Software Links

Usage Statistics
Release Notes
Versioning
Downloads
Advisories
Licenses
CVS & Dev Tools

Getting Started

A Globus Primer
Globus Is Modular!
Quickstart
Installing GT
Platform Notes
GT Developer's Guide
GT User's Guide
Migrating Guides

Reference

Best Practices
Coding Guidelines
API docs
Public Interfaces
Resource Properties
Samples
Glossary

Manuals

Common Runtime

Java WS Core
C WS Core
Python WS Core
XIO
CoG jGlobus
pyGlobus
C Common Libs

Security

GSI C
GSI Java
Java WS A&A
C WS A&A (coming soon)
CAS
Delegation Service
MyProxy
GSI-OpenSSH
SimpleCA

Data Mgt

GridFTP
RFT
RLS
WS RLS
DRS

WS MDS

Index Service
Trigger Service
WebMDS
Aggregator Framework
UsefulRP
Info Providers

Execution Mgt

GRAM4
GridWay
GRAM2 (legacy)

GT4 C WS A&A Release Notes

Table of Contents

1. Component Overview
2. Feature summary
3. Summary of Changes in C WS A&A
4. Bug Fixes
5. Known Problems
5.1. Limitations
5.2. Outstanding bugs
6. Technology dependencies
7. Tested platforms
8. Backward compatibility summary
9. Associated standards for C WS A&A
10. For More Information
Glossary

1. Component Overview

The Web Services portion of GT 4.2.0 uses SOAP over HTTP for communicating messages. C WS A&A implements the WS-Security standard and the WS-SecureConversation specification to provide message protection for SOAP messages. Features include:

  • authentication of the sender
  • encryption of the message
  • integrity protection of the message
  • replay attack protection

C WS A&A provide a secure channel by using HTTP over SSL/TLS (HTTPS) for transporting the messages. This security mechanism supports all of the security features provided by SSL/TLS with the addition of support for X.509 Proxy Certificates.

2. Feature summary

Features new in GT 4.2.0

None.

Other Supported Features

  • Compliance with published IBM/Microsoft WS-Trust and WS-SecureConversation specifications
  • Compliance with the Web Services Security 1.0 standard
  • HTTPS support
  • Message integrity protection.

Deprecated Features

  • None.

3. Summary of Changes in C WS A&A

There have been no changes have for C WS A&A since GT 4.0.x.

4. Bug Fixes

  • Bug 3536: Installer failed for globus_handler_ws_secure_messagegpt package.
  • Bug 3547: secure message counter test failing
  • Bug 4587: WS-Security interop broken in trunk

5. Known Problems

The following problems and limitations are known to exist for C WS A&A at the time of the 4.2.0 release:

5.1. Limitations

  • No known limitations exist.

5.2. Outstanding bugs

  • Bug 2362: location of user proxy for java inconsistencies
  • Bug 2445: Holder problem
  • Bug 2907 Secure Conversation (Encryption) does not provide any message level security for the SOAP headers

6. Technology dependencies

C WS A&A depends on the following GT components:

  • C WS Core

    GSI

C WS A&A depends on the following 3rd party software:

7. Tested platforms

C WS A&A should work on any platform that supports J2SE 1.3.1 or higher.

Tested Platforms for C WS A&A

  • Linux (Red Hat 7.3)
  • Windows 2000
  • Solaris 9

8. Backward compatibility summary

Since GT 4.0.x release, some incompatible changes have been made:

  • Security Descriptors: The security descriptor schema has changed since GT 4.0.x and the descriptors from GT 4.0.x cannot be used as is.
  • Secure Conversation port type: The WS Addressing version in Java WS Core has been updated and the secure conversation port type has changed to reflect this. Therefore, GT 4.0.x secure conversation clients are incompatible with GT 4.2.x servers and vice versa.

9. Associated standards for C WS A&A

10. For More Information

See C WS A&A for more information about this component.

Glossary

P

proxy certificate

A short lived certificate issued using a EEC. A proxy certificate typically has the same effective subject as the EEC that issued it and can thus be used in its place. GSI uses proxy certificates for single sign on and delegation of rights to other entities.

For more information about types of proxy certificates and their compatibility in different versions of GT, see http://dev.globus.org/wiki/Security/ProxyCertTypes.