Patrick West wrote:
OPeNDAP/G (Gridded OPeNDAP) currently does not support X509 certificates
or authentication. The BES does currently support X509 authentication
during connection using SSL. And we are currently developing
modifications in the BES to allow for secure connections and secure
requests to be sent to the BES, allowing clients to pass along security
certificates and store them in the BES to be used on behalf of the
client for authorization purposes. This will be especially useful in a
gridded environment or where the BES is working in paralellel with other
BES processes to handle requests. A module can be written and
dynamically loaded into the BES to handle authorization. There is no
generic authorization in the BES.
I personally haven't tried it, but since the front-end of Hyrax is a
tomcat servlet that you can utilize any authentication within tomcat, as
is mentioned in another email.
To my knowledge, the only client of the BES that supports SSL
authentication is the bescmdln (BES Command Line) client, which is
mostly a testing client. We are developing a Globus module for the Earth
System Grid project that will use the BES authentication.
The CEDAR project at UCAR developed a BES plugin to handle simple user
authentication, as well as additional response types and a reporting
mechanism for data usage tracking.
Patrick West
Rensselaer Polytechnic Institute
Tetherless World Constellation
http://tw.rpi.edu
Hi Patrick:
Could you explain the relationship of a "BES client" vs an "OPeNDAP client" ?
Is this the same?
