's not implemented in the 'StickyNoteService' service.
Remember to stop and restart your container after deploying the updated code. Stop the container with Control-C and restart it for your changes to take effect.
schema/tutorial/stickynote_port_type.wsdl:
Add the definition of the lastModified RP type and add QueryResourceProperties operation
src/org/globus/tutorial/stickynote/client/ShowNote.java:
Have the show-note client report the lastModified time
src/org/globus/tutorial/stickynote/StickyNote.java:
Implement the lastModified behavior
src/org/globus/tutorial/stickynote/StickyNoteConstants.java:
Uncomment the definition of the constant
Execute these commands from the C:\tutorial\stickynote directory of the Exercise window.
$ ant clean
$ ant deploy
$ [ctrl-c]
$ bin\globus-start-container -nosec
$ %GLOBUS_LOCATION%\bin\create-note -s http://localhost:8080/wsrf/services/StickyNoteService
new note created...
EPR written to file: note--1947456611.epr
$ %GLOBUS_LOCATION%\bin\show-note -e note--1947456611.epr
<ns1:StickyNoteResourceProperties xmlns:ns1="http://tutorial.globus.org/stickynote">
<ns1:lastModified>2005-01-06T18:14:29.153Z</ns1:lastModified>
<ns1:message>hello.</ns1:message>
</ns1:StickyNoteResourceProperties>
$ %GLOBUS_LOCATION%\bin\write-note -e note--1947456611.epr spider
Message written.
$ %GLOBUS_LOCATION%\bin\show-note -e note--1947456611.epr
<ns1:StickyNoteResourceProperties xmlns:ns1="http://tutorial.globus.org/stickynote">
<ns1:lastModified>2005-01-06T18:24:39.153Z</ns1:lastModified>
<ns1:message>spider</ns1:message>
</ns1:StickyNoteResourceProperties>
You should see that the timestamp has updated since the note was created.
Error: Tried to invoke method public org.oasis.wsrf.properties.QueryResourcePropertiesResponse org.globus.wsrf.impl.properties.QueryResourcePropertiesProvider.queryResourceProperties(org.oasis.wsrf.properties.QueryResourceProperties_Element) throws java.rmi.RemoteException,org.oasis.wsrf.properties.InvalidResourcePropertyQNameFaultType,org.oasis.wsrf.properties.ResourceUnknownFaultType,org.oasis.wsrf.properties.InvalidQueryExpressionFaultType,org.oasis.wsrf.properties.QueryEvaluationErrorFaultType,org.oasis.wsrf.properties.UnknownQueryExpressionDialectFaultType with arguments org.oasis.wsrf.properties.QueryResourceProperties_Element. The arguments do not match the signature.; nested exception is:
java.lang.IllegalArgumentException: object is not an instance of declaring class
Remember to stop and restart your container after deploying the updated
code. Stop the container with Control-C and restart it for your changes
to take effect.
Also, this error might appear when the operation provider for this operation is deployed but the operation itself is not defined in WSDL. Ensure WSDL has the QueryResourceProperties operation uncommented.
src/org/globus/tutorial/stickynote/ManyNoteHome.java:
Override the add/remove methods to perform registration
%GLOBUS_LOCATION$\etc\globus_wsrf_mds_index\hierarchy.xml:
Add a line to register to the tutorial community index (details published
during the tutorial presentation)
Execute these commands from the /tmp/tutorial/stickynote/ directory of the Exercise window.
$ ant clean
$ ant deploy
$ [ctrl-c]
$ bin\globus-start-container -nosec
$ %GLOBUS_LOCATION%\bin\create-note -s http://localhost:8080/wsrf/services/StickyNoteService
new note created...
EPR written to file: note--269523889.epr
At this point, students should begin to see fish entering the central tank. Each fish in the tank represents a student sticky resource that has successfully registered with the community index. The text on the side of the fish corresponds to the message in the sticky note; the IP address on the side of the fish corresponds to the IP address of the student's host.
$ %GLOBUS_LOCATION%\bin\wsrf-query -s http://[ip of community index]:8080/wsrf/services/DefaultIndexService "/*"
[... lots of output ...]
<ns1:MemberServiceEPR>
<ns8:Address
xmlns:ns8="http://schemas.xmlsoap.org/ws/2004/03/addressing">http://192.168.123.106:8080/wsrf/services/StickyNoteService</ns8:Address>
<ns9:ReferenceProperties
xmlns:ns9="http://schemas.xmlsoap.org/ws/2004/03/addressing">
<ns1:NoteKey xmlns:ns1="http://sticky.com">8640702</ns1:NoteKey>
</ns9:ReferenceProperties>
<ns10:ReferenceParameters
xmlns:ns10="http://schemas.xmlsoap.org/ws/2004/03/addressing"/>
</ns1:MemberServiceEPR>
[... more output ...]
Note that wsrf-query is another standard command-line client tool distributed with the Globus Toolkit.
For example, open note--269523889.epr in some text editor and look for NoteKey
Notice that the value 8640702 matches the value in the index entry above.
WebMDS is a servlet that shows the state of index services. It is included in the standard Globus Toolkit install.
$ %GLOBUS_LOCATION%\bin\wsrf-destroy -e note--269523889.epr
[no output]
schema/tutorial/stickynote_port_type.wsdl:
Add a SetTerminationTime operation
src/org/globus/tutorial/stickynote/StickyNote.java:
Add the ResourceLifetime property to control termination time
deploy-server.wsdd:
Add the SetTerminationTimeProvider
Execute these commands from the C:\tutorial\stickynote/ directory of the Exercise window.
$ ant clean
$ ant deploy
$ [ctrl-c]
$ bin\globus-start-container -nosec
$ %GLOBUS_LOCATION%\bin\create-note -s http://localhost:8080/wsrf/services/StickyNoteService
new note created...
EPR written to file: note--1234.epr
$ %GLOBUS_LOCATION%\bin\show-note -e note--1234.epr
<ns1:StickyNoteResourceProperties xmlns:ns1="http://tutorial.globus.org/stickynote" xmlns:ns2="http://docs.oasis-open.org/wsrf/2004/06/wsrf-WS-ResourceLifetime-1.2-draft-01.xsd" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
<ns1:lastModified>2005-01-24T22:45:33.053Z</ns1:lastModified>
<ns1:CurrentTime xmlns:ns1="http://docs.oasis-open.org/wsrf/2004/06/wsrf-WS-ResourceLifetime-1.2-draft-01.xsd">2005-01-24T22:46:10.503Z</ns1:CurrentTime>
<ns1:TerminationTime xsi:nil="true" xmlns:ns1="http://docs.oasis-open.org/wsrf/2004/06/wsrf-WS-ResourceLifetime-1.2-draft-01.xsd"/>
<ns1:message>hello.</ns1:message>
</ns1:StickyNoteResourceProperties>
Observe that the terminationTime resource property is set to nil - this means that the newly created note has no termination time (and so will not be automatically destroyed). This means that this note will behave like the notes created in previous exercises.
$ %GLOBUS_LOCATION%\bin\wsrf-set-termination-time -e note--1234.epr 100
requested: Mon Jan 24 16:50:14 CST 2005
scheduled: Mon Jan 24 16:50:14 CST 2005
This will set the termination time of the resource to 100 seconds in the future.
Now wait a few minutes, using 'show-note' every minute or so and observe the current time approach and pass beyond the termination time. Eventually, the resource will be destroyed automatically and you will get the following error:
$ %GLOBUS_LOCATION%\bin\show-note -e note--1234.epr
Error: org.oasis.wsrf.properties.ResourceUnknownFaultType
This indicates that the Sticky Note resource no longer exists, and has been destroyed automatically.
schema/tutorial/stickynote_port_type.wsdl:
Add Subscribe operation
src/org/globus/tutorial/stickynote/StickyNote.java:
Add TopicList code
deploy-server.wsdd:
Add the SubscribeProvider
etc/post-deploy.xml:
Uncomment watch-note launch script generation
Execute these commands from the C:\tutorial\stickynote\ directory of the Exercise window.
$ ant clean
$ ant deploy
$ [ctrl-c]
$ bin\globus-start-container -nosec
$ %GLOBUS_LOCATION%\bin\create-note -s http://localhost:8080/wsrf/services/StickyNoteService
new note created...
EPR written to file: note--27772.epr
$ cd C:\tutorial\feb-09-05-bas-tut\stickynote
$ set GLOBUS_LOCATION=[your GL here]
Ensure that JAVA_HOME and GLOBUS_LOCATION are correctly set in the new window.
7.5 Launch the sticky note watcher:
$ %GLOBUS_LOCATION%\bin\watch-note -e note---27772.epr
Waiting for notification. Ctrl-C to end.
Control will not return to the prompt. The container hosting the watch client will stay running until you exit with Control-C.
$ %GLOBUS_LOCATION%\bin\write-note -e note---27772.epr coconut
Message written.
You have successfully completed this chapter when watch-note shows the new value of the note.
You can write to the note some more times, and watch-note will display the updated value each time.
$ [ctrl-c]
$
We will not use the third command window again.
etc/post-deploy.xml:
Uncomment search-note launch script generation
Execute these commands from the C:\tutorial\stickynote\ directory of the Exercise window.
$ ant clean
$ ant deploy
$ [ctrl-c]
$ bin\globus-start-container -nosec
$ %GLOBUS_LOCATION%\bin\create-note -s http://localhost:8080/wsrf/services/StickyNoteService
new note created...
EPR written to file: note--121358.epr
$ %GLOBUS_LOCATION%\bin\write-note -e note--121358.epr VelvetCapezzuto
Message written.
$ %GLOBUS_LOCATION%\bin\search-note -s http://localhost:8080/wsrf/services/DefaultIndexService VelvetCapezzuto
deploy-server.wsdd:
Add securityDescriptor parameter
etc/grid-mapfile:
Add your certificate subject to this file
etc/security-config.xml:
No modification needed
Execute these commands from the C:\tutorial\stickynote\ directory of the Exercise window.
$ ant clean
$ ant deploy
$ bin\grid-cert-request -caEmail false
A certificate request and private key will be created.
You will be asked to enter a PEM pass phrase.
This pass phrase is akin to your account password,
and is used to protect your key file.
If you forget your pass phrase, you will need to
obtain a new certificate.
Enter PEM pass phrase: asdf
Verifying password - Enter PEM pass phrase: asdf
Generating a 1024 bit RSA private key
A private key and a certificate request has been generated with the subject:
/O=Grid/CN=bacon
The private key is stored in %HOME%\.globus\userkey.pem
The request is stored in %HOME%\.globus\usercert_request.pem
Upload the generated request file to http://gcs.globus.org:8080/gcs/usercert.html. Choose to download the resulting file to the same directory where the userkey.pem is saved. Now create a proxy from your new certificate:
$ bin\grid-proxy-init -globus
Your identity: /C=US/O=Globus Alliance/OU=User/CN=101ca1dcd9b.8029cef5
Enter GRID pass phrase for this identity:
Creating proxy ................................. Done
Proxy verify OK
Your proxy is valid until Tue Feb 01 03:40:22 CST 2005
You might see this warning, but is harmless.
Warning: Please check file permissions for your proxy file.
$ bin\globus-start-container
[... more container output ...]
[47]: https://140.221.57.104:8443/wsrf/services/ManagedJobFactoryService
[48]: https://140.221.57.104:8443/wsrf/services/TestServiceRequest
$ %GLOBUS_LOCATION%\bin\create-note -s https://localhost:8443/wsrf/services/StickyNoteService -z none
new note created...
EPR written to file: note-672627063.epr
$ %GLOBUS_LOCATION%\bin\create-note -s https://localhost:8443/wsrf/services/StickyNoteService -z self
new note created...
EPR written to file: note--807655197.epr
Notice two things. First of all, because we started the container
with security, the URLs start with "https://" instead of "http://".
Secondly, because our client derives from the base client, we have a
-z
option that lets us specify what kind of authorization
the client will attempt to perform.
$ %GLOBUS_LOCATION%\bin\write-note -e note--807655197.epr -z none cheese
Message written.
$ %GLOBUS_LOCATION%\bin\show-note -e note--807655197.epr -z none
<ns1:message xmlns:ns1="http://tutorial.globus.org/stickynote">cheese</ns1:message>
%GLOBUS_LOCATION%\bin\show-note.bat -e note--1785350628.epr -z none -a
<ns1:StickyNoteResourceProperties xmlns:ns1="http://tutorial.globus.org/stickynote"><ns1:lastModified>2005-01-10T22:02:26.564Z</ns1:lastModified><ns1:message>cheese</ns1:message></ns1:StickyNoteResourceProperties>
The -a
option sets up the client invocation to be
anonymous.
Error: org.globus.wsrf.impl.security.authorization.exceptions.AuthorizationException: "/C=US/O=Globus Alliance/OU=User/CN=1014e44b14c.fd334f58" is not authorized to use operation: {http://tutorial.globus.org/stickynote}create on this service
Then the identity of your client is not in the grid-mapfile for the service you are trying to access.
Error: org.globus.wsrf.impl.security.authorization.exceptions.AuthorizationException: "/C=US/O=Globus Alliance/OU=User/CN=101497d3dcd.3dcd5aef" is not authorized to use operation: {http://tutorial.globus.org/stickynote}write on this service
represents an attempt to invoke the write operation when the client is not present in the grid-mapfile
~/.globus/cog.properties
file which is overriding the default
directory search order.
Error: GSI Transport authentication required for "{http://tutorial.globus.org/stickynote}create" operation.
Remember to run a secure container, and to use port 8443 (and an https:// URI).
Security configuration can be done at the resource level and it takes precedence over service level settings. But unlike service security setting, programmatic altering of a resource is required to secure a resource. The resource needs to implement the org.globus.wsrf.security.SecureResource interface.
In the previous exercise every user in the service level gridmap was able to write to all notes. In this exercise, resource security is used to restrict write access to only the creator of the sticky note. This is done by creating a resource level gridmap at the time of resource creation and populating it with the identity of the creator.
src/org/globus/tutorial/stickynote/StickyNote.java:
Add resource security descriptor that sets up a grid-map file with
only the identity of the client creating the note
Execute these commands from the C:\tutorial\stickynote\ directory of the Exercise window.
$ ant clean
$ ant deploy
$ bin\globus-start-container
[... more container output ...]
[47]: https://140.221.57.104:8443/wsrf/services/ManagedJobFactoryService
[48]: https://140.221.57.104:8443/wsrf/services/TestServiceRequest
$ %GLOBUS_LOCATION%\bin\create-note -s https://localhost:8443/wsrf/services/StickyNoteService -z none
new note created...
EPR written to file: note-672627063.epr
$ %GLOBUS_LOCATION%\bin\create-note -s https://localhost:8443/wsrf/services/StickyNoteService -z self
new note created...
EPR written to file: note--807655197.epr
$ %GLOBUS_LOCATION%\bin\write-note -e note--807655197.epr -z none cheese
Message written.
$ %GLOBUS_LOCATION%\bin\show-note -e note--807655197.epr -z none
<ns1:message xmlns:ns1="http://tutorial.globus.org/stickynote">cheese</ns1:message>
%GLOBUS_LOCATION%\bin\show-note.bat -e note--1785350628.epr -z none -a
<ns1:StickyNoteResourceProperties xmlns:ns1="http://tutorial.globus.org/stickynote"><ns1:lastModified>2005-01-10T22:02:26.564Z</ns1:lastModified><ns1:message>cheese</ns1:message></ns1:StickyNoteResourceProperties>
The -a
option sets up the client invocation to be
anonymous.
This concludes the hands-on portion of the Build a Service Tutorial Using GT4.