VOMS implements a REST API that can be used to get a VOMS attribute certificate.
https://<voms.host>:<voms.port>/generate-ac
oidc: | |
providers: | |
- name: google | |
issuer: https://accounts.google.com | |
client: | |
clientId: ${IAM_GOOGLE_CLIENT_ID} | |
clientSecret: ${IAM_GOOGLE_CLIENT_SECRET} | |
redirectUris: ${iam.baseUrl}/openid_connect_login | |
scope: openid,profile,email,address,phone | |
loginButton: |
#!/bin/bash | |
set -e | |
exit_msg() { | |
echo "Giving up as requested by user..." | |
exit 1 | |
} | |
if [[ -z "${IAM_DEVICE_CODE_CLIENT_ID}" ]]; then | |
echo "Please set the IAM_DEVICE_CODE_CLIENT_ID env variable" |
I hereby claim:
To claim this, I am signing this object:
-- Selects and displays PtP requests that are stuck in progress for one month | |
SELECT rq.ID, rq.timeStamp, rp.targetSURL, sp.statusCode, sp.explanation | |
FROM storm_db.request_queue rq, storm_db.request_Put rp, storm_db.status_Put sp | |
WHERE rq.ID = rp.request_queueID and rp.ID = sp.request_PutID | |
and rq.status = 18 and rq.timeStamp <= DATE_SUB(CURRENT_TIMESTAMP(), INTERVAL 1 MONTH); | |
-- Marks PtP requests stuck in progress for one month as expired, so that the StoRM | |
-- request garbage collector will remove them from the database | |
UPDATE storm_db.request_queue rq, storm_db.request_Put rp, storm_db.status_Put sp | |
SET sp.statusCode = 1, sp.explanation = "Request expired.", rq.status = 1 |
#!/bin/bash | |
IAM_CLIENT_ID=${IAM_CLIENT_ID:-iam-client} | |
IAM_CLIENT_SECRET=${IAM_CLIENT_SECRET} | |
IAM_TOKEN_ENDPOINT=${IAM_TOKEN_ENDPOINT:-https://iam-test.indigo-datacloud.eu/token} | |
if [[ -z "${IAM_CLIENT_SECRET}" ]]; then | |
echo "Please provide a client secret setting the IAM_CLIENT_SECRET env variable." | |
exit 1; |
As reported in this ggus-ticket, in certain circumstances VOMS Admin accepts membership requests from users without a valid X.509 certificate.
This has no security impact on the server, but can lead to VO admins receiving membership request with strange user certificate subject, like the following:
![Strange request
This bug:
https://issues.infn.it/jira/browse/STOR-779
prevents the proper cleanup of ongoing PtPs on a surl when srmRm is called on that surl on all StoRM versions >= 1.11.5.
This bug will be fixed in StoRM 1.11.8, scheduled for release on Friday, March 13th 2015.
SCRIPT_URL="https://raw.github.com/italiangrid/voms-deployment-test/master/voms-deployment-test.sh" | |
wget --no-check-certificate $SCRIPT_URL -O voms-deployment-test.sh | |
chmod +x voms-deployment-test.sh | |
DB_UPGRADE="no" | |
if [ "$PERFORM_DATABASE_UPGRADE" = "true" ]; then | |
DB_UPGRADE="yes" | |
fi |