| ||||||||||||
Workspace Management ServiceIntroductionThe Workspace Management Service dynamic allows a Grid client to dynamically create and manage a workspace, currently implemented as a Unix account, on a remote site. The infrastructure is composed of a factory service that allows an authorized Grid client to create individual accounts or groups of accounts, and an account service that allows an authorized Grid client to manage individual account properties, such as account access policy or time to live (TTL). These concepts are represented as WSRF services and implemented using the GT4 implementation of WSRF. Further details on workspace service design can be found here (todo: link design document). The code is composed of a front-end implementing protocols for the creation and management of workspaces and a back-end implementation. Workspace creation and management can be implemented in different ways according to site policies and preferences. At this point, our implementation supports two kinds of such "back-ends": (1) true dynamic creation using the Unix "adduser" command, and (2) account pooling implementations, one based on Andrew McNab's gridmapdir patch and another based on the LCMAPS implementation. We anticipate three kinds of users of this system:
If you are interested in our work on different workspace implementations, more information can be found in the following two publications:
In addition, a page listing the current research related to dynamic accounts can be found here (work in progress). ContactFor support questions please email majordomo@globus.org with body: "subscribe workspace-support" to sign up for the support discussion list. LicenseThis software is licensed under the terms of the Globus Toolkit Public License. This software includes software developed by the EU DataGrid. The poolindex software borrows procedures from the LCMAPS credential mapping service by Martijn Steenbakkers and David Groep (NIKHEF Amsterdam, the Netherlands). For license conditions see the license. |