Hi all, I'm studying the documentation of Delegation Service on GT4.0 but some points are not really clear to me. In particular I want to use this mechanism in an infrastructure based on GT 4.0 that supports also dynamic deployment of services. For this reason, typically I need to delegate credentials to a service deployed without human interaction.
According to the architecture described at Architecture and design overview I have understood that "Services that are interested in the delegated credential can register a listener (an object that implements org.globus.delegation.DelegationRefreshListener) with the specific delegated credential resource. There currently is no remote interface for this, hence only services that are in the same hosting environment can register interest. The credentials are pushed to the listener anytime a refresh is done." At the moment - correct if I'm wrong - if we want to use the Delegation Service we need to invoke the Delegation Factory Service on the same node where the service has been deployed (of course this has to be done after the dynamic deployment has taken place). This way, delegated credentials must be created on that given node and therefore are accessible only by the local services. This approach doesn't leverage the actual benefits of a dynamic environment. We would better prefer to create a delegated credential (no matter the node it is stored on) before the service is deployed. Then register the service to the delegated credentials through the EPR by means of the remote interface scenario. Is it planned for the future the implementation of a remote interface to register interest for delegated credentials hosted on a remote node? If yes, when do you expect to release this feature? Otherwise could it be interesting for you if we collaborate to implement this functionality? Thank you in advance for your support, Andrea
