- Doc Structure
- A Globus Primer
- Globus Is Modular!
- Installing GT
- Platform Notes
- GT Developer's Guide
- GT User's Guide (coming soon)
- Migrating from GT2
- Migrating from GT3
- Best Practices
- Coding Guidelines
- API docs
- Public Interfaces (coming soon)
- Resource Properties
- Performance Studies (coming soon)
- Non-WS (General) Security
- WS Java Security
- Authz Framework
- Delegation Service
Table of Contents
The GT development team is pleased to make its newest development release available for download. The 4.1.3 release contains early looks at new features destined for GT 4.2, and as such is not recommended for production environments. Highlights of this release include:
- An upgrade to current versions of WS-Addressing and WSRF
- Persistent HTTP/S connection support in Java WS Core
- Dynamic deployment support in Java WS Core
- JBOSS 4.0.x support in Java WS Core
- An implementation of WS-ServiceGroup added to C WS Core
- C command-line tools for WSRF operations
- Support for GetResourceProperties and QueryResourceProperties in the Delegation Service
- Added support for the OGSA-AuthZ Authorization Service to CAS
- Server-side attribute-based authorization framework enhancements
- Support for a pluggable Policy Decision Point (PDP) designed to minimize common authorization errors
- Enhanced security descriptor framework
- A Web service interface for the Replica Location Service (RLS)
- Improved data service resource support in OGSA-DAI
- Improved support for multiple TriggerRules in the Trigger Service
- Improved configuration interface for the Trigger Service
- Java API to assist in creating resource properties from external information sources
- A new resource manager (RM) adapter API in GRAM4
To download this release, go to the 4.1.3 Download page.
For information on installing this release, go to the 4.1.3 Installation Guide.
Use the development documentation which starts at http://www.globus.org/toolkit/docs/development/4.1.3/.
This release includes a name change for GRAM in the documentation. WS GRAM is now referred to as GRAM4 and Pre-WS GRAM is now referred to as GRAM2.
At this point, we are simply gathering as much of the updated information as possible and not much editing is being done. However, each subsequent development release will include more refined content, including more complete glossary listings, our new indices and a top level User's Guide.
Feel free to offer any suggestions or feedback using Bugzilla (the "Documentation" component).
An overview on GT support can be found here.
The Globus Toolkit is distributed and licensed for use under the terms of the Apache License, Version 2.0.
To view the licenses of the 3rd party software used by the developers of the Globus Toolkit, click here.
For full information about usage statistics collected by GT 4.1.3 and how to opt-out, see Usage Statistics Collection by the Globus Alliance.
The following changes have occurred for Java WS Core since the last stable release, 4.0.5:
Support for WS Addressing version 1.0
Support for Web Services Resource Framework version 1.2
Support for Web Services Notification version 1.3
A migration guide for porting services to the new specification is available here.
- The globus-validate-descriptors command line tool is used to
validate the Web Services Deployment Descriptor (
.wsdd) files, JNDI configuration files (
jndi-config.xml), and security descriptors for all services.
- The globus-check-environment command line tool is used to display component version information and to validate JVM version.
- The globus-reload-container, globus-remote-deploy-gar, and globus-remote-undeploy-gar command line tools (see the dynamic deployment feature for details).
- The ws-enumerate-start, ws-enumerate, and ws-enumerate-end command line tools (see the WS-Enumeration support feature for details).
- The globus-xpath-query command line tool for querying the
resource property document of a resource using the new
-t, --timeoutoption is used to configure the client-side timeout value.
- A new
-icommand line option was added to
globus-start-containerto force the container to bind to the specified network address.
globus-start-containernow performs a JVM version check to ensure that at least Java 1.4 JVM is used to start the container.
OutOfMemoryErrorerror handling was improved in the standalone container. All
ResourceHomecaches will now be automatically cleared on
- SOAP requests containing attachments will now be handled correctly by the container.
- The globus-start-container-detached, and globus-stop-container-detached tools now support options for specifying alternative log and pid file locations.
- Adjusted the number of threads used by the container in standalone and embedded mode. By default the container in standalone mode will now have a minimum of 2 threads and a maximum of 20. The container in embedded mode will now have a minimum of 1 thread and maximum of 3 threads.
- globus-deploy-gar will NOT overwrite the existing GAR deployment by default now. The existing deployment must be undeployed first or the GAR must be deployed with -overwrite option.
- During GAR deployment the service configuration files such as
jndi-config.xmlfile, and security deployment descriptors will now be automatically validated.
- Client-side type mapping will now be properly removed during GAR undeployment.
- Both GAR deployment and undeployment operations now explicitly check if the container is currently running. If so, the operation is aborted. The container must be off before deploying or undeploying GAR files.
- globus-deploy-gar and globus-undeploy-gar tools can now deploy or undeploy a GAR file directly from Apache Tomcat with the -tomcat option.
- The command line syntax of the globus-deploy-gar and globus-undeploy-gar tools has changed. The tools now expect the options first followed by the required arguments.
It is now easier to make local invocations. Axis'
MessageContextdoes not need to be associated with the current thread anymore and the stub does not need to be configured in any way to make local invocations.
- A new MessageContextHelper API were added to help in associating an arbitrary
MessageContextobject with the current thread of execution.
- A new EPRResourceContext API was added to help obtaining
ResourceHome, or the resource object associated with a given WS-Addressing endpoint.
GLOBUS_TCP_SOURCE_PORT_RANGEenvironment property is now supported.
- The test framework was extended to allow for execution of a specific test suite or a specific set of test cases within a test suite (Bug 3668).
- A new Version API were added to obtain Java WS Core version information programmatically.
- A new JNDIUtils.getInitialContext() method was added to obtain the right JNDI registry.
This is now the preferred way of getting the
InitialContextas it will work correctly on any application server with other JNDI implementations present.
- Added support for Sun Java SE 6 RC.
- Added init.d start/stop script for the standalone container. Please see the Configuring Java WS Core for details.
- A resource cache can now be configured with a size limit (in addition to a timeout).
- A persistent resource object (when used with
ResourceHomeImpl) can now have a
- The factory parameter for simple Java Bean resources declared in
jndi-config.xmlfiles is now optional. By default, the
org.globus.wsrf.tools.jndi.BeanFactoryfactory class will be used if the factory resource parameter is not specified.
- A launch script for the
myproxyJava command line tool will now be created on Windows.
- Added error codes to all error messages generated by Java WS Core.
- The setTerminationTime() function can now throw a TerminationTimeRejectedException if the new termination time cannot be accepted by the service.
- Changed the timestamp format of the container log file to ISO 8601 complaint format.
The new format has the following syntax:
YYYY-MM-DDThh:mm:ss,sss[+-]hh:mm. It uses local time with UTC time zone offset.
- CoG JGlobus (see the CoG JGlobus Release Notes for more details)
- Apache Xerces 2.7.1
- OpenSAML 1.1
- BouncyCastle 1.31
- Apache Log4j 1.2.13
- Apache Commons Logging 1.1
- Apache Commons CLI 2.0 (latest snapshot)
- Switched to JNDI Naming library from the Apache Directory Project.
- Post 1.4 version of Apache Axis. Please see Axis changes for details.
- Apache Commons Collection 3.2
- Apache Addressing Library has been imported into Globus CVS and a modified version of the library that support only WS Addressing 1.0 namespace has been added to the toolkit. The package names have been modified to avoid any conflicts and the toolkit does not ship with Apache Addressing library.
GT 4.1.3 release contains a newer version of Apache Axis. The following changes have been noted in Axis:
xsd:grouphandling has changed. A Java Bean will NOT be generated now for a xsd:group type. See AXIS-1525 for more details.
- The ordering of the parameters of the constructors of the generated Java Beans has changed once again. It is recommended to avoid the full constructors of the generated Java Beans. Use individual setter functions to set the values of the Bean instead.
An error will now be raised by
BeanSerializerwhen serializing a null value that is not optional or non-nillable. This behavior can be disabled by setting
BeanSerializer.errorOnNullWithNonNillableElementsystem property to
WSDL2Javawill not generate Java Beans for certain array objects. The
-woption must be passed to
WSDL2Javato force it to generate the Java Beans for such types. This change is transparent to the users of the build scripts provided by Java WS Core.
- MTOM attachments are now supported.
The following changes have occurred for C WS Core since the last stable release, 4.0.5:
- Implementation of WS-ServiceGroup as an API and a provider.
- Implementation of the Notification Producer operations, including support for Simple, Concrete, and Full TopicExpressions. The default service stubs will use a provider for this.
- Implementation of the WSRF QueryResourceProperties operation, including client and server-side serialization of XPath expressions. Support for TargetedXPathQuery dialect as used by Java WS Core.
- Local service invocations within a process bypass XML serialization.
- Improved WSDL parsing and type generation (support nillable types, xsd:token, etc).
- New command-line option parsing support in WSRF Core tools for implementing WSRF client programs.
- New command-line tools for common WSRF operations.
- Improved Makefiles for bindings packages created by globus-wsrf-cgen. Source lists are created at compile time from the schema, instead of being hard-coded into the Makefiles. Better handling of service-only, client-only, and types-only packages.
The following changes have occurred for XIO since the last stable release, 4.0.5:
The following changes have occurred for C Common Libraries since the last stable release, 4.0.5:
The following changes have occurred for Java CoG Kit since the last stable release, 4.0.5:
- Support for partial 3rd party transfers to the UrlCopy library.
Added support for
- Improved handling of SSLv2 client hello messages.
Optimized obtaining a default credential using the
- Optimized CA certificate and CRL file refresh functions.
- Added error codes to all error messages generated by the GSI library.
Updated 3rd party libraries:
- BouncyCastle 1.31
- Apache Log4j 1.2.13
- Apache Commons Logging 1.1
The following changes have occurred for CAS since the last stable release, 4.0.5:
Added a implicit namespace casDefaultNS, which is treated as a special namspace with no base name and exact comparison algorithm.
Grant all access to created groups disables: The previous versions of CAS allowed granting newly created groups grantAll access to itself. This feature has been disabled so that recursive permission issues are prevented.
Update to OpenSAML 1.1: The service has been updated to use OpenSAML 1.1.
Command line client options: The command line client options have been changed to use options that are standard across the toolkit. Note that all features that were supported before are still supported, but some of the option names have changed.
The following changes have occurred for Delegation Service since the last stable release, 4.0.5:
- Added support for GetResourceProperties and QueryResourceProperties interface. This allows for client to query for the lifetime of the delegated credential.
The command line client options have been changed to use options that are standard across the toolkit. Note that all features that were supported before are still supported, but some of the option names have changed.
- Bug 4593: C WS-Delegation Utils (Refresh/Program/Tests)
The following changes have occurred for Message/Transport-level Security since the last stable release, 4.0.5:
The security descriptor framework, used to configure security properties for the security framework has been enhanced. Detailed information about the framework is provided Section 1, “Security Descriptors Introduction”
Java WS Authentication code honors environment variables to pick up credential to use as described here
Java WS Authentication code allows configuration of trust certificate in non-default location as described here
The server side authorization framework has been reworked to support attribute-based authorization. The APIs and framework have been enhanced to deal with a representation where each entity is identified by a bag of attributes.
Also the default engine used for combining the individual Policy Decision Point(PDP) decision has been changed from a deny-override algorithm to a permit override scheme that looks for a chain of delegation of rights from the resource owner to the requestor.
Refer Architecture and design overview for detailed information on the architecture.
The WS authorization interfaces have been frozen as of the GT 4.1.2 release.
All the PDPs that were distributed with the previous version have been ported to new framework and are supported.
The following changes have occurred for Pre-WS Authorization & Authentication since the last stable release, 4.0.5:
The following changes have occurred for MyProxy since the last stable release, 4.0.5:
The following changes have occurred for SimpleCA since the last stable release, 4.0.5:
The following changes have occurred for RFT since the last stable release, 4.0.5:
The following changes have occurred for GridFTP since the last stable release, 4.0.5:
- Added GFork master plugin to allow dynamic backend configuration.
-ppoption to globus-url-copy to allow pipelining of data transfers (ie, several transfers can be processed without waiting for each transfer to finish before starting the next one.)
The following changes have occurred for RLS since the last stable release, 4.0.5:
- Revised documentation with particular focus on build and configuration procedures.
- Updated setup package to eliminate mysql specific references and include unixODBC settings.
- Added odbc.ini file to setup package and provided default settings to work with the psqlodbc driver now included with the GT bundle.
- Minor bug fixes.
The following changes have occurred for OGSA-DAI since the last stable release, 4.0.5:
The following changes have occurred for WS MDS Aggregator Framework since the last stable release, 4.0.5:
The mds-servicegroup-add command no longer requires the dummy -s or -e arguments
The mds-set-multiple-termination-time command has been added to aid in management of service group entry resources created via mds-servicegroup-add
The QueryAggregatorSource and SubscriptionAggregatorSource now attempt to detect when the data source EPR is local to the current container instance, and if so set the connection properties to use local transport.
Added a service level configuration option for suppressing the publication of aggregator configuration elements in aggregator service group registry entries. In other words, the Service Group Entry "Content" Resource Property will contain only the aggregated data.
Other than bugfixes, there have been no changes for WS MDS Index Service since the last stable release, 4.0.5:
The following changes have occurred for MDS4 Trigger Service since the last stable release, 4.0.5:
- Multiple triggers per data source aggregation is now supported. Each trigger's Matching Rule will be evaluated against the incoming message.
- Support for XML Namespace resolution in the Matching Rule Xpath statement. This allows namespace prefixes to be specified in the TriggerRule XPath matching rule string parameter.
- Triggers are now created/configured in a completely different manner from previous versions. They are created dynamically, as needed.
- Some parameter names have been changed, added, or removed.
The following changes have occurred for WS MDS WebMDS since the last stable release, 4.0.5:
- Error handling has improved -- error pages now include a summary and not just a Java stack trace.
- The service group summary view now has an option to periodically refresh the display.
- WebMDS now supports optional user-specified Xpath queries.
- WebMDS now supports the use of user-specified namespace mappings with user-specified Xpath queries.
- Entries in the service group summary view are now sorted.
- The service group summary view is now easier to update to support local data types.
- The Resource Property Information Provider package (rpprovider) has been added [olink to rpprovider docs needed]
- The GLUE Resource Property implementation has been rewritten to use the new Resource Property Information Provider framework, making it open to parameterization and more easily customized
- A small utility tool, mds-gluerp-configure, has been added to help simplify administrator configuration of the GLUE resource property
- Support for standard WSRF Subscription/Notification has been added, use of which is automatic when the hosting service supports subscription via GT4 WSRF-Core operation provider
The following changes have occurred for GRAM4 since the last stable release, 4.0.5:
The following changes have occurred for GRAM2 since the last stable release, 4.0.5:
Since GridWay 5.2, development activities have been focused on easing the integration of GridWay with the major Grid infrastructures: EGEE, TeraGrid and OSG. As a result, the flexibility of GridWay has been considerably improved. In addition, an important effort has been made to improve the reliability of GridWay's core.
Also, GridWay 5.2.1 is the first release shipped with the Globus Toolkit. Therefore, some modifications have been introduced to build and install GridWay in a GT tree: the directory layout has been slighly changed, and support to build GridWay with GPT has been added.
New to GridWay 5.2.1:
- Integration with major Grid Infrastructures
GridWay 5.2.1 can be easily integrated with all the major Grid infrastructures. Its functionality has been extended to operate different Grid deployments, which includes support for different execution/transfer schemes, information models and service configurations.
- Improved Reliability
Previous GridWay releases do not handle MAD crashes. GridWay 5.2.1 will reload a MAD process whenever a MAD is killed or crashed.
- New Information model
The dynamic information of a host gathered from the Grid Information server can be mixed with custom variables defined by the GridWay administrator. This functionality is very useful when you need to extend the information scheme but have no access to the Grid server. For example, you can use this new feature to add software or license attributes to grid resources that can subsequently be used for resource requirement expressions.
- Configuration Interface for MADs
Middleware Access Drivers need some environment variables to work properly. Usually, sudo must be configured to preserve these variables (e.g.
GW_LOCATION). GridWay 5.2.1 has a new configuration interface to ease this configuration. In this way, global (and per user) environment variables can be defined for MAD execution. This new feature allows GridWay to work with delegated credentials when configured with a GRAM interface.
- Flexible definition of file transfer servers
A GridFTP server, different from the GRAM server, can be defined for file staging. The storage server must be defined (
SE_HOSTNAME, attribute) for those resources operated on in this way. This can be done either by modifying the IM's MAD or using the new static-dynamic information model.
- Support for JSDL HPC profile
Now job templates can be also defined using the OGF standard JSDL HPC profile.
Common Runtime Components