AAASwitch UZH7 Portal

AAASwitch_UZH7_Portal

UZH.7 Integration of Chemistry applications with the Swiss Grid Portal

Project Plan

Milestone Title Date Dure Comment

WP3.1

Kick-off meeting of the project

01.07.2009

Done

WP1.1

Analysing the application use cases based on selected quantum chemistry applications.

01.08.2009

Use cases mapped in portal functionalities and modules.

WP1.2

Detailed User Interface design

01.09.2009

This UI will be then realized on selected portal.

WP2.1

Identification of support for customizable workflows.

01.09.2009

WP2.2

Test portal prototype

01.10.2009

Bare services. Synergy expected from Grid Portal project (USI.3)

WP1.3

Detailed application Workflow design

01.10.2009

To be realized on the selected portal.

WP1.4

Identification of requirements for data management

01.11.2009

To be realized through common data representation

WP2.3

Building, validation and testing of workflows on real use cases

01.12.2009

WP3.2

Internal project review

01.12.2009

WP2.4

Quantum chemistry application accessible via the portal.

01.02.2010

WP2.5

Identification of high-throughput workflows requirements.

01.04.2010

WP2.6

Portal open to early users

01.05.2010

User group selected from UZH

WP2.7

Building, validation and testing of high-throughput workflows.

01.06.2010

WP3.3

Final project report

31.07.2010

Portal Node Details

The authZ-protected material is at:

 http://idgc3grid03.uzh.ch/restricted

which corresponds to local directory /var/www/restricted.

The default page index.php just says "Hello, " to show that it got the username correct. You can also have a look at the environment that the web server provides to PHO and CGI scripts at:

  http://idgc3grid03.uzh.ch/restricted/env.cgi

Directory /var/www/restricted contains all the files needed to enable HTTP digest authentication on a set of pages: the apache config is in file "restricted.conf", the user passwd file is "htpasswd.digest".

(In a production setup, those files should never be in a web-accessible location, but for now it's more convenient to have them all in a single place.)

Only registered users can connect.

To add a new user:

 idgc3grid03# cd /var/www/restricted

 idgc3grid03# htdigest /var/www/restricted/htpasswd.digest "restricted

area" username

Note:

the "htpasswd" command behaves just like the UNIX "passwd" command: it will interactively prompt for the new passwd.
"restricted area" is the realm name and must match the realm name given in file "restricted.conf"

Please use "umask 002" when you edit files in the /var/www/restricted directory, so the files stay editable also by others.

I have used HTTP digest auth since (at least) it does not send cleartext passwords over the wire, but don't use valuable passwords in the "htpasswd" above. Production deployment should always use SSL for auth.

As for the JOpera connection, this should likely happen on

  http://localhost:8080/...

The port may change when we deploy to production, better make it a configurable parameter, but the host will likely stay "localhost" (since JOpera does not provide any authZ setting, it should not be reachable from the net.)