Menu
▾
▴
gridsam-discuss
|
From: I. M. C. <i....@fd...> - 2010-12-09 10:22:10
|
Dear all,
this is a grid developer from Complutense University of Madrid, Spain.
We are using GridSAM as testing platform for our BES clients. These
clients do not use any authentication method (for now) and so we have
disabled any security mechanism from GridSAM. Thus, we comment the
section from server-config.wsdd where "<!-- BES with OMII WS-Security
-->" and uncomment where "<!-- BES withOut OMII WS-Security +
Username/Password -->", but commenting also in this section the next
lines:
<!--<handler type="java:org.apache.ws.axis.security.WSDoAllReceiver">
<parameter name="action" value="UsernameToken"/>
<parameter name="passwordCallbackClass"
value="org.icenigrid.gridsam.bes.webservice.common.PWCallback"/>
</handler>-->
However, when I try to submit a job using my own client, this provides
an security exception: "java.lang.SecurityException: attempting to add
an object which is not an instance of java.security.Principal to a
Subject's Principal Set", which is thrown by
org/apache/axis/client/Call.invoke().
Therefore, Should I make some changes more to disable any security
mechanism of GridSAM/BES?
Best regards.
|
|
From: Justin B. <jb...@ec...> - 2010-12-09 14:06:08
|
Hi, In webapps/gridsam/WEB-INF/classes/GridSAMService.properties you will find a property called allowUnauthorised. Try setting this to be 'true', as it is 'false' by default. Restart your container and see if this fixes your problem. Regards, Justin On 9 Dec 2010, at 09:45, I. Marín Carrión wrote: > Dear all, > > this is a grid developer from Complutense University of Madrid, Spain. > > We are using GridSAM as testing platform for our BES clients. These > clients do not use any authentication method (for now) and so we have > disabled any security mechanism from GridSAM. Thus, we comment the > section from server-config.wsdd where "<!-- BES with OMII WS-Security > -->" and uncomment where "<!-- BES withOut OMII WS-Security + > Username/Password -->", but commenting also in this section the next > lines: > > <!--<handler type="java:org.apache.ws.axis.security.WSDoAllReceiver"> > <parameter name="action" value="UsernameToken"/> > <parameter name="passwordCallbackClass" > value="org.icenigrid.gridsam.bes.webservice.common.PWCallback"/> > </handler>--> > > > However, when I try to submit a job using my own client, this provides > an security exception: "java.lang.SecurityException: attempting to add > an object which is not an instance of java.security.Principal to a > Subject's Principal Set", which is thrown by > org/apache/axis/client/Call.invoke(). > > Therefore, Should I make some changes more to disable any security > mechanism of GridSAM/BES? > > Best regards. > > > ------------------------------------------------------------------------------ > This SF Dev2Dev email is sponsored by: > > WikiLeaks The End of the Free Internet > http://p.sf.net/sfu/therealnews-com > _______________________________________________ > GridSAM-Discuss mailing list > Gri...@li... > https://lists.sourceforge.net/lists/listinfo/gridsam-discuss -- Justin Bradley Senior Software Consultant jb...@ec... OMII-UK / EPrints Services Bay 22, 4067, B32 University of Southampton |
|
From: I. M. C. <i....@fd...> - 2010-12-09 14:33:35
|
Hi Justin, this does not fix the problem. In the meantime, I have taken a look to BasicExecutionServiceAxisImpl.java which is referred by server-config.wsdd: <parameter name="className" value="org.icenigrid.gridsam.bzs.webservice.axis.BasicExecutionServiceAxisImpl"/> In this class, I find that this service use X.509 certificates. In my case, I should not use certificates, or any other authentication method. Thus, I wonder if this functionality is actually disabled when I comment the lines "<!-- BES with OMII WS-Security > > -->" in server-config.wsdd. In fact, this class imports javax.security.auth.Subject, the package that I now guess, causes the exception "java.lang.SecurityException: attempting to add an object which is not an instance of java.security.Principal to a Subject's Principal Set". My apologizes if in the previous mail I have not explained well my problem. Best regards. On Thu, 2010-12-09 at 14:05 +0000, Justin Bradley wrote: > Hi, > > In webapps/gridsam/WEB-INF/classes/GridSAMService.properties you will find a property called allowUnauthorised. > Try setting this to be 'true', as it is 'false' by default. Restart your container and see if this fixes your problem. > > Regards, > Justin > > > On 9 Dec 2010, at 09:45, I. Marín Carrión wrote: > > > Dear all, > > > > this is a grid developer from Complutense University of Madrid, Spain. > > > > We are using GridSAM as testing platform for our BES clients. These > > clients do not use any authentication method (for now) and so we have > > disabled any security mechanism from GridSAM. Thus, we comment the > > section from server-config.wsdd where "<!-- BES with OMII WS-Security > > -->" and uncomment where "<!-- BES withOut OMII WS-Security + > > Username/Password -->", but commenting also in this section the next > > lines: > > > > <!--<handler type="java:org.apache.ws.axis.security.WSDoAllReceiver"> > > <parameter name="action" value="UsernameToken"/> > > <parameter name="passwordCallbackClass" > > value="org.icenigrid.gridsam.bes.webservice.common.PWCallback"/> > > </handler>--> > > > > > > However, when I try to submit a job using my own client, this provides > > an security exception: "java.lang.SecurityException: attempting to add > > an object which is not an instance of java.security.Principal to a > > Subject's Principal Set", which is thrown by > > org/apache/axis/client/Call.invoke(). > > > > Therefore, Should I make some changes more to disable any security > > mechanism of GridSAM/BES? > > > > Best regards. > > > > > > ------------------------------------------------------------------------------ > > This SF Dev2Dev email is sponsored by: > > > > WikiLeaks The End of the Free Internet > > http://p.sf.net/sfu/therealnews-com > > _______________________________________________ > > GridSAM-Discuss mailing list > > Gri...@li... > > https://lists.sourceforge.net/lists/listinfo/gridsam-discuss > > -- > Justin Bradley > Senior Software Consultant > jb...@ec... > OMII-UK / EPrints Services > Bay 22, 4067, B32 > University of Southampton > > > > > -- I. Marín Carrión DSA Research Group: http://dsa-research.org Complutense University of Madrid |
|
From: I. M. C. <i....@fd...> - 2010-12-13 14:27:49
|
Dear all, In order to focus the problem, I have left for now the BES service (and my own BES clients) and now I am using the GridSAM service. My intention is using the client without authentication. So, I have done the next changes. In server-config.wsdd: I have disabled the section "<!-- GridSAM with OMII WS-Security -->" and enabled the section "without WS-Security". Also, I have set the property allowUnauthorised to true. Also, I have deleted all lines about myproxy in the GridSAMSubmit.java. The new compiled jar is placed in webapps/gridsam/WEB-INF/lib and in client/lib. Thus, when I execute the primes_file.pl demo I always get "Jobs outstanding: 10. Jobs completed: 0. Jobs failed: 0". This problem disappears enabling the security in server-config.wsdd (even if the new gridsam-client.jar is still present). I hope any idea to fix this problem. Best regards. On Thu, 2010-12-09 at 14:05 +0000, Justin Bradley wrote: > Hi, > > In webapps/gridsam/WEB-INF/classes/GridSAMService.properties you will find a property called allowUnauthorised. > Try setting this to be 'true', as it is 'false' by default. Restart your container and see if this fixes your problem. > > Regards, > Justin > > > On 9 Dec 2010, at 09:45, I. Marín Carrión wrote: > > > Dear all, > > > > this is a grid developer from Complutense University of Madrid, Spain. > > > > We are using GridSAM as testing platform for our BES clients. These > > clients do not use any authentication method (for now) and so we have > > disabled any security mechanism from GridSAM. Thus, we comment the > > section from server-config.wsdd where "<!-- BES with OMII WS-Security > > -->" and uncomment where "<!-- BES withOut OMII WS-Security + > > Username/Password -->", but commenting also in this section the next > > lines: > > > > <!--<handler type="java:org.apache.ws.axis.security.WSDoAllReceiver"> > > <parameter name="action" value="UsernameToken"/> > > <parameter name="passwordCallbackClass" > > value="org.icenigrid.gridsam.bes.webservice.common.PWCallback"/> > > </handler>--> > > > > > > However, when I try to submit a job using my own client, this provides > > an security exception: "java.lang.SecurityException: attempting to add > > an object which is not an instance of java.security.Principal to a > > Subject's Principal Set", which is thrown by > > org/apache/axis/client/Call.invoke(). > > > > Therefore, Should I make some changes more to disable any security > > mechanism of GridSAM/BES? > > > > Best regards. > > > > > > ------------------------------------------------------------------------------ > > This SF Dev2Dev email is sponsored by: > > > > WikiLeaks The End of the Free Internet > > http://p.sf.net/sfu/therealnews-com > > _______________________________________________ > > GridSAM-Discuss mailing list > > Gri...@li... > > https://lists.sourceforge.net/lists/listinfo/gridsam-discuss > > -- > Justin Bradley > Senior Software Consultant > jb...@ec... > OMII-UK / EPrints Services > Bay 22, 4067, B32 > University of Southampton > > > > > |
|
From: I. M. C. <i....@fd...> - 2010-12-13 15:48:08
|
Hi,
my apologizes, I forgot to remove the handlers in the client-side. Now
GridSAM works without authentication.
Then, I take up again the BES service. Thus, my server config about BES
is:
<service name="bes" provider="java:MSG" style="message" use="literal">
<wsdlFile>org/icenigrid/gridsam/resource/schema/wsdl/bes.wsdl</wsdlFile>
<requestFlow>
<!--<handler type="soapmonitor"/>-->
<!--<handler
type="java:org.apache.ws.axis.security.WSDoAllReceiver">
<parameter name="action" value="UsernameToken"/>
<parameter name="passwordCallbackClass"
value="org.icenigrid.gridsam.bes.webservice.common.PWCallback"/>
</handler>-->
</requestFlow>
<responseFlow>
<!--<handler type="soapmonitor"/>-->
</responseFlow>
<parameter name="allowedMethods" value="*"/>
<parameter name="scope" value="application"/>
<parameter name="className"
value="org.icenigrid.gridsam.bes.webservice.axis.BasicExecutionServiceAxisImpl"/>
</service>
But the execution of the BESCreateActivity (without myproxy, similar to
GridSAMSubmit) shows:
$ java -cp .. GridSAMClient BESCreateActivity -s
http://localhost:8080/gridsam/services/bes?wsdl -j test.jsdl
2010-12-13 16:38:06,170 FATAL [BESCreateActivity] (main:) unable to
create activity: java.lang.SecurityException: attempting to add an
object which is not an instance of java.security.Principal to a
Subject's Principal Set
2010-12-13 16:38:06,175 FATAL [BESCreateActivity] (main:) AxisFault
faultCode:
{http://schemas.xmlsoap.org/soap/envelope/}Server.userException
faultSubcode:
faultString: java.lang.SecurityException: attempting to add an object
which is not an instance of java.security.Principal to a Subject's
Principal Set
faultActor:
faultNode:
faultDetail:
{http://xml.apache.org/axis/}hostname:mc01
I hope some glue to fix this problem. Regards.
On Mon, 2010-12-13 at 15:27 +0100, I. Marín Carrión wrote:
> Dear all,
>
> In order to focus the problem, I have left for now the BES service (and
> my own BES clients) and now I am using the GridSAM service.
>
> My intention is using the client without authentication. So, I have done
> the next changes.
>
> In server-config.wsdd: I have disabled the section "<!-- GridSAM with
> OMII WS-Security -->" and enabled the section "without WS-Security".
> Also, I have set the property allowUnauthorised to true.
>
> Also, I have deleted all lines about myproxy in the GridSAMSubmit.java.
> The new compiled jar is placed in webapps/gridsam/WEB-INF/lib and in
> client/lib.
>
> Thus, when I execute the primes_file.pl demo I always get "Jobs
> outstanding: 10. Jobs completed: 0. Jobs failed: 0". This problem
> disappears enabling the security in server-config.wsdd (even if the new
> gridsam-client.jar is still present).
>
> I hope any idea to fix this problem.
>
> Best regards.
>
> On Thu, 2010-12-09 at 14:05 +0000, Justin Bradley wrote:
> > Hi,
> >
> > In webapps/gridsam/WEB-INF/classes/GridSAMService.properties you will find a property called allowUnauthorised.
> > Try setting this to be 'true', as it is 'false' by default. Restart your container and see if this fixes your problem.
> >
> > Regards,
> > Justin
> >
> >
> > On 9 Dec 2010, at 09:45, I. Marín Carrión wrote:
> >
> > > Dear all,
> > >
> > > this is a grid developer from Complutense University of Madrid, Spain.
> > >
> > > We are using GridSAM as testing platform for our BES clients. These
> > > clients do not use any authentication method (for now) and so we have
> > > disabled any security mechanism from GridSAM. Thus, we comment the
> > > section from server-config.wsdd where "<!-- BES with OMII WS-Security
> > > -->" and uncomment where "<!-- BES withOut OMII WS-Security +
> > > Username/Password -->", but commenting also in this section the next
> > > lines:
> > >
> > > <!--<handler type="java:org.apache.ws.axis.security.WSDoAllReceiver">
> > > <parameter name="action" value="UsernameToken"/>
> > > <parameter name="passwordCallbackClass"
> > > value="org.icenigrid.gridsam.bes.webservice.common.PWCallback"/>
> > > </handler>-->
> > >
> > >
> > > However, when I try to submit a job using my own client, this provides
> > > an security exception: "java.lang.SecurityException: attempting to add
> > > an object which is not an instance of java.security.Principal to a
> > > Subject's Principal Set", which is thrown by
> > > org/apache/axis/client/Call.invoke().
> > >
> > > Therefore, Should I make some changes more to disable any security
> > > mechanism of GridSAM/BES?
> > >
> > > Best regards.
> > >
> > >
> > > ------------------------------------------------------------------------------
> > > This SF Dev2Dev email is sponsored by:
> > >
> > > WikiLeaks The End of the Free Internet
> > > http://p.sf.net/sfu/therealnews-com
> > > _______________________________________________
> > > GridSAM-Discuss mailing list
> > > Gri...@li...
> > > https://lists.sourceforge.net/lists/listinfo/gridsam-discuss
> >
> > --
> > Justin Bradley
> > Senior Software Consultant
> > jb...@ec...
> > OMII-UK / EPrints Services
> > Bay 22, 4067, B32
> > University of Southampton
> >
> >
> >
> >
> >
>
>
>
> ------------------------------------------------------------------------------
> Oracle to DB2 Conversion Guide: Learn learn about native support for PL/SQL,
> new data types, scalar functions, improved concurrency, built-in packages,
> OCI, SQL*Plus, data movement tools, best practices and more.
> http://p.sf.net/sfu/oracle-sfdev2dev
> _______________________________________________
> GridSAM-Discuss mailing list
> Gri...@li...
> https://lists.sourceforge.net/lists/listinfo/gridsam-discuss
|
×
Want the latest updates on software, tech news, and AI?
Get latest updates about software, tech news, and AI from SourceForge directly in your inbox once a month.
Thanks for helping keep SourceForge clean.
X