Software Links
Getting Started
- Doc Structure
- A Globus Primer
- Globus Is Modular!
- Quickstart
- Installing GT
- Platform Notes
- GT Developer's Guide
- GT User's Guide (coming soon)
- Migrating from GT2
- Migrating from GT3
Reference
- Best Practices
- Coding Guidelines
- API docs
- Public Interfaces (coming soon)
- Resource Properties
- Samples
- Glossary
- Performance Studies (coming soon)
Manuals
Common Runtime
Security
- Non-WS (General) Security
- WS Java Security
- Message-level
- Authz Framework
- CAS
- Delegation Service
- MyProxy
- GSI-OpenSSH
- SimpleCA
- SGAS
Data Mgt
MDS4
Execution Mgt
This section provides details about some of the features of the C and Java GSI implementations.
Table A.1. GT 4.1.3 Security Features
| Area | Supported Feature | GT4 C Code | GT4 Java Code |
|---|---|---|---|
| Proxy Certificate | Authentication with RFC 3820 compliant proxy certificates | Yes | Yes |
| Authentication with Globus (old OID) proxy certificates | Yes | Yes | |
| Authentication with legacy (GT2) proxy certificates | Available, but unsupported | Available, but unsupported | |
| Delegation of proxy certificates | Yes | Yes | |
| X.509 Extensions | Extended Key Usage Extension | Yes | No |
| CA Support | CA Signing Policy | Yes | No |
| Configurable trust roots (CA certificates) | Yes | Yes | |
| Revocation | CRLs | Yes | Yes |
| OCSP | No | No | |
| GSSAPI | GSSAPI | Yes, refer to RFC 2744 | Yes |
| GSSAPI extensions | Yes | Yes | |
| Integrity protection of user data | Yes | Yes | |
| Authorization | User Authorization using grid map file | Yes | Yes |
| Client-side authorization of service using hostname | Yes | Yes | |
| Client-side authorization of service with wildcard matching of hostnames (e.g foo matches foo-*, foo-1, foo-bar etc) | Yes | Yes | |
| CAS Support | Only in GridFTP | No | |
| Kerberos | Relinking with Kerberos instead of PKI | Yes (kludgey) | Theoretically as part of Java 1.4, but untested |
| SOAP | SOAP independent message signing | Yes | Yes |
| SOAP independent message encryption | Yes | Yes | |
| Context establishment in SOAP | Yes | Yes | |
| Secure SOAP dispatch headers | No | Yes |