Software Links
Getting Started
- Doc Structure
- A Globus Primer
- Globus Is Modular!
- Quickstart
- Installing GT
- Platform Notes
- Migrating from GT2
- Migrating from GT3
Reference
- PDF version
- Best Practices
- Coding Guidelines
- API docs
- Public Interfaces
- Resource Properties
- Samples
- Glossary
- Performance Studies
Common Runtime
Security
Data Mgt
Information Svcs
Execution Mgt
Table of Contents
The Workspace Management Service allows a Grid client to dynamically create and manage a workspace, currently implemented as a Unix account, on a remote site. The infrastructure is composed of a factory service that allows an authorized Grid client to create individual accounts or groups of accounts, and an account service that allows an authorized Grid client to manage individual account properties, such as account access policy or time to live (TTL). These concepts are represented as WSRF services and implemented using the GT4 implementation of WSRF.
The workspace service code consists of a front-end implementing protocols for the creation and management of workspaces and a back-end implementation. Workspace creation and management can be implemented in different ways according to site policies and preferences. At this point, our implementation supports two such of such "back-ends": (1) true dynamic creation using the Unix "adduser" command, and (2) an account pooling implementation based on Andrew McNab's gridmapdir patch and the gLite LCMAPS system.
Features new in release GT 4.1.2:
- Authorized client can create and manage accounts dynamically.
- The service accepts VOMS credentials; attributes from VOMS credentials can be used for authorization as well as customization of accounts.
- Account assignment is authorized based on access control lists (ACLs) which can be DN-based or attribute-based.
- The account assignment back-end is implemented using an account pool: LCMAPS implementation is currently our primary account pooling implementation but we also support independent account pools and accounts created dynamically as needed.
- The account assignment back-end implements highly configurable account management including a modifiable account recycling process and account quarantine.
Other Supported Features
- None.
Deprecated Features
- None.
The following changes have occurred for Workspace Management Service since the last stable release, 4.0:
[summarize changes]
The following problems and limitations are known to exist for the Workspace Management Service (WMS) at the time of the 4.1.2 release:
WMS is in tech preview and as such it is not deemed as a "final product" at this stage.
The Workspace Management Service depends on the following GT components:
- Java WS Core
The Workspace Management Service depends on the following 3rd party software:
- LCMAPS (only for the LCMAPS back end)
- Java VOMS parsing libraries from the gLite cvs. A binary can be downloaded separately, see the administrator's guide.
Protocol changes since GT version 4.0:
- N/A as this is a new component.
API changes since GT version 4.0:
- N/A
Exception changes since GT version 4.0:
- N/A
Schema changes since GT version 4.0:
- N/A
Click here for more information about this component.