Can u please tell me how to verify server credentials, is it different from credentials subject ??
Can you please give me some links to understand credentials and subject . On Fri, Aug 29, 2008 at 7:48 PM, Rachana Ananthakrishnan < [EMAIL PROTECTED]> wrote: > Can you verify that CAS server credentials? Are you sure it is using > certificates for /O=Grid/OU=GlobusTest/OU= > simpleCA-hfrd08.domain.in/OU=domain.in/CN=casadmin<http://simpleca-hfrd08.domain.in/OU=domain.in/CN=casadmin> > and > not the host certificate? Given you are using https, the container > credentials will be presented for authentication and not the service > credentials. I have fixed the documentation to reflect this. > > Rachana > > ------------------------------ > *From:* R. Kumaram [mailto:[EMAIL PROTECTED] > *Sent:* Friday, August 29, 2008 1:11 AM > *To:* Rachana Ananthakrishnan > *Cc:* [email protected] > *Subject:* Re: [gt-user] Problem with CAS server administration > > Thank u Rachna for clarification.. > > Well, I am getting following error > > casadmin(globus-4.0.7 @ hfrd08)cas-group-admin -c $CAS_SERVER_URL -s > $CAS_SERVER_IDENTITY user create analyst analyst > ; nested exception is: > org.globus.common.ChainedIOException: Authentication failed [Caused > by: Operation unauthorized (Mechanism level: Authorization failed. Expected > "/O=Grid/OU=GlobusTest/OU= > simpleCA-hfrd08.domain.in/OU=domain.in/CN=casadmin" target but received > "/O=Grid/OU=GlobusTest/OU= > simpleCA-hfrd08.domain.in/CN=host/hfrd08.domain.in")] > > where, > (~)echo $CAS_SERVER_URL > https://172.16.32.157:8443/wsrf/services/CASService > > and > (~)echo $CAS_SERVER_IDENTITY > /O=Grid/OU=GlobusTest/OU= > simpleCA-hfrd08.domain.in/OU=domain.in/CN=casadmin > > > I am not getting what exactly happening wrong here. > > I tried with > INSERT INTO user_group_entry (user_group_name, user_nickname) values > ('superUserGroup', 'casadmin'); > > and > INSERT INTO user_table (user_nickname,subject_name,trust_anchor_nickname) > values ('casadmin', '/O=Grid/OU=GlobusTest/OU= > simpleCA-hfrd08.domain.in/OU=domain.in/CN=casadmin','defaultTrustAnchor'); > > > still getting the same problem.. > ie > ; nested exception is: > org.globus.common.ChainedIOException: Authentication failed [Caused > by: Operation unauthorized (Mechanism level: Authorization failed. Expected > "/O=Grid/OU=GlobusTest/OU= > simpleCA-hfrd08.domain.in/OU=domain.in/CN=casadmin" target but received > "/O=Grid/OU=GlobusTest/OU= > simpleCA-hfrd08.domain.in/CN=host/hfrd08.domain.in")] > > > > > and > > On Thu, Aug 28, 2008 at 7:07 PM, Rachana Ananthakrishnan < > [EMAIL PROTECTED]> wrote: > >> CAS server URL should point to the sever you are running and in your >> case it is >> >> https://172.16.32.157:8443/wsrf/services/CASService >> >> What is the error you get with the above? >> >> Rachana >> >> ------------------------------ >> *From:* [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] *On >> Behalf Of *R. Kumaram >> *Sent:* Thursday, August 28, 2008 12:13 AM >> *To:* [email protected] >> *Subject:* [gt-user] Problem with CAS server administration >> >> Hi All, >> I installed globus 4.0.7 , and everything seems to be fine >> including rft, gsiftp, container running sucessfully, I can submit job >> sucessfully. >> >> Now the problem is coming in CAS server administration, I have configured >> it according to the >> http://www.globus.org/toolkit/docs/4.0/admin/docbook/ch14.html >> >> database is properly set >> Obtained credentials for CAS service >> I can bootstrap the database with cas-server-bootstrap >> Performed all the test sucessfully >> >> >> Now the problem is when I try to create user, with cas-group-admin user >> create command with the >> CAS_SERVER_URL "http://localhost:8080/wsrf/services/CASService"; >> it gives me connection refused error: >> >> casadmin(globus-4.0.7 @ host1)cas-group-admin -c >> http://localhost:8080/wsrf/services/CASService user create kumaram >> kumaram >> ; nested exception is: >> java.net.ConnectException: Connection refused >> >> I checked the container running on globus user >> >> globus(~ @ host1)globus-start-container >> Starting SOAP server at: https://172.16.32.157:8443/wsrf/services/ >> With the following services: >> >> [1]: https://172.16.32.157:8443/wsrf/services/AdminService >> [2]: https://172.16.32.157:8443/wsrf/services/AuthzCalloutTestService >> [3]: https://172.16.32.157:8443/wsrf/services/CASService >> >> here CASService is running on 8443 port, *so I have a confusion whether >> CAS_SERVER_URL should be " >> https://172.16.32.157:8443/wsrf/services/CASService"; or not ????* >> >> I tried with this but it didnt work. >> >> When I checked where my gridftp server is running, it is on 56110 port >> >> root(lib @ host1)netstat -lnpt >> Active Internet connections (only servers) >> Proto Recv-Q Send-Q Local Address Foreign >> Address State PID/Program name >> *tcp 0 0 :::56110 >> :::* LISTEN 10088/globus-gridft * >> tcp 0 0 :::7512 >> :::* LISTEN 2166/xinetd >> tcp 0 0 :::8443 >> :::* LISTEN 7103/java >> tcp 0 0 :::2811 >> :::* LISTEN 2166/xinetd >> >> So I changed my CAS_SERVER_URL with >> http://localhost:56110/wsrf/services/CASService and tried but it is >> giving *Number Format exception error* >> >> casadmin(globus-4.0.7 @ host1)cas-group-admin -c >> http://localhost:56110/wsrf/services/CASService user create kumaram >> kumaram >> ; nested exception is: >> java.lang.NumberFormatException: For input string: "host1.domain.com" >> >> If I change my CAS_SERVER_URL with " >> http://172.16.32.157:56110/wsrf/services/CASService"; again the same >> NumberFOrmatException is coming. >> >> >> >> Can anybody please find where I am doing mistake ??? >> >> >> -- >> Regards >> R.Kumaram >> >> > > > -- > Regards > R.Kumaram > >
