Difference between revisions of "1.0 Release Notes"
From GCube System
Manuele.simi (Talk | contribs) |
Manuele.simi (Talk | contribs) (→Changes Related to the gHN) |
||
| Line 14: | Line 14: | ||
::* the <code>Security descriptor ($GLOBUS_LOCATION/etc/globus_wsrf_core/global_security_descriptor.xml)</code> for the gHN must be enabled (by removing the comment surrounding the ''containerSecDesc'' element in the ''$GLOBUS_LOCATION/etc/globus_wsrf_core/server-config.wsdd'') and configured to load the appropriate host credentials | ::* the <code>Security descriptor ($GLOBUS_LOCATION/etc/globus_wsrf_core/global_security_descriptor.xml)</code> for the gHN must be enabled (by removing the comment surrounding the ''containerSecDesc'' element in the ''$GLOBUS_LOCATION/etc/globus_wsrf_core/server-config.wsdd'') and configured to load the appropriate host credentials | ||
::* <code>$X509_USER_PROXY</code> environment variable is now exploited to contact the gContainer from outside the process. It is expected to contain a valid proxy accepted by the local gContainer process. | ::* <code>$X509_USER_PROXY</code> environment variable is now exploited to contact the gContainer from outside the process. It is expected to contain a valid proxy accepted by the local gContainer process. | ||
| − | : All of them are taken into consideration only in case of secure distribution. | + | :: All of them are taken into consideration only in case of secure distribution. |
====Changes Related to Services ==== | ====Changes Related to Services ==== | ||
Revision as of 17:56, 4 February 2010
gCore 1.0 introduces the following changes:
Changes Related to the gHN
- distribution: there are now two distributions of the gHN, secure and standard distribution
- the secure distribution includes Local Services and Libraries from the standard onf plus:
- enhanced
Delegationservice, in charge for providing local services with delegated credentials - enhanced
Securitylibrary, with support for authentication and authorisation of gCube calls and policies management. - new
gcore-stop-containerscript, to shutdown a secure container
- enhanced
- configuration: a set of new configuration settings is available:
- the
GHNConfig.xmlhas been extended with two additional configuration parameters:
- allowedScopes, letting the Site Manager to decide to which VOs the gHN can be joined in the future (upon VO Manager decisions)
- trustedGHNSynchInterval, how often the gHN refreshes the list of trusted gHNs (in seconds).
- the
Security descriptor ($GLOBUS_LOCATION/etc/globus_wsrf_core/global_security_descriptor.xml)for the gHN must be enabled (by removing the comment surrounding the containerSecDesc element in the $GLOBUS_LOCATION/etc/globus_wsrf_core/server-config.wsdd) and configured to load the appropriate host credentials -
$X509_USER_PROXYenvironment variable is now exploited to contact the gContainer from outside the process. It is expected to contain a valid proxy accepted by the local gContainer process.
- the
- All of them are taken into consideration only in case of secure distribution.
Changes Related to Services
None
Changes Related to the Documentation
- new/revised sections in the Administrator's Guide.
- Administrator's Guide has an enriched configuration section on how to setup a secure gHN.
