ProxyManagerHandler

ProxyManager is the implementation of the ProxyManagement service in the DISET framework

ProxyManager options
# Section to describe ProxyManager system
# https://dirac.readthedocs.org/en/latest/AdministratorGuide/Systems/Framework/ProxyManager/index.html
ProxyManager
{
  Port = 9152
  MaxThreads = 100
  # Flag to use myproxy server
  UseMyProxy = False
  # Email to use as a sender for the expiration reminder
  MailFrom = "proxymanager@diracgrid.org"
  # Description of rules for access to methods
  Authorization
  {
    Default = authenticated
    getProxy = FullDelegation
    getProxy += LimitedDelegation
    getProxy += PrivateLimitedDelegation
    getVOMSProxy = FullDelegation
    getVOMSProxy += LimitedDelegation
    getVOMSProxy += PrivateLimitedDelegation
    getProxyWithToken = FullDelegation
    getProxyWithToken += LimitedDelegation
    getProxyWithToken += PrivateLimitedDelegation
    getVOMSProxyWithToken = FullDelegation
    getVOMSProxyWithToken += LimitedDelegation
    getVOMSProxyWithToken += PrivateLimitedDelegation
    getLogContents = ProxyManagement
    setPersistency = ProxyManagement
  }
}
class DIRAC.FrameworkSystem.Service.ProxyManagerHandler.ProxyManagerHandler(handlerInitDict, trid)

Bases: ProxyManagerHandlerMixin, RequestHandler

__init__(handlerInitDict, trid)

Constructor

Parameters:
  • handlerInitDict (dictionary) – Information vars for the service

  • trid (object) – Transport to use

auth_getUserProxiesInfo = ['authenticated']
auth_ping = ['all']
auth_refreshConfiguration = ['CSAdministrator']
auth_whoami = ['all']
export_completeDelegationUpload(requestId, pemChain)

Upload result of delegation

Parameters:
  • requestId (int) – identity number

  • pemChain (str) – certificate as string

Returns:

S_OK(dict)/S_ERROR() – dict contain proxies

export_deleteProxy(userDN, userGroup)

Delete a proxy from the DB

Parameters:
  • userDN (str) – user DN

  • userGroup (str) – DIRAC group

Returns:

S_OK()/S_ERROR()

export_deleteProxyBundle(idList)

delete a list of id’s

Parameters:

idList (list,tuple) – list of identity numbers

Returns:

S_OK(int)/S_ERROR()

static export_echo(data)

This method is used for testing performance of the service

Parameters:

data (str) – data to be sent back to the caller

Returns:

S_OK, Value is the input data

export_generateToken(requesterDN, requesterGroup, tokenUses)

Generate tokens for proxy retrieval

Parameters:
  • requesterDN (str) – user DN

  • requesterGroup (str) – DIRAC group

  • tokenUses (int) – number of uses

Returns:

S_OK(tuple)/S_ERROR() – tuple contain token, number uses

export_getContents(selDict, sortDict, start, limit)

Retrieve the contents of the DB

Parameters:
  • selDict (dict) – selection fields

  • sortDict (list,tuple) – sorting fields

  • start (int) – search limit start

  • start – search limit amount

Returns:

S_OK(dict)/S_ERROR() – dict contain fields, record list, total records

export_getLogContents(selDict, sortDict, start, limit)

Retrieve the contents of the DB

Parameters:
  • selDict (dict) – selection fields

  • sortDict (list,tuple) – search filter

  • start (int) – search limit start

  • start – search limit amount

Returns:

S_OK(dict)/S_ERROR() – dict contain fields, record list, total records

export_getProxy(userDN, userGroup, requestPem, requiredLifetime)

Get a proxy for a userDN/userGroup

Parameters:
  • requestPem – PEM encoded request object for delegation

  • requiredLifetime

    Argument for length of proxy

    • Properties:
      • FullDelegation <- permits full delegation of proxies

      • LimitedDelegation <- permits downloading only limited proxies

      • PrivateLimitedDelegation <- permits downloading only limited proxies for one self

export_getProxyWithToken(userDN, userGroup, requestPem, requiredLifetime, token)

Get a proxy for a userDN/userGroup

Parameters:
  • requestPem – PEM encoded request object for delegation

  • requiredLifetime – Argument for length of proxy

  • token

    Valid token to get a proxy

    • Properties:
      • FullDelegation <- permits full delegation of proxies

      • LimitedDelegation <- permits downloading only limited proxies

      • PrivateLimitedDelegation <- permits downloading only limited proxies for one self

export_getRegisteredUsers(validSecondsRequired=0)

Get the list of users who have a valid proxy in the system

Parameters:

validSecondsRequired (int) – required seconds the proxy is valid for

Returns:

S_OK(list)/S_ERROR() – list contain dicts with user name, DN, group expiration time, persistent flag

export_getStoredProxyStrength(userDN, userGroup=None, vomsAttr=None)

Return the strength in bit of the stored proxy

Parameters:
  • userDN – DN of the user

  • userGroup – group of the user

  • vomsAttr – VOMS attr we plan to add on the proxy

export_getUserProxiesInfo()

Get the info about the user proxies in the system

Returns:

S_OK(dict)

export_getVOMSProxy(userDN, userGroup, requestPem, requiredLifetime, vomsAttribute=None)

Get a proxy for a userDN/userGroup

Parameters:
  • requestPem – PEM encoded request object for delegation

  • requiredLifetime – Argument for length of proxy

  • vomsAttribute

    VOMS attr to add to the proxy

    • Properties :
      • FullDelegation <- permits full delegation of proxies

      • LimitedDelegation <- permits downloading only limited proxies

      • PrivateLimitedDelegation <- permits downloading only limited proxies for one self

export_getVOMSProxyWithToken(userDN, userGroup, requestPem, requiredLifetime, token, vomsAttribute=None)

Get a proxy for a userDN/userGroup

Parameters:
  • requestPem – PEM encoded request object for delegation

  • requiredLifetime – Argument for length of proxy

  • vomsAttribute

    VOMS attr to add to the proxy

    • Properties :
      • FullDelegation <- permits full delegation of proxies

      • LimitedDelegation <- permits downloading only limited proxies

      • PrivateLimitedDelegation <- permits downloading only limited proxies for one self

export_ping()
static export_refreshConfiguration(fromMaster)

Force refreshing the configuration data

Parameters:

fromMaster (bool) – flag to refresh from the master configuration service

export_requestDelegationUpload(requestedUploadTime=None)

Request a delegation. Send a delegation request to client

Returns:

S_OK(dict)/S_ERROR() – dict contain id and proxy as string of the request

export_setPersistency(userDN, userGroup, persistentFlag)

Set the persistency for a given dn/group

Parameters:
  • userDN (str) – user DN

  • userGroup (str) – DIRAC group

  • persistentFlag (boolean) – if proxy persistent

Returns:

S_OK()/S_ERROR()

export_whoami()

A simple whoami, returns all credential dictionary, except certificate chain object.

classmethod getCSOption(optionName, defaultValue=False)

Get an option from the CS section of the services

Returns:

Value for serviceSection/optionName in the CS being defaultValue the default

getRemoteAddress()

Get the address of the remote peer.

Returns:

Address of remote peer.

getRemoteCredentials()

Get the credentials of the remote peer.

Returns:

Credentials dictionary of remote peer.

initialize()

Initialize this instance of the handler (to be overwritten)

classmethod initializeHandler(serviceInfoDict)
srv_disconnect(trid=None)
classmethod srv_disconnectClient(trid)
srv_getActionTuple()
classmethod srv_getCSOption(optionName, defaultValue=False)

Get an option from the CS section of the services

Returns:

Value for serviceSection/optionName in the CS being defaultValue the default

srv_getClientSetup()
srv_getClientVO()
srv_getClientVersion()
srv_getFormattedRemoteCredentials()
classmethod srv_getMonitor()
srv_getRemoteAddress()

Get the address of the remote peer.

Returns:

Address of remote peer.

srv_getRemoteCredentials()

Get the credentials of the remote peer.

Returns:

Credentials dictionary of remote peer.

classmethod srv_getServiceName()
srv_getTransportID()
classmethod srv_getURL()
classmethod srv_msgCreate(msgName)
srv_msgReply(msgObj)
classmethod srv_msgSend(trid, msgObj)
transfer_bulkFromClient(bulkId, token, bulkSize, fileHelper)
transfer_bulkToClient(bulkId, token, fileHelper)
transfer_fromClient(fileId, token, fileSize, fileHelper)
transfer_listBulk(bulkId, token, fileHelper)
transfer_toClient(fileId, token, fileHelper)
types_completeDelegationUpload = [<class 'int'>, <class 'str'>]
types_deleteProxy = [(<class 'list'>, <class 'tuple'>)]
types_deleteProxyBundle = [(<class 'list'>, <class 'tuple'>)]
types_echo = [<class 'str'>]
types_generateToken = [<class 'str'>, <class 'str'>, <class 'int'>]
types_getContents = [<class 'dict'>, (<class 'list'>, <class 'tuple'>), <class 'int'>, <class 'int'>]
types_getLogContents = [<class 'dict'>, (<class 'list'>, <class 'tuple'>), <class 'int'>, <class 'int'>]
types_getProxy = [<class 'str'>, <class 'str'>, <class 'str'>, <class 'int'>]
types_getProxyWithToken = [<class 'str'>, <class 'str'>, <class 'str'>, <class 'int'>, <class 'str'>]
types_getRegisteredUsers = []
types_getStoredProxyStrength = [<class 'str'>, <class 'str'>, [<class 'str'>, <class 'NoneType'>, <class 'bool'>]]
types_getUserProxiesInfo = []
types_getVOMSProxy = [<class 'str'>, <class 'str'>, <class 'str'>, <class 'int'>, [<class 'str'>, <class 'NoneType'>, <class 'bool'>]]
types_getVOMSProxyWithToken = [<class 'str'>, <class 'str'>, <class 'str'>, <class 'int'>, [<class 'str'>, <class 'NoneType'>]]
types_ping = []
types_refreshConfiguration = [<class 'bool'>]
types_requestDelegationUpload = []
types_setPersistency = [<class 'str'>, <class 'str'>, <class 'bool'>]
types_whoami = []
class DIRAC.FrameworkSystem.Service.ProxyManagerHandler.ProxyManagerHandlerMixin

Bases: object

auth_getUserProxiesInfo = ['authenticated']
export_completeDelegationUpload(requestId, pemChain)

Upload result of delegation

Parameters:
  • requestId (int) – identity number

  • pemChain (str) – certificate as string

Returns:

S_OK(dict)/S_ERROR() – dict contain proxies

export_deleteProxy(userDN, userGroup)

Delete a proxy from the DB

Parameters:
  • userDN (str) – user DN

  • userGroup (str) – DIRAC group

Returns:

S_OK()/S_ERROR()

export_deleteProxyBundle(idList)

delete a list of id’s

Parameters:

idList (list,tuple) – list of identity numbers

Returns:

S_OK(int)/S_ERROR()

export_generateToken(requesterDN, requesterGroup, tokenUses)

Generate tokens for proxy retrieval

Parameters:
  • requesterDN (str) – user DN

  • requesterGroup (str) – DIRAC group

  • tokenUses (int) – number of uses

Returns:

S_OK(tuple)/S_ERROR() – tuple contain token, number uses

export_getContents(selDict, sortDict, start, limit)

Retrieve the contents of the DB

Parameters:
  • selDict (dict) – selection fields

  • sortDict (list,tuple) – sorting fields

  • start (int) – search limit start

  • start – search limit amount

Returns:

S_OK(dict)/S_ERROR() – dict contain fields, record list, total records

export_getLogContents(selDict, sortDict, start, limit)

Retrieve the contents of the DB

Parameters:
  • selDict (dict) – selection fields

  • sortDict (list,tuple) – search filter

  • start (int) – search limit start

  • start – search limit amount

Returns:

S_OK(dict)/S_ERROR() – dict contain fields, record list, total records

export_getProxy(userDN, userGroup, requestPem, requiredLifetime)

Get a proxy for a userDN/userGroup

Parameters:
  • requestPem – PEM encoded request object for delegation

  • requiredLifetime

    Argument for length of proxy

    • Properties:
      • FullDelegation <- permits full delegation of proxies

      • LimitedDelegation <- permits downloading only limited proxies

      • PrivateLimitedDelegation <- permits downloading only limited proxies for one self

export_getProxyWithToken(userDN, userGroup, requestPem, requiredLifetime, token)

Get a proxy for a userDN/userGroup

Parameters:
  • requestPem – PEM encoded request object for delegation

  • requiredLifetime – Argument for length of proxy

  • token

    Valid token to get a proxy

    • Properties:
      • FullDelegation <- permits full delegation of proxies

      • LimitedDelegation <- permits downloading only limited proxies

      • PrivateLimitedDelegation <- permits downloading only limited proxies for one self

export_getRegisteredUsers(validSecondsRequired=0)

Get the list of users who have a valid proxy in the system

Parameters:

validSecondsRequired (int) – required seconds the proxy is valid for

Returns:

S_OK(list)/S_ERROR() – list contain dicts with user name, DN, group expiration time, persistent flag

export_getStoredProxyStrength(userDN, userGroup=None, vomsAttr=None)

Return the strength in bit of the stored proxy

Parameters:
  • userDN – DN of the user

  • userGroup – group of the user

  • vomsAttr – VOMS attr we plan to add on the proxy

export_getUserProxiesInfo()

Get the info about the user proxies in the system

Returns:

S_OK(dict)

export_getVOMSProxy(userDN, userGroup, requestPem, requiredLifetime, vomsAttribute=None)

Get a proxy for a userDN/userGroup

Parameters:
  • requestPem – PEM encoded request object for delegation

  • requiredLifetime – Argument for length of proxy

  • vomsAttribute

    VOMS attr to add to the proxy

    • Properties :
      • FullDelegation <- permits full delegation of proxies

      • LimitedDelegation <- permits downloading only limited proxies

      • PrivateLimitedDelegation <- permits downloading only limited proxies for one self

export_getVOMSProxyWithToken(userDN, userGroup, requestPem, requiredLifetime, token, vomsAttribute=None)

Get a proxy for a userDN/userGroup

Parameters:
  • requestPem – PEM encoded request object for delegation

  • requiredLifetime – Argument for length of proxy

  • vomsAttribute

    VOMS attr to add to the proxy

    • Properties :
      • FullDelegation <- permits full delegation of proxies

      • LimitedDelegation <- permits downloading only limited proxies

      • PrivateLimitedDelegation <- permits downloading only limited proxies for one self

export_requestDelegationUpload(requestedUploadTime=None)

Request a delegation. Send a delegation request to client

Returns:

S_OK(dict)/S_ERROR() – dict contain id and proxy as string of the request

export_setPersistency(userDN, userGroup, persistentFlag)

Set the persistency for a given dn/group

Parameters:
  • userDN (str) – user DN

  • userGroup (str) – DIRAC group

  • persistentFlag (boolean) – if proxy persistent

Returns:

S_OK()/S_ERROR()

classmethod initializeHandler(serviceInfoDict)
types_completeDelegationUpload = [<class 'int'>, <class 'str'>]
types_deleteProxy = [(<class 'list'>, <class 'tuple'>)]
types_deleteProxyBundle = [(<class 'list'>, <class 'tuple'>)]
types_generateToken = [<class 'str'>, <class 'str'>, <class 'int'>]
types_getContents = [<class 'dict'>, (<class 'list'>, <class 'tuple'>), <class 'int'>, <class 'int'>]
types_getLogContents = [<class 'dict'>, (<class 'list'>, <class 'tuple'>), <class 'int'>, <class 'int'>]
types_getProxy = [<class 'str'>, <class 'str'>, <class 'str'>, <class 'int'>]
types_getProxyWithToken = [<class 'str'>, <class 'str'>, <class 'str'>, <class 'int'>, <class 'str'>]
types_getRegisteredUsers = []
types_getStoredProxyStrength = [<class 'str'>, <class 'str'>, [<class 'str'>, <class 'NoneType'>, <class 'bool'>]]
types_getUserProxiesInfo = []
types_getVOMSProxy = [<class 'str'>, <class 'str'>, <class 'str'>, <class 'int'>, [<class 'str'>, <class 'NoneType'>, <class 'bool'>]]
types_getVOMSProxyWithToken = [<class 'str'>, <class 'str'>, <class 'str'>, <class 'int'>, [<class 'str'>, <class 'NoneType'>]]
types_requestDelegationUpload = []
types_setPersistency = [<class 'str'>, <class 'str'>, <class 'bool'>]