ProxyManagerHandler

ProxyManager is the implementation of the ProxyManagement service in the DISET framework

ProxyManager options
# Section to describe ProxyManager system
# https://dirac.readthedocs.org/en/latest/AdministratorGuide/Systems/Framework/ProxyManager/index.html
ProxyManager
{
  Port = 9152
  MaxThreads = 100
  # Flag to use myproxy server
  UseMyProxy = False
  # Description of rules for access to methods
  Authorization
  {
    Default = authenticated
    getProxy = FullDelegation
    getProxy += LimitedDelegation
    getProxy += PrivateLimitedDelegation
    getVOMSProxy = FullDelegation
    getVOMSProxy += LimitedDelegation
    getVOMSProxy += PrivateLimitedDelegation
    getProxyWithToken = FullDelegation
    getProxyWithToken += LimitedDelegation
    getProxyWithToken += PrivateLimitedDelegation
    getVOMSProxyWithToken = FullDelegation
    getVOMSProxyWithToken += LimitedDelegation
    getVOMSProxyWithToken += PrivateLimitedDelegation
    getLogContents = ProxyManagement
    setPersistency = ProxyManagement
  }
}
class DIRAC.FrameworkSystem.Service.ProxyManagerHandler.ProxyManagerHandler(handlerInitDict, trid)

Bases: DIRAC.Core.DISET.RequestHandler.RequestHandler

__init__(handlerInitDict, trid)

Constructor

Parameters
  • handlerInitDict (dictionary) – Information vars for the service

  • trid (object) – Transport to use

auth_getUserProxiesInfo = ['authenticated']
auth_ping = ['all']
auth_refreshConfiguration = ['CSAdministrator']
auth_whoami = ['all']
export_completeDelegationUpload(requestId, pemChain)

Upload result of delegation

Parameters
  • requestId (int) – identity number

  • pemChain (str) – certificate as string

Returns

S_OK(dict)/S_ERROR() – dict contain proxies

export_deleteProxy(userDN, userGroup)

Delete a proxy from the DB

Parameters
  • userDN (str) – user DN

  • userGroup (str) – DIRAC group

Returns

S_OK()/S_ERROR()

export_deleteProxyBundle(idList)

delete a list of id’s

Parameters

idList (list,tuple) – list of identity numbers

Returns

S_OK(int)/S_ERROR()

static export_echo(data)

This method is used for testing performance of the service

Parameters

data (str) – data to be sent back to the caller

Returns

S_OK, Value is the input data

export_generateToken(requesterDN, requesterGroup, tokenUses)

Generate tokens for proxy retrieval

Parameters
  • requesterDN (str) – user DN

  • requesterGroup (str) – DIRAC group

  • tokenUses (int) – number of uses

Returns

S_OK(tuple)/S_ERROR() – tuple contain token, number uses

export_getContents(selDict, sortDict, start, limit)

Retrieve the contents of the DB

Parameters
  • selDict (dict) – selection fields

  • sortDict (list,tuple) – sorting fields

  • start (int) – search limit start

  • start – search limit amount

Returns

S_OK(dict)/S_ERROR() – dict contain fields, record list, total records

export_getLogContents(selDict, sortDict, start, limit)

Retrieve the contents of the DB

Parameters
  • selDict (dict) – selection fields

  • sortDict (list,tuple) – search filter

  • start (int) – search limit start

  • start – search limit amount

Returns

S_OK(dict)/S_ERROR() – dict contain fields, record list, total records

export_getProxy(userDN, userGroup, requestPem, requiredLifetime)

Get a proxy for a userDN/userGroup

Parameters
  • requestPem – PEM encoded request object for delegation

  • requiredLifetime

    Argument for length of proxy

    • Properties:
      • FullDelegation <- permits full delegation of proxies

      • LimitedDelegation <- permits downloading only limited proxies

      • PrivateLimitedDelegation <- permits downloading only limited proxies for one self

export_getProxyWithToken(userDN, userGroup, requestPem, requiredLifetime, token)

Get a proxy for a userDN/userGroup

Parameters
  • requestPem – PEM encoded request object for delegation

  • requiredLifetime – Argument for length of proxy

  • token

    Valid token to get a proxy

    • Properties:
      • FullDelegation <- permits full delegation of proxies

      • LimitedDelegation <- permits downloading only limited proxies

      • PrivateLimitedDelegation <- permits downloading only limited proxies for one self

export_getRegisteredUsers(validSecondsRequired=0)

Get the list of users who have a valid proxy in the system

Parameters

validSecondsRequired (int) – required seconds the proxy is valid for

Returns

S_OK(list)/S_ERROR() – list contain dicts with user name, DN, group expiration time, persistent flag

export_getUserProxiesInfo()

Get the info about the user proxies in the system

Returns

S_OK(dict)

export_getVOMSProxy(userDN, userGroup, requestPem, requiredLifetime, vomsAttribute=None)

Get a proxy for a userDN/userGroup

Parameters
  • requestPem – PEM encoded request object for delegation

  • requiredLifetime – Argument for length of proxy

  • vomsAttribute

    VOMS attr to add to the proxy

    • Properties :
      • FullDelegation <- permits full delegation of proxies

      • LimitedDelegation <- permits downloading only limited proxies

      • PrivateLimitedDelegation <- permits downloading only limited proxies for one self

export_getVOMSProxyWithToken(userDN, userGroup, requestPem, requiredLifetime, token, vomsAttribute=None)

Get a proxy for a userDN/userGroup

Parameters
  • requestPem – PEM encoded request object for delegation

  • requiredLifetime – Argument for length of proxy

  • vomsAttribute

    VOMS attr to add to the proxy

    • Properties :
      • FullDelegation <- permits full delegation of proxies

      • LimitedDelegation <- permits downloading only limited proxies

      • PrivateLimitedDelegation <- permits downloading only limited proxies for one self

export_ping()
static export_refreshConfiguration(fromMaster)

Force refreshing the configuration data

Parameters

fromMaster (bool) – flag to refresh from the master configuration service

export_requestDelegationUpload(requestedUploadTime, diracGroup=None)

Request a delegation. Send a delegation request to client

Parameters

requestedUploadTime (int) – requested live time

Returns

S_OK(dict)/S_ERROR() – dict contain id and proxy as string of the request

export_setPersistency(userDN, userGroup, persistentFlag)

Set the persistency for a given dn/group

Parameters
  • userDN (str) – user DN

  • userGroup (str) – DIRAC group

  • persistentFlag (boolean) – if proxy persistent

Returns

S_OK()/S_ERROR()

export_whoami()

A simple whoami, returns all credential dictionary, except certificate chain object.

classmethod getCSOption(optionName, defaultValue=False)

Get an option from the CS section of the services

Returns

Value for serviceSection/optionName in the CS being defaultValue the default

getRemoteAddress()

Get the address of the remote peer.

Returns

Address of remote peer.

getRemoteCredentials()

Get the credentials of the remote peer.

Returns

Credentials dictionary of remote peer.

initialize()

Initialize this instance of the handler (to be overwritten)

classmethod initializeHandler(serviceInfoDict)
srv_disconnect(trid=None)
classmethod srv_disconnectClient(trid)
srv_getActionTuple()
classmethod srv_getCSOption(optionName, defaultValue=False)

Get an option from the CS section of the services

Returns

Value for serviceSection/optionName in the CS being defaultValue the default

srv_getClientSetup()
srv_getClientVO()
srv_getClientVersion()
srv_getFormattedRemoteCredentials()
classmethod srv_getMonitor()
srv_getRemoteAddress()

Get the address of the remote peer.

Returns

Address of remote peer.

srv_getRemoteCredentials()

Get the credentials of the remote peer.

Returns

Credentials dictionary of remote peer.

classmethod srv_getServiceName()
srv_getTransportID()
classmethod srv_getURL()
classmethod srv_msgCreate(msgName)
srv_msgReply(msgObj)
classmethod srv_msgSend(trid, msgObj)
transfer_bulkFromClient(bulkId, token, bulkSize, fileHelper)
transfer_bulkToClient(bulkId, token, fileHelper)
transfer_fromClient(fileId, token, fileSize, fileHelper)
transfer_listBulk(bulkId, token, fileHelper)
transfer_toClient(fileId, token, fileHelper)
types_completeDelegationUpload = [(<class 'int'>,), (<class 'str'>,)]
types_deleteProxy = [(<class 'list'>, <class 'tuple'>)]
types_deleteProxyBundle = [(<class 'list'>, <class 'tuple'>)]
types_echo = [(<class 'str'>,)]
types_generateToken = [(<class 'str'>,), (<class 'str'>,), (<class 'int'>,)]
types_getContents = [<class 'dict'>, (<class 'list'>, <class 'tuple'>), (<class 'int'>,), (<class 'int'>,)]
types_getLogContents = [<class 'dict'>, (<class 'list'>, <class 'tuple'>), (<class 'int'>,), (<class 'int'>,)]
types_getProxy = [(<class 'str'>,), (<class 'str'>,), (<class 'str'>,), (<class 'int'>,)]
types_getProxyWithToken = [(<class 'str'>,), (<class 'str'>,), (<class 'str'>,), (<class 'int'>,), (<class 'str'>,)]
types_getRegisteredUsers = []
types_getUserProxiesInfo = []
types_getVOMSProxy = [(<class 'str'>,), (<class 'str'>,), (<class 'str'>,), (<class 'int'>,), [(<class 'str'>,), <class 'NoneType'>, <class 'bool'>]]
types_getVOMSProxyWithToken = [(<class 'str'>,), (<class 'str'>,), (<class 'str'>,), (<class 'int'>,), [(<class 'str'>,), <class 'NoneType'>]]
types_ping = []
types_refreshConfiguration = [<class 'bool'>]
types_requestDelegationUpload = [(<class 'int'>,)]
types_setPersistency = [(<class 'str'>,), (<class 'str'>,), <class 'bool'>]
types_whoami = []