-
Notifications
You must be signed in to change notification settings - Fork 136
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
srm-client: Port SRM client to Apache HTTP components and CANL
Motivation: The SRM client uses the old Axis 1.4 (due to the use of old SOAP encodings). Axis 1.4 by default uses an internal simplistic HTTP client without support for keeping connections alive between calls. Axis 1.4 ships with support for the Apache Commons HTTP client 3.x, but that version is deprecated. The SRM client uses JGlobus to obtain GSI support for Axis. We want to get rid of JGlobus in dCache. Modification: Introduces the HttpClientSender and HttpClientTransport, allowing Axis 1.4 to use the HTTP client from Apache Commons HTTP Components. The code is based on the original code in Axis, but heavily updated to make as much use of the features of the HTTP client as possible. Introduces the GsiHttpClientSender, which subclasses HttpClientSender to add a JGlobus independent client GSI layer. Makes use of CANL for certificate handling and proxy generation. Updates our client tools to use the new transport. Result: Faster startup for users with large /etc/grid-security/certificates, faster calls to the SRM server if more than one call is made (in particular for high latency links). For localhost and a short list of CA certs I have observed slightly higher startup cost - probably due to the extra JARs. May change once we get rid of JGlobus completely. In particular the srmfs and delegation shells are much more responsive. Proper RFC 2818 host name verification. This means that the host name provided in the URI MUST also be the host name in a subject alternative name (SAN) of the common name of the server certificate. No reverse lookup is done and no Globus wildcards are support (but RFC 2818 compliant wildcards are). This means this client should not be deployed by sites or users relying on the old insecure behaviour. Within EMI, sites are required to switch to proper use of SAN at the end of 2015. We should continue to distribute the old client for this purpose. Target: trunk Require-notes: yes Require-book: no Acked-by: Paul Millar <paul.millar@desy.de> Patch: https://rb.dcache.org/r/8613/
- Loading branch information
Showing
43 changed files
with
1,811 additions
and
736 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Oops, something went wrong.