Page History

...

StoRM WebDAV also supports OpenID connect authentication and authorization on storage areas, so tokens can be used instead of proxies [2319]. Dedicated IAM (Identity and Access Management) instances can be configured for the experiments upon requests (please ocntact contact the user support).

As currently StoRM WebDAV does not support group-based authorization, for such use-case we provide a dedicated Apache server and a catch-all IAM instance available at iam-computing.cloud.cnaf.infn.it, where registered users are assigned to specific groups.

...

A few useful commands follow , and more info are available in the wiki [25].20].

With a valid voms-proxy:

-bash-4.2$ voms-proxy-init --voms dteam
Enter GRID pass phrase for this identity:
Contacting voms2.hellasgrid.gr:15004 [/C=GR/O=HellasGrid/OU=hellasgrid.gr/CN=voms2.hellasgrid.gr] "dteam"...
Remote VOMS server contacted succesfully.


Created proxy in /tmp/x509up_u10162.

Your proxy is valid until Thu Aug 20 00:22:39 CEST 2020
-bash-4.2$ voms-proxy-info --all
subject : /DC=org/DC=terena/DC=tcs/C=IT/O=Istituto Nazionale di Fisica Nucleare/CN=Andrea Rendina arendina@infn.it/CN=1933593968
issuer : /DC=org/DC=terena/DC=tcs/C=IT/O=Istituto Nazionale di Fisica Nucleare/CN=Andrea Rendina arendina@infn.it
identity : /DC=org/DC=terena/DC=tcs/C=IT/O=Istituto Nazionale di Fisica Nucleare/CN=Andrea Rendina arendina@infn.it
type : RFC3820 compliant impersonation proxy
strength : 1024
path : /tmp/x509up_u10162
timeleft : 11:59:11
key usage : Digital Signature, Key Encipherment
=== VO dteam extension information ===
VO : dteam
subject : /DC=org/DC=terena/DC=tcs/C=IT/O=Istituto Nazionale di Fisica Nucleare/CN=Andrea Rendina arendina@infn.it
issuer : /C=GR/O=HellasGrid/OU=hellasgrid.gr/CN=voms2.hellasgrid.gr
attribute : /dteam/Role=NULL/Capability=NULL
timeleft : 11:59:10
uri : voms2.hellasgrid.gr:15004

• Listing directory

  -bash-4.2$ davix-ls -P grid https://xfer.cr.cnaf.infn.it:8443/dteam/
  smoke-test-storage-ops.cr.cnaf.infn.it-113972
  smoke-test-storage-ops.cr.cnaf.infn.it-23261
  
  

• Upload

  -bash-4.2$ davix-put -P grid /home/USER-SUPPORT/arendina/sleep.sub https://xfer.cr.cnaf.infn.it:8443/dteam/andrea1908
  -bash-4.2$ davix-ls -P grid https://xfer.cr.cnaf.infn.it:8443/dteam/
  smoke-test-storage-ops.cr.cnaf.infn.it-113972
  smoke-test-storage-ops.cr.cnaf.infn.it-23261
  andrea1908
  
  

• Download             

  -bash-4.2$ davix-get -P grid  https://xfer.cr.cnaf.infn.it:8443/dteam/andrea1908 copia_andrea_locale

  
  

• Removing a file
  

  -bash-4.2$ davix-rm -P grid https://xfer.cr.cnaf.infn.it:8443/dteam/andrea1908
  

With an access token:

• Upload the test.txt file into the asfin storage area:

  $ davix-put test.txt -H "Authorization: Bearer ${AT}" https://ds-814.cr.cnaf.infn.it:8443/asfin/test_elena

• Show the contents of the storage area:

  $ davix-ls -H "Authorization: Bearer ${AT}" https://ds-814.cr.cnaf.infn.it:8443/asfin/
  test_elena
  .snapshots

• Download file from storage area:

  $ davix-get -H "Authorization: Bearer ${AT}" https://ds-814.cr.cnaf.infn.it:8443/asfin/test_elena local_copy
  Performing Read operation on: https://ds-814.cr.cnaf.infn.it:8443/asfin/test_elena
  [=========================] 100% 654KiB/654KiB 0B/s

...