Last active
May 12, 2018 21:31
-
-
Save akkornel/355a2b6d2b74fbc7934147e7c15e87fa to your computer and use it in GitHub Desktop.
Globus Connect Server configuration (Stanford-specific), part 2 for MyProxy OAuth authentication
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| ; vim: filetype=dosini : nospell : | |
| ;------------------------------ | |
| ; Globus Configuration, Part 2 | |
| ; MyProxy OAuth Authentication | |
| ;------------------------------ | |
| ; This is the part of /etc/globus-connect-server.conf that is specific to the | |
| ; MyProxy OAuth authentication method. You should add this content to the | |
| ; end of the file, after you have filled in the content for Part 1. | |
| ; Part 1 is available here: | |
| ; https://gist.github.com/akkornel/b609c892271fa11fcf0504e07d6ed3f3 | |
| ; Instructions related to this part are available here: | |
| ; https://globus.stanford.edu/server/oauth.html | |
| ; NOTE: If you change anything in this file, you must re-run the | |
| ; globus-connect-server-setup command. | |
| ; This section tells globus-connect-server-setup that you are | |
| ; going to use MyProxy OAuth authentication. There is | |
| ; nothing to customize in this section. | |
| [Security] | |
| FetchCredentialFromRelay = True | |
| IdentityMethod = OAuth | |
| ; This section is where MyProxy is configured. | |
| [MyProxy] | |
| ; This is the hostname to use for Globus to connect to your MyProxy server. | |
| ; The port number is 7512. Globus connects to this to validate credentials. | |
| ; If you are behind a NAT, or your system's hostname does not match what is | |
| ; in public DNS, then you will need to configure this manually. | |
| Server = %(HOSTNAME)s | |
| ; The globus-connect-server-setup program compares the system hostname to what | |
| ; you configured in the Server line, above. If the two do not match, then | |
| ; GridFTP will be disabled. But in NAT environments (like EC2), the mismatch | |
| ; is normal. Setting ServerBehindNAT to True will skip the hostname check. | |
| ;;ServerBehindNAT = True | |
| ; This section is where the OAuth server is configured. | |
| [OAuth] | |
| ; These two options should exactly match what you configured up above, | |
| ; in the [MyProxy] section. | |
| Server = %(HOSTNAME)s | |
| ;;ServerBehindNAT = True | |
| ; A cascading stylesheet file to use with OAuth server web pages. | |
| ; You can download a custom CSS from | |
| ; http://localhost:4000/server/oauth.css | |
| Stylesheet = /etc/globus-myproxy-oauth-stylesheet.css | |
| ; An image file to use as the logo of the MyProxy OAuth server. | |
| ; You can download the logo from | |
| ; https://identity.stanford.edu/downloads/SU_New_BlockStree_Red.png | |
| Logo = /etc/globus-myproxy-oauth-logo.png |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment