|
Home -> Toolkit -> Docs -> 4.2 -> 4.2.0 -> Rn
Could this page be better? Send us your feedback. |
|---|
Table of Contents
The GT development team is pleased to make its newest major release available for download.
Highlights of this release include:
![[Important]](/docbook-images/important.gif) | Important |
|---|---|
GT4.2.0 contains an upgrade to the web services specifications used by the toolkit as well as new features in all services. New users are encouraged to use the 4.2.0 release. However, because of the specification upgrade the webservices are incompatible with the 4.0.x series. Existing 4.0.7 users may wish to evaluate the new software while maintaining their existing installations. Details on the spec upgrade are available in the Changes Summary below. |
To download this release, go to the 4.2.0 Download page.
For information on installing this release, go to the 4.2.0 Installation Guide.
Use the documentation which starts at here.
| Important |
|---|---|
This release includes name changes:
|
As we continue to evolve the GT documentation, we've added new features as of 4.2.0:
Starting with 4.2.0, GT will start release documentation for each point release.
Left sidebar on all pages allows you to access documentation for all technologies from any page.
Customized TOCs at the top, domain and technology level.
Each guide is its own book with its own url. For example, you can find the GridFTP Admin Guide at http://www.globus.org/toolkit/docs/4.2/4.2.0/data/gridftp/admin/
More PDFs are available - both at the technology-level and guide-level.
Introducing the top-level GT Developer's Guide and GT User's Guide.
Adding more indices. This will be improved with each point release.
Feel free to offer any suggestions or feedback using Bugzilla (the "Documentation" component). Or use the documentation feedback box at the bottom of each page (please note that this box is intended for feedback and suggestions, but not support - support information follows.)
An overview on GT support can be found here.
The Globus Toolkit is distributed and licensed for use under the terms of the Apache License, Version 2.0.
To view the licenses of the 3rd party software used by the developers of the Globus Toolkit, click here.
For full information about usage statistics collected by GT 4.2.0 and how to opt-out, see Usage Statistics Collection by the Globus Alliance.
A migration guide for porting services to the new specification is available here.
.wsdd) files, JNDI configuration
files (jndi-config.xml), and security
descriptors for all services.TargetedXPath query
dialect.-t, --timeout option is used
to configure the client-side timeout value.-i command line option
was added to globus-start-container
to force the container to bind to the specified network
address.globus-start-container now
performs a JVM version check to ensure that at least Java 1.4 JVM is
used to start the container.OutOfMemoryError error
handling was improved in the standalone container. All
ResourceHome caches will now be
automatically cleared on
OutOfMemoryError error..wsdd files,
jndi-config.xml file, and security
deployment descriptors will now be automatically validated.It is now easier to make local invocations. Axis'
MessageContext does not need to be
associated with the current thread anymore and the stub does not need
to be configured in any way to make local invocations.
MessageContext object with the
current thread of execution.ResourceKey,
ResourceHome, or the resource object
associated with a given WS-Addressing endpoint.GLOBUS_TCP_SOURCE_PORT_RANGE
environment property is now supported.InitialContext as it will work
correctly on any application server with other JNDI implementations
present.ResourceHomeImpl) can now have a
private or
protected no-argument
constructor.jndi-config.xml files is now
optional. By default, the
org.globus.wsrf.tools.jndi.BeanFactory
factory class will be used if the factory
resource parameter is not specified.myproxy Java command line tool will
now be created on Windows.YYYY-MM-DDThh:mm:ss,sss[+-]hh:mm. It
uses local time with UTC time zone offset.GT 4.2.0 release contains a newer version of Apache Axis. The following changes have been noted in Axis:
xsd:group handling has
changed. A Java Bean will NOT be generated now for a xsd:group type.
See AXIS-1525
for more details.An error will now be raised by
BeanSerializer when serializing a
null value that is not optional or non-nillable. This behavior can be
disabled by setting
BeanSerializer.errorOnNullWithNonNillableElement
system property to false.
Example:
export
GLOBUS_OPTIONS="-DBeanSerializer.errorOnNullWithNonNillableElement=false"WSDL2Java will not generate
Java Beans for certain array objects. The
-w option must be passed to
WSDL2Java to force it to generate the
Java Beans for such types. This change is transparent to the users of
the build scripts provided by Java WS Core.The only significant change to Globus XIO in this release is the addition of "string attributes". The previous method of handling attributes still works in an entirely backward compatible way, but the string attributes adds a much needed convenience. Drivers can now provide a list of key=value pairs. A user can then specify these options at the command line and at runtime. This makes run time configuration much more flexible.
A driver can choose to expose parameters in a string form.
This feature makes dynamically setting driver-specific
options much easier. A user can then load the driver by name and
set specific options by name all at runtime with no object module
references. For example, a TCP driver can be loaded with the string
tcp and the options can be set with the string
port=50668;keepalive=yes;nodelay=N.
This would set the port to 50668, keepalive to true and nodelay to
false. The particular string definition is defined by the TCP
driver. This is done by creating a globus_i_xio_attr_parse_table_t
array within the driver's source code.
See the TCP driver source code for an example.
Each row of the array is 1 option. There are 3 sub-members of
each row entry: key, cmd, and parse function.
The key is a string that defines what option is to be set.
In the above example, string port would be a
key. cmd tells the driver what cntl is
associated with the key. In other words, once the string is
parsed out it converts the key into a driver-specific control enum.
XIO then uses that enum as it would if a driver-specific option
was set in the source code. For more information on controls, see
globus_xio_attr_cntl.
No significant changes have happened for C Common Libraries since GT 4.0.x. See Feature Summary for some minor changes.
SelfHost
authorization method.GSSAPI.Updated 3rd party libraries:
Added support for signing policy enforcement. Disabling the enforcement is provided directly by the CoG JGlobus library, Section 2, “Signing Policy Location”.
The security descriptor framework, used to configure security properties for the security framework, has been enhanced. Detailed information about the framework is provided at Chapter 1, Security Descriptors Introduction.
Java WS Authentication code honors environment variables to pick up the credential to use as described here.
Java WS Authentication code allows configuration of trust certificate in non-default location as described here.
The server side authorization framework has been reworked to support attribute-based authorization. The APIs and framework have been enhanced to deal with a representation where each entity is identified by a bag of attributes.
Also, the default engine used for combining the individual Policy Decision Point (PDP) decisions has been changed from a deny-override algorithm to a permit-override scheme that looks for a chain of delegation of rights from the resource owner to the requestor.
Refer to Architecture and design overview for detailed information on the architecture.
| Important |
|---|---|
The WS authorization interfaces have been frozen as of the GT 4.1.2 release. |
![[Note]](/docbook-images/note.gif) | Note |
|---|---|
All the PDPs that were distributed with the previous version have been ported to the new framework and are supported. |
The Java WS server-side authorization code has been moved to a
separate module called authorization. The work was tracked
as part of Bug
5559 and while this does not change any interface on the server
side, it separates the code from the Java WS Core module.
A migration guide that outlines the changes needed for services that build on Java WS Core is provided here.
Fixed SAML assertion embedded in proxy when cas-proxy-init is used in order to comply with RFC 3820 requirements on certificate extension. Support for OID 1.3.6.1.4.1.3536.1.1.1.9 has been discontinued and new OID 1.3.6.1.4.1.3536.1.1.1.12, with value set to be a DER encoded ASN.1 representation of the SAML asseriton has been added. Details are part of Bug 5606
Added an implicit namespace casDefaultNS, which is treated as a special namspace with no base name and exact comparison algorithm.
Grant all access to created groups disabled: The previous versions of CAS allowed granting newly created groups grantAll access to themselves. This feature has been disabled to prevent recursive permission issues.
Update to OpenSAML 1.1: The service has been updated to use OpenSAML 1.1.
Command line client options: The command line client options have been changed to use options that are standard across the toolkit. Note that all features that were supported before are still supported, but some of the option names have changed.
Allow both a push from the client and a pull from the server model for the CAS deployment
Underlying Java WS Authentication library supports RFC 3820 proxies by default as described in Release Notes. The Delegation Service will also default to RFC 3820 proxies.
GetResourceProperties and
QueryResourceProperties interfaces.
This allows for a client to query for the lifetime of the delegated
credential.The command line client options have been changed to use options that are standard across the toolkit. Note that all features that were supported before are still supported, but some of the option names have changed.
No changes have occurred for MyProxy since the last stable release, 4.0.x.
No changes have occurred for SimpleCA since the last stable release, 4.0.x.
-pp option to globus-url-copy to allow
pipelining of data transfers (ie, several transfers can be processed
without waiting for each transfer to finish before starting the next
one.)The GridFTP Admin Guide has been updated to include more information on advanced configuration, configuring security and tuning/performance recommendations.
globus-rls-cli can now read input
parameters from a file, and a new
globus-rls-bulk.sh script also
simplifies repetitive procedures involving bulk operations.A new MDS Admin Guide has been created that describes configuring MDS as a whole.
Loop detection (preventing an index server from registering to itself, or two from registering to each other) has been improved somewhat since 4.0.x.
New Features:
Changes:
The mds-servicegroup-add command no longer requires the dummy -s or -e arguments
The mds-set-multiple-termination-time command has been added to aid in management of service group entry resources created via mds-servicegroup-add
The QueryAggregatorSource and
SubscriptionAggregatorSource now
attempt to detect when the data source EPR is local to the current
container instance and, if so, set the connection properties to use
local transport.
Added a service level configuration option for suppressing the
publication of aggregator configuration elements in aggregator service
group registry entries. In other words, the Service Group Entry
Content Resource Property will contain
only the aggregated data.
Due to changes in the final version of the WS-ServiceGroup specification,
the XML structure of a ServiceGroupEntry's Content
Resource Property is no longer directly mapped to the AggregatorContent type.
Instead, the AggregatorContent type is now represented as a child element of
the WS-SG Content element.
The RPProvider configuration file format has changed slighty.
The ResourcePropertyProviderConfigArray
structure contains an array of xml elements of the type
resourcePropertyProviderConfig.
In 4.0.x, the element name for each array item was "configArray";
in 4.2.x, the name has been changed to "resourcePropertyProviderConfiguration".
Structurally, the ResourcePropertyProviderConfigArray and its
child elements have not been modified in any other way. Therefore, a search
and replace for all instances of "configArray" with "resourcePropertyProviderConfiguration"
should be all that is necessary to make 4.0.x RPProvider configuration files
compatible with 4.2.x versions.
For a summary of the changes, please see the Migration Guide from 4.0 GRAM
Only minor changes and bugfixes have occurred for GRAM2 since the last stable release.
GridWay version shipped with GT4.2.0 is based on GridWay 5.4, a new stable version with increased functionality, including support to access the NorduGrid infrastructure, new bindings for DRMAA and support for DAGMAN workflows.
New to 4.2.0:
Following the trend from previous releases, GridWay is capable of integrate with another major infrastructure: NorduGrid. Drivers for Execution and Transfer are included in this release.
Previous GridWay releases come with support for C and Java bindings implementing the DRMAA standard. Scripting languages are interesting from the point of view of rapid application prototyping among others. From dsa-research.org we believe this to be an interesting aspect, and that is why GridWay includes bindings to access the DRMAA standard from scripting languages such as Perl, Ruby and Python.
There is an increasing interest from the scientific community to be able to run complex workflows on a Grid environment. An almost de-facto standard to represent DAG workflows is Condor DAGMAN. In this development release GridWay includes a new workflow launcher (gwdag) that handles this kind of workflows.
Common Runtime Components
Security
Data Management
Information Services
Execution Management