The VOMS SAML codebase developed during the OMII project has been
integrated into the codebase. Now VOMS Admin exposes a service,
called VOMSSaml that can be used to obtain a SAML assertion
containing signed VOMS attributes.
Since the VOMS SAML Attribute authority (AA) needs to sign the
issued assertions, when configuring the service you should
define which X509 certificate and private key will be used
for signing.
The validity of issued attribute assertions can be limited
with the
voms.saml.max_assertion_lifetime
service property.
The voms-admin-configure script has been extended to support
flags to set these properties at configuration time.
Type voms-admin-configure --help for more information.
VOMS SAML makes extensive use of the OpenSAML library,
which requires a recent version of java xml parsing tools installed
in your Java Runtime Environment.
The VOMS Admin distribution provides the jars you need
to make your tomcat installation OpenSAML compliant. You just
need to issue the following command:
cp $GLITE_LOCATION/share/voms-admin/endorsed/*.jar $CATALINA_HOME/common/endorsed
lcg-vomscerts-5.6.0 adds new cert for voms.fnal.gov and removes old certs for voms.fnal.gov, voms.cern.ch and voms-pilot.cern.ch
| Number | Description |
|
#23762 |
FTS: info provider script does not check sqlplus return code |
|
#24749 |
FTS: aborted glite-url-copy in CERN-PIC should print meaningful error messages |
|
#25776 |
/opt/glite/etc/glite-data-transfer-agents.d/*.properties.xml - incorrect files permissions |
|
#26548 |
/tmp/tmp.*/*.properties* files are left after configuration and have incorrect permissions |
|
#28212 |
FTS: glite-transfer-status manpage doesn't desrcibe the --verbose option |
|
#31161 |
Problem with DB commit |
|
#31169 |
FTS agents must avoid myproxy bind error |
|
#32360 |
glite-sd2cache error |
|
#32483 |
Make the channel configuration parameters available through glite-transfer-channel-list |
|
#33607 |
UI 3.1 : glite-delegation-init man page is missing |
|
#33641 |
[delegation] corrupted proxies after delegation |
|
#33652 |
FTS unable to handle multiple space tokens. |
|
#33895 |
FTS RFE: split gridftp/SRM interaction |
|
#35207 |
sd2cache script |
|
#35601 |
config-service: XML namespace for service configuration |
|
#35602 |
config-service: schema validation |
|
#35721 |
FTA: log SRM IP address |
|
#35745 |
FTA: smarter timeouts in transfer-url-copy |
|
#35747 |
config-service: easier to read parameters |
|
#35750 |
FTS+FTA: log review |
|
#35752 |
FTA: check unused parameters in YAIM |
|
#36854 |
Error message not correctly filled for srmcopy transfers |
|
#37018 |
FTS: request for option to skip files on tape |
|
#37125 |
Remove use of CategoryStream::ENDLINE from FTS modules |
|
#37327 |
logging to syslog as well |
|
#37530 |
FTS Transfer Agents: improve stub transfer service |
|
#37700 |
FTS: remove dependency from srm-cli |
|
#37899 |
FTS: passing extra transfer parameters (WLCG reqs) |
|
#38091 |
FTA: channel timeout parameters |
|
#38102 |
FTS: client tools for channel timeout parameters |
|
#38316 |
wrong error message on srmPrepareToPut failure |
|
#38362 |
FTA - Refactor channel share query |
|
#38363 |
FTS - move history into the schema |
|
#38515 |
FTS GIP: GlueServiceUniqueID and GlueServiceName not prefixed with "glite-data-transfer-fts" |
|
#38780 |
org.glite.data.transfer-fts: remove unused indexes from schema update script |
|
#39614 |
FTS: glite-sd2cache should update at a higher frequency |
|
#39626 |
new VO user request expiration time |
|
#39785 |
voms-admin --help-commands has output that is too wide |
|
#39819 |
Segmentation fault in glite-transfer-channel-audit |
|
#39821 |
error in share calculations |
|
#39992 |
FTS always uses fullDetailedList=true in srmLs operations |
|
#40372 |
Illegal whitespace in address error in VOMS when one of the admins has more than one e-mail address |
|
#40947 |
FTA: timeouts should not apply to files likely to complete |
|
#41682 |
glite-transfer-submit: wrong handling of 'dest' option |
|
#42536 |
voms-admin CLI argument parsing not failure resilient |
|
#42579 |
[FTS] Only active channels shall be published in BDII |
|
#42593 |
improve error message "Failed to start a new transfer: no glite-url-copy-execfoundin $GLITE_LOCATION" |
|
#42939 |
[VOMS-ADMIN] upgrade procedure needs workaround |
|
#43159 |
Add information about file locality in error message if srmPrepareToGet times out |
|
#43173 |
voms-admin to easily allow browsing of users/groups/roles for authorised users even when registration is disabled |
|
#43533 |
Error reported under the wrong category |
|
#43927 |
FTS 2.1 not returning errors |
|
#44332 |
Add a --skip-voms-core to voms-admin-configure |
|
#44920 |
urlcopy transfers are retried if the gridftp error message is 'no such file or directory' |
|
#44950 |
channel agents should fill the 'transfer_type' parameter in the database |
|
#45166 |
Add specific categories for the different marker timeouts. |
|
#45167 |
Provide a CLI for group management |
|
#46144 |
[VOMS ADMIN] NullPointerException caught when setting a user generic attribute value |
|
#46431 |
FTS: RFE transfer-status should report 'not found' |
|
#46530 |
FTS RFE: purge old entries from the history table |
|
#47948 |
glite-sd2cache intermediate and backup files |
|
#48193 |
Remove glite-transfer-discovery and glite-transfer-submit-placement tools |
|
#48585 |
schema update script from 3.3.0 to 3.4.0 does not create x_purge_jobids and x_purge_fileids tables. |
|
#48680 |
Incorrect permissions on transfer-agents configuration files |
|
#48684 |
transfer-cli should obsolete transter-api-c and srm-cli packages |
|
#50152 |
Sql scripts should exit the execution automatically |
|
#50156 |
ClassNotFoundException: org.apache.tomcat.dbcp.dbcp.BasicDataSourceFactory |
|
#51328 |
oracle-upgrade_3.3.0-3.4.0.sql typo |
