...
StoRM WebDAV also supports OpenID connect authentication and authorization on storage areas, so tokens can be used instead of proxies [2319]. Dedicated IAM (Identity and Access Management) instances can be configured for the experiments upon requests (please ocntact contact the user support).
As currently StoRM WebDAV does not support group-based authorization, for such use-case we provide a dedicated Apache server and a catch-all IAM instance available at iam-computing.cloud.cnaf.infn.it, where registered users are assigned to specific groups.
...
A few useful commands follow , and more info are available in the wiki [25].20].
With a valid voms-proxy:
-bash-4.2$ voms-proxy-init --voms dteam
Enter GRID pass phrase for this identity:
Contacting voms2.hellasgrid.gr:15004 [/C=GR/O=HellasGrid/OU=hellasgrid.gr/CN=voms2.hellasgrid.gr] "dteam"...
Remote VOMS server contacted succesfully.
Created proxy in /tmp/x509up_u10162.
Your proxy is valid until Thu Aug 20 00:22:39 CEST 2020
-bash-4.2$ voms-proxy-info --all
subject : /DC=org/DC=terena/DC=tcs/C=IT/O=Istituto Nazionale di Fisica Nucleare/CN=Andrea Rendina arendina@infn.it/CN=1933593968
issuer : /DC=org/DC=terena/DC=tcs/C=IT/O=Istituto Nazionale di Fisica Nucleare/CN=Andrea Rendina arendina@infn.it
identity : /DC=org/DC=terena/DC=tcs/C=IT/O=Istituto Nazionale di Fisica Nucleare/CN=Andrea Rendina arendina@infn.it
type : RFC3820 compliant impersonation proxy
strength : 1024
path : /tmp/x509up_u10162
timeleft : 11:59:11
key usage : Digital Signature, Key Encipherment
=== VO dteam extension information ===
VO : dteam
subject : /DC=org/DC=terena/DC=tcs/C=IT/O=Istituto Nazionale di Fisica Nucleare/CN=Andrea Rendina arendina@infn.it
issuer : /C=GR/O=HellasGrid/OU=hellasgrid.gr/CN=voms2.hellasgrid.gr
attribute : /dteam/Role=NULL/Capability=NULL
timeleft : 11:59:10
uri : voms2.hellasgrid.gr:15004
Listing directory
-bash-4.2$ davix-ls -P grid https://xfer.cr.cnaf.infn.it:8443/dteam/
smoke-test-storage-ops.cr.cnaf.infn.it-113972
smoke-test-storage-ops.cr.cnaf.infn.it-23261Upload
-bash-4.2$ davix-put -P grid /home/USER-SUPPORT/arendina/sleep.sub https://xfer.cr.cnaf.infn.it:8443/dteam/andrea1908
-bash-4.2$ davix-ls -P grid https://xfer.cr.cnaf.infn.it:8443/dteam/
smoke-test-storage-ops.cr.cnaf.infn.it-113972
smoke-test-storage-ops.cr.cnaf.infn.it-23261
andrea1908Download
-bash-4.2$ davix-get -P grid https://xfer.cr.cnaf.infn.it:8443/dteam/andrea1908 copia_andrea_locale
- Removing a file
-bash-4.2$ davix-rm -P grid https://xfer.cr.cnaf.infn.it:8443/dteam/andrea1908
With an access token:
- Upload the test.txt file into the asfin storage area:
$ davix-put test.txt -H "Authorization: Bearer ${AT}" https://ds-814.cr.cnaf.infn.it:8443/asfin/test_elena
- Show the contents of the storage area:
$ davix-ls -H "Authorization: Bearer ${AT}" https://ds-814.cr.cnaf.infn.it:8443/asfin/
test_elena
.snapshots - Download file from storage area:
$ davix-get -H "Authorization: Bearer ${AT}" https://ds-814.cr.cnaf.infn.it:8443/asfin/test_elena local_copy
Performing Read operation on: https://ds-814.cr.cnaf.infn.it:8443/asfin/test_elena
[=========================] 100% 654KiB/654KiB 0B/s
...