ProxyManagerHandler
ProxyManager is the implementation of the ProxyManagement service in the DISET framework
# Section to describe ProxyManager system
# https://dirac.readthedocs.org/en/latest/AdministratorGuide/Systems/Framework/ProxyManager/index.html
ProxyManager
{
Port = 9152
MaxThreads = 100
# Flag to use myproxy server
UseMyProxy = False
# Email to use as a sender for the expiration reminder
MailFrom = "proxymanager@diracgrid.org"
# Description of rules for access to methods
Authorization
{
Default = authenticated
getProxy = FullDelegation
getProxy += LimitedDelegation
getProxy += PrivateLimitedDelegation
getVOMSProxy = FullDelegation
getVOMSProxy += LimitedDelegation
getVOMSProxy += PrivateLimitedDelegation
getProxyWithToken = FullDelegation
getProxyWithToken += LimitedDelegation
getProxyWithToken += PrivateLimitedDelegation
getVOMSProxyWithToken = FullDelegation
getVOMSProxyWithToken += LimitedDelegation
getVOMSProxyWithToken += PrivateLimitedDelegation
getLogContents = ProxyManagement
setPersistency = ProxyManagement
}
}
- class DIRAC.FrameworkSystem.Service.ProxyManagerHandler.ProxyManagerHandler(handlerInitDict, trid)
Bases:
DIRAC.Core.DISET.RequestHandler.RequestHandler- __init__(handlerInitDict, trid)
Constructor
- Parameters
handlerInitDict (dictionary) – Information vars for the service
trid (object) – Transport to use
- auth_getUserProxiesInfo = ['authenticated']
- auth_ping = ['all']
- auth_refreshConfiguration = ['CSAdministrator']
- auth_whoami = ['all']
- export_completeDelegationUpload(requestId, pemChain)
Upload result of delegation
- export_deleteProxy(userDN, userGroup)
Delete a proxy from the DB
- export_deleteProxyBundle(idList)
delete a list of id’s
- static export_echo(data)
This method is used for testing performance of the service
- Parameters
data (str) – data to be sent back to the caller
- Returns
S_OK, Value is the input data
- export_generateToken(requesterDN, requesterGroup, tokenUses)
Generate tokens for proxy retrieval
- export_getContents(selDict, sortDict, start, limit)
Retrieve the contents of the DB
- export_getLogContents(selDict, sortDict, start, limit)
Retrieve the contents of the DB
- export_getProxy(userDN, userGroup, requestPem, requiredLifetime)
Get a proxy for a userDN/userGroup
- Parameters
requestPem – PEM encoded request object for delegation
requiredLifetime –
Argument for length of proxy
- Properties:
FullDelegation <- permits full delegation of proxies
LimitedDelegation <- permits downloading only limited proxies
PrivateLimitedDelegation <- permits downloading only limited proxies for one self
- export_getProxyWithToken(userDN, userGroup, requestPem, requiredLifetime, token)
Get a proxy for a userDN/userGroup
- Parameters
requestPem – PEM encoded request object for delegation
requiredLifetime – Argument for length of proxy
token –
Valid token to get a proxy
- Properties:
FullDelegation <- permits full delegation of proxies
LimitedDelegation <- permits downloading only limited proxies
PrivateLimitedDelegation <- permits downloading only limited proxies for one self
- export_getRegisteredUsers(validSecondsRequired=0)
Get the list of users who have a valid proxy in the system
- Parameters
validSecondsRequired (int) – required seconds the proxy is valid for
- Returns
S_OK(list)/S_ERROR() – list contain dicts with user name, DN, group expiration time, persistent flag
- export_getUserProxiesInfo()
Get the info about the user proxies in the system
- Returns
S_OK(dict)
- export_getVOMSProxy(userDN, userGroup, requestPem, requiredLifetime, vomsAttribute=None)
Get a proxy for a userDN/userGroup
- Parameters
requestPem – PEM encoded request object for delegation
requiredLifetime – Argument for length of proxy
vomsAttribute –
VOMS attr to add to the proxy
- Properties :
FullDelegation <- permits full delegation of proxies
LimitedDelegation <- permits downloading only limited proxies
PrivateLimitedDelegation <- permits downloading only limited proxies for one self
- export_getVOMSProxyWithToken(userDN, userGroup, requestPem, requiredLifetime, token, vomsAttribute=None)
Get a proxy for a userDN/userGroup
- Parameters
requestPem – PEM encoded request object for delegation
requiredLifetime – Argument for length of proxy
vomsAttribute –
VOMS attr to add to the proxy
- Properties :
FullDelegation <- permits full delegation of proxies
LimitedDelegation <- permits downloading only limited proxies
PrivateLimitedDelegation <- permits downloading only limited proxies for one self
- export_ping()
- static export_refreshConfiguration(fromMaster)
Force refreshing the configuration data
- Parameters
fromMaster (bool) – flag to refresh from the master configuration service
- export_requestDelegationUpload(requestedUploadTime, diracGroup=None)
Request a delegation. Send a delegation request to client
- Parameters
requestedUploadTime (int) – requested live time
- Returns
S_OK(dict)/S_ERROR() – dict contain id and proxy as string of the request
- export_setPersistency(userDN, userGroup, persistentFlag)
Set the persistency for a given dn/group
- export_whoami()
A simple whoami, returns all credential dictionary, except certificate chain object.
- classmethod getCSOption(optionName, defaultValue=False)
Get an option from the CS section of the services
- Returns
Value for serviceSection/optionName in the CS being defaultValue the default
- getRemoteAddress()
Get the address of the remote peer.
- Returns
Address of remote peer.
- getRemoteCredentials()
Get the credentials of the remote peer.
- Returns
Credentials dictionary of remote peer.
- initialize()
Initialize this instance of the handler (to be overwritten)
- classmethod initializeHandler(serviceInfoDict)
- srv_disconnect(trid=None)
- classmethod srv_disconnectClient(trid)
- srv_getActionTuple()
- classmethod srv_getCSOption(optionName, defaultValue=False)
Get an option from the CS section of the services
- Returns
Value for serviceSection/optionName in the CS being defaultValue the default
- srv_getClientSetup()
- srv_getClientVO()
- srv_getClientVersion()
- srv_getFormattedRemoteCredentials()
- classmethod srv_getMonitor()
- srv_getRemoteAddress()
Get the address of the remote peer.
- Returns
Address of remote peer.
- srv_getRemoteCredentials()
Get the credentials of the remote peer.
- Returns
Credentials dictionary of remote peer.
- classmethod srv_getServiceName()
- srv_getTransportID()
- classmethod srv_getURL()
- classmethod srv_msgCreate(msgName)
- srv_msgReply(msgObj)
- classmethod srv_msgSend(trid, msgObj)
- transfer_bulkFromClient(bulkId, token, bulkSize, fileHelper)
- transfer_bulkToClient(bulkId, token, fileHelper)
- transfer_fromClient(fileId, token, fileSize, fileHelper)
- transfer_listBulk(bulkId, token, fileHelper)
- transfer_toClient(fileId, token, fileHelper)
- types_completeDelegationUpload = [(<class 'int'>,), (<class 'str'>,)]
- types_deleteProxy = [(<class 'list'>, <class 'tuple'>)]
- types_deleteProxyBundle = [(<class 'list'>, <class 'tuple'>)]
- types_echo = [(<class 'str'>,)]
- types_generateToken = [(<class 'str'>,), (<class 'str'>,), (<class 'int'>,)]
- types_getContents = [<class 'dict'>, (<class 'list'>, <class 'tuple'>), (<class 'int'>,), (<class 'int'>,)]
- types_getLogContents = [<class 'dict'>, (<class 'list'>, <class 'tuple'>), (<class 'int'>,), (<class 'int'>,)]
- types_getProxy = [(<class 'str'>,), (<class 'str'>,), (<class 'str'>,), (<class 'int'>,)]
- types_getProxyWithToken = [(<class 'str'>,), (<class 'str'>,), (<class 'str'>,), (<class 'int'>,), (<class 'str'>,)]
- types_getRegisteredUsers = []
- types_getUserProxiesInfo = []
- types_getVOMSProxy = [(<class 'str'>,), (<class 'str'>,), (<class 'str'>,), (<class 'int'>,), [(<class 'str'>,), <class 'NoneType'>, <class 'bool'>]]
- types_getVOMSProxyWithToken = [(<class 'str'>,), (<class 'str'>,), (<class 'str'>,), (<class 'int'>,), [(<class 'str'>,), <class 'NoneType'>]]
- types_ping = []
- types_refreshConfiguration = [<class 'bool'>]
- types_requestDelegationUpload = [(<class 'int'>,)]
- types_setPersistency = [(<class 'str'>,), (<class 'str'>,), <class 'bool'>]
- types_whoami = []