Software Links
Getting Started
- Doc Structure
- A Globus Primer
- Globus Is Modular!
- Quickstart
- Installing GT
- Platform Notes
- Migrating from GT2
- Migrating from GT3
Reference
- PDF version
- Best Practices
- Coding Guidelines
- API docs
- Public Interfaces
- Resource Properties
- Samples
- Glossary
- Performance Studies
Common Runtime
Security
Data Mgt
Information Svcs
Execution Mgt
Name
globus-delegation-client — C Delegation client
Synopsis
globus-delegation-client [OPTION...] {SERVICE-SPECIFIER} {{EPR-FILENAME} | {-refresh}}
Description
Create or refresh delegated credentials in a service container. If the -refresh option is specified on the command-line, then the credential associated with an existing DelegationService resource is updated with a new credential. Otherwise, the SERVICE-SPECIFIER is interpreted as a DelegationFactoryService and a new DelegationService resource is created.
Command syntax
globus-delegation-client [OPTION...] {SERVICE-SPECIFIER} {{EPR-FILENAME} | {-refresh}}
SERVICE-SPECIFIER: [-s URI [-k KEY VALUE] | -e FILENAME]
EPR-FILENAME: Name of file to store EPR of new delegated credential.
Table 61. Common options
| -a | --anonymous |
Use anonymous authentication. Requires either -m 'conv' or transport (https) security. |
| -d, --debug |
Enables debug mode. In debug mode, all SOAP messages will be displayed to stderr and full WSRF Fault messages will be displayed. |
| -e | --eprFile FILENAME |
Load service EPR from FILENAME. This EPR is used to contact the WSRF service. |
| -h | --help |
Displays help information about the command. |
| -k | --key KEYNAME VALUE |
Set resource key in the service EPR to be named KEYNAME with VALUE as its value. This can be combined with -s to construct an EPR without having an xml file on hand. The KEYNAME is a QName string in the format {namespaceURI}localPart. while the VALUE is a literal string to place in the element. For example, the option -k '{http://www.globus.org}MyKey' 128 would be rendered as <MyKey xmlns="http://www.globus.org">128</MyKey> |
| -m, --securityMech TYPE |
Set authentication mechanism. TYPE is one of msg for WS-SecureMessage or conv for WS-SecureConversation. |
| -p, --protection LEVEL |
Set message protection level. LEVEL is one of sig for digital signature or enc for encryption. The default is 'sig'. |
| -s | --service ENDPOINT |
Set ENDPOINT the service URL to use. Will be composed with the -k parameter if present to add ReferenceProperties to the ENDPOINT |
| -t | --timeout SECONDS |
Set client timeout to SECONDS. |
| -u | --usage |
Print short usage message. |
| -V | --version |
Show version information and exit. |
| -v | --certKeyFiles CERTIFICATE-FILENAME KEY-FILENAME |
Use credentials located in CERTIFICATE-FILENAME and KEY-FILENAME. The key file must be unencrypted. |
| -x | --proxyFilename FILENAME |
Use proxy credentials located in FILENAME. |
| -z | --authorization TYPE |
Set authorization mode. TYPE can be self, host, none, or a string specifying the identity of the remote party. The default is self. |
| --versions |
Show version information for all loaded modules and exit. |
Examples
Create a new delegated credential resource and store the EPR of the resource in ~/.globus/delegation.epr
% globus-delegation-client -z host -s https://gridhost.virtual.org:8443/wsrf/services/DelegationFactoryService ~/delegation.eprRefresh the previously delegated credential
% globus-delegation-client -z host -e ~/delegation.epr -refreshDestroy the delegated credential
% globus-wsrf-destroy -z host -e ~/delegation.epr