Software Links

Usage Statistics
Release Notes
Versioning
Downloads
Advisories
Licenses
CVS & Dev Tools

Getting Started

A Globus Primer
Globus Is Modular!
Quickstart
Installing GT
Platform Notes
GT Developer's Guide
GT User's Guide
Migrating Guides

Reference

Best Practices
Coding Guidelines
API docs
Public Interfaces
Resource Properties
Samples
Glossary

Manuals

Common Runtime

Java WS Core
C WS Core
Python WS Core
XIO
CoG jGlobus
pyGlobus
C Common Libs

Security

GSI C
GSI Java
Java WS A&A
C WS A&A (coming soon)
CAS
Delegation Service
MyProxy
GSI-OpenSSH
SimpleCA

Data Mgt

GridFTP
RFT
RLS
WS RLS
DRS

WS MDS

Index Service
Trigger Service
WebMDS
Aggregator Framework
UsefulRP
Info Providers

Execution Mgt

GRAM4
GridWay
GRAM2 (legacy)

GT 4.2.0 Release Notes: MyProxy

Table of Contents

1. Component Overview
2. Feature summary
3. Summary of Changes in MyProxy
4. Bug Fixes
5. Known Problems
5.1. Limitations
5.2. Outstanding bugs
6. Technology dependencies
7. Tested platforms
8. Backward compatibility summary
9. Associated Standards
10. For More Information
Glossary

1. Component Overview

MyProxy is an online credential repository. You can store X.509 proxy credentials in the MyProxy repository, protected by a passphrase, for later retrieval over the network. This eliminates the need for manually copying private key and certificate files between machines. MyProxy can also be used for authentication to grid portals and credential renewal with job managers.

2. Feature summary

Supported Features

  • Users can store and retrieve multiple X.509 proxy credentials using myproxy-init and myproxy-logon.
  • Users can store and retrieve multiple X.509 end-entity credentials using myproxy-store and myproxy-retrieve.
  • Administrators can load the repository with X.509 end-entity credentials on the users' behalf using myproxy-admin-load-credential.
  • Administrators can use the myproxy-admin-adduser command to create user credentials and load them into the MyProxy repository.
  • Users and administrators can set access control policies on the credentials in the repository.
  • If allowed by policy, job managers (such as Condor-G) can renew credentials before they expire.
  • The MyProxy server enforces local site passphrase policies using a configurable external call-out.

Deprecated Features

  • None

3. Summary of Changes in MyProxy

No changes have occurred for MyProxy since the last stable release, 4.0.x.

4. Bug Fixes

No changes have occurred for MyProxy.

5. Known Problems

The following problems and limitations are known to exist for MyProxy at the time of the 4.2.0 release:

5.1. Limitations

  • No known limitations exist.

5.2. Outstanding bugs

  • Bug 2709: The MyProxy package isn't internationalized.

6. Technology dependencies

MyProxy depends on the following GT component:

  • Non-WS Authentication and Authorization

MyProxy depends on the following 3rd party software:

  • None

7. Tested platforms

Tested Platforms for MyProxy

  • Mac OS X 10.3
  • i686 GNU/Linux
  • ia64 GNU/Linux

8. Backward compatibility summary

Protocol changes since GT 4.0.x

  • None.

API changes since GT 4.0.x

  • None.

Exception changes since GT 4.0.x

  • Not applicable

Schema changes since GT 4.0.x

  • Not applicable

9. Associated Standards

Associated standards for MyProxy:

10. For More Information

See MyProxy for more information about this component.

Glossary

P

private key

The private part of a key pair. Depending on the type of certificate the key corresponds to it may typically be found in $HOME/.globus/userkey.pem (for user certificates), /etc/grid-security/hostkey.pem (for host certificates) or /etc/grid-security/<service>/<service>key.pem (for service certificates).

For more information on possible private key locations see this.

proxy credentials

The combination of a proxy certificate and its corresponding private key. GSI typically stores proxy credentials in /tmp/x509up_u<uid> , where <uid> is the user id of the proxy owner.

U

user credentials

The combination of a user certificate and its corresponding private key.