Skip to content

Commit

Permalink
Restore StoRM WebDAV testsuite
Browse files Browse the repository at this point in the history 
This commit restores the StoRM WebDAV test-suite continuous integration tests.
All tests from the legacy StoRM test-suite have been migrated/added. 
Fined grained authorization tests added too.
  • Loading branch information
@federicaagostini
federicaagostini authored Nov 14, 2024
1 parent aee7266 commit c8af5a2
Show file tree
Hide file tree
Showing 88 changed files with 1,480 additions and 1,191 deletions.
52 changes: 52 additions & 0 deletions .github/workflows/run-testsuite.yml
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,52 @@
name: Run testsuite

on:
push:

jobs:
run-testsuite:
name: WebDAV test suite

runs-on: ubuntu-latest

env:
ARTIFACTS: ${HOME}/artifacts
ROBOT_ARGS: -L DEBUG --variable dav.host:storm.test.example --variable remote.dav.host:storm-alias.test.example --variable remote.davs.port:443 --exclude known-issue
OIDC_AGENT_SECRET: ${{ secrets.OIDC_AGENT_SECRET }}

steps:
- name: Checkout
uses: actions/checkout@v4

- name: Provide trustanchors
working-directory: compose
run: docker compose up trust

- name: Start services
working-directory: compose
run: docker compose up --build -d storage-setup webdav nginx

- name: Run testsuite
working-directory: compose
run: |
docker compose up -d ts
docker compose exec -T ts bash -c '/scripts/ci-run-testsuite.sh'
continue-on-error: true

- name: Create artifacts directory
if: ${{ always() }}
run: mkdir -p ${ARTIFACTS}

- name: Collect test reports
run: docker cp storm-webdav-ts-1:/home/test/robot/reports ${ARTIFACTS}

- name: Collect service log
if: ${{ always() }}
run: docker logs storm-webdav-webdav-1 > ${ARTIFACTS}/storm-webdav-server.log 2>&1

- name: Archive reports
if: ${{ always() }}
uses: actions/upload-artifact@v4
with:
name: logs-and-reports
path: ${{ env.ARTIFACTS }}
2 changes: 2 additions & 0 deletions .gitignore
View file
Original file line number Diff line number Diff line change
Expand Up @@ -6,3 +6,5 @@
.springBeans
.idea
storm-webdav-server.iml
/robot/reports
.vscode
35 changes: 35 additions & 0 deletions Dockerfile
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,35 @@
# https://spring.io/guides/topicals/spring-boot-docker#_multi_stage_build
FROM eclipse-temurin:11-jdk-alpine as build
WORKDIR /workspace/app
RUN apk add maven
COPY pom.xml .
COPY maven maven
RUN mvn dependency:resolve -s maven/cnaf-mirror-settings.xml
RUN mvn dependency:resolve-plugins -s maven/cnaf-mirror-settings.xml
COPY .git .git
COPY etc etc
COPY src src
RUN mvn package -s maven/cnaf-mirror-settings.xml -Dmaven.test.skip
RUN mkdir -p target/dependency && (cd target/dependency; jar -xf ../*.jar)

FROM eclipse-temurin:11-centos7
ENV STORM_WEBDAV_JVM_OPTS="-Dspring.profiles.active=dev"
ARG DEPENDENCY=/workspace/app/target/dependency

#WORKDIR /app
COPY --from=build ${DEPENDENCY}/BOOT-INF/lib /app/lib
COPY --from=build ${DEPENDENCY}/META-INF /app/META-INF
COPY --from=build ${DEPENDENCY}/BOOT-INF/classes /app
COPY src src

ARG USERNAME=storm
ARG USER_UID=1000
ARG USER_GID=${USER_UID}

RUN groupadd --gid ${USER_GID} ${USERNAME}
RUN useradd --uid ${USER_UID} --gid ${USER_GID} -m ${USERNAME}
RUN echo ${USERNAME} ALL=\(root\) NOPASSWD:ALL > /etc/sudoers
RUN chmod 0440 /etc/sudoers
USER ${USERNAME}

ENTRYPOINT java ${STORM_WEBDAV_JVM_OPTS} -cp app:app/lib/* org.italiangrid.storm.webdav.WebdavService
8 changes: 8 additions & 0 deletions compose/.env
View file
Original file line number Diff line number Diff line change
@@ -1 +1,9 @@
COMPOSE_PROJECT_NAME=storm-webdav
TRUST_IMAGE=indigoiam/egi-trustanchors
TRUST_IMAGE_TAG=igi-test-ca
WEBDAV_IMAGE=italiangrid/storm-webdav-centos7
WEBDAV_IMAGE_TAG=latest
TS_IMAGE=indigoiam/robot-framework
TS_IMAGE_TAG=latest
NGINX_IMAGE=baltig.infn.it:4567/cnafsd/ngx_http_voms_module/nginx-httpg-voms
NGINX_IMAGE_TAG=latest
25 changes: 25 additions & 0 deletions compose/README.md
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,25 @@
# Docker compose for StoRM WebDAV

Run the services with

```
$ docker-compose up -d
```

The docker-compose contains several services:

* `trust`: docker image for the GRID CA certificates, mounted in the `/etc/grid-security/certificates` path of the other services. The _igi-test-ca_ used in this deployment is also present in that path
* `storage-setup`: sidecar container, used to allocate proper volumes (i.e. storage areas) owned by _storm_
* `webdav`: is the main service, also known as StoRM WebDAV. The StoRM WebDAV base URL is https://storm.test.example:8443. It serves the following storage areas:
* `test.vo` for users presenting a proxy issued by a _test.vo_ VO
* `noauth`: which allows read/write mode also to anonymous users
* `fga`: for a fined grained authorization storage area. Its access policies are set in the [application](./assets/etc/storm/webdav/config/application-policies.yml) file
* `oauth-authz`: for users presenting a token issued by the [IAM DEV](https://iam-dev.cloud.cnaf.infn.it)
* `ts`: used for running the StoRM WebDAV testsuite. It shares the storage with the `webdav` service, to run local tests
* `nginx`: is the NGINX service supporting VOMS authentication, used as remote StoRM server for WebDAV calls. It does not forward requests to StoRM WebDAV, but just serves local resources in a separate storage. URL of this service is https://storm-alias.test.example. In the testsuite, the local resources are served by an `oauth-authz` endpoint, that does not require authentication.

To resolve the hostname of the service, add a line in your `/etc/hosts` file with

```
127.0.0.1 storm.test.example storm-alias.test.example
```
121 changes: 60 additions & 61 deletions compose/assets/certs/hostcert.pem
View file
Original file line number Diff line number Diff line change
@@ -1,86 +1,85 @@
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 801 (0x321)
Serial Number: 19 (0x13)
Signature Algorithm: sha512WithRSAEncryption
Issuer: C=IT, O=IGI, CN=Test CA
Validity
Not Before: Oct 15 15:57:05 2018 GMT
Not After : Oct 12 15:57:05 2028 GMT
Subject: C=IT, O=IGI, CN=storm dev
Not Before: Oct 19 08:55:57 2022 GMT
Not After : Oct 16 08:55:57 2032 GMT
Subject: C=IT, O=IGI, CN=*.test.example
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
Public-Key: (2048 bit)
Modulus:
00:cb:98:91:d4:9f:f5:a7:0a:1c:cf:b8:51:7d:2e:
fa:a9:c7:df:74:75:bb:81:1a:52:e0:a5:1e:48:56:
c5:85:39:bf:90:4a:2b:be:c5:ef:83:0a:4a:e0:86:
84:81:79:14:4f:8e:70:ba:8a:a3:68:07:a3:2c:be:
76:d6:fc:28:bf:91:31:67:45:eb:2e:b6:ce:31:bd:
32:d1:f4:a0:88:0c:e9:2f:a0:ee:77:8f:da:c1:1b:
50:ba:0d:09:05:29:12:b1:4c:98:28:fd:6a:c0:fc:
9b:d1:40:cd:5c:59:c4:7d:49:bf:c1:0f:a5:3a:42:
7c:41:0d:1e:25:2e:2e:2e:3d:0c:23:fb:9f:1f:46:
ec:f3:62:aa:a6:ca:85:a9:ea:ec:51:98:26:6e:1a:
bd:cd:0e:eb:22:49:b2:e6:c4:99:2f:6b:3c:ba:82:
09:46:74:b3:19:a6:dc:b9:a1:83:6d:d5:28:62:43:
ba:1b:f3:e1:1d:61:61:87:b2:cb:1b:14:49:02:de:
d9:10:ca:d7:0c:da:c6:c3:1c:f2:ab:48:27:8d:10:
17:8b:56:cb:5d:d4:f6:19:65:4c:78:25:cb:3d:be:
a5:93:77:ce:a2:77:97:de:b4:24:8e:aa:3b:dc:c6:
f8:57:d9:a9:ba:42:d9:7a:77:a4:4a:dc:76:07:2b:
43:c3
00:e7:3a:01:a8:93:12:08:f4:a6:c9:89:10:a2:f6:
6a:6a:d3:93:98:c7:31:c0:e5:8a:3a:44:9b:cf:ef:
b9:3d:05:86:03:61:0e:6e:fc:c6:f9:9a:9e:35:d6:
3d:38:27:48:cb:77:26:97:15:34:a0:0b:1d:97:31:
dd:18:ec:bf:78:d9:32:9e:00:1a:44:6a:78:15:1f:
ac:7b:3e:bb:ad:b2:b4:32:75:8c:11:d8:31:ec:19:
7d:bf:ba:5d:1e:70:38:62:10:cf:3a:8a:a4:98:83:
b4:df:e0:50:3b:e5:ec:24:a0:89:14:2c:19:27:48:
66:c3:d4:1d:74:63:be:63:38:95:3f:64:d0:91:ac:
95:f7:d9:ca:96:b5:1b:e7:71:70:7b:5f:3b:12:30:
2c:b8:3a:28:79:84:9c:81:12:db:38:31:6d:2d:2a:
e2:80:05:5c:29:77:53:58:10:19:ee:f9:50:e1:8d:
3b:2b:e2:c0:0b:d2:9f:3c:a0:95:33:f8:33:17:ce:
23:0e:31:e8:1e:3d:7e:6a:c9:6d:83:9e:0b:fa:43:
d2:4a:3f:be:d3:19:07:1e:8c:e4:f6:dc:8f:c3:3e:
3a:8e:66:4a:87:ef:0b:39:db:e8:3e:30:1c:91:9e:
b3:1e:d3:a0:1e:1b:9a:b1:58:99:de:a5:bb:53:3b:
3b:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Basic Constraints: critical
CA:FALSE
X509v3 Subject Key Identifier:
AF:52:EA:AC:22:88:70:E5:C6:AA:AE:CC:AD:FB:CA:95:EB:17:3B:15
60:FA:21:CE:1C:B5:31:8D:9B:01:F6:08:5B:72:4D:59:5A:F8:71:8C
X509v3 Key Usage: critical
Digital Signature, Non Repudiation, Key Encipherment
X509v3 Extended Key Usage:
TLS Web Server Authentication, TLS Web Client Authentication, Microsoft Server Gated Crypto, Netscape Server Gated Crypto, E-mail Protection
X509v3 Authority Key Identifier:
keyid:91:77:36:7B:2E:B4:69:F3:27:EA:B7:F6:08:8B:4A:23:A2:11:49:C6
keyid:50:9B:6F:74:01:E3:1A:03:57:AB:D9:D5:7D:15:64:4C:25:F3:F8:F4

X509v3 Subject Alternative Name:
DNS:storm.example, DNS:storm-alias.example, DNS:other.example, DNS:localhost
DNS:*.test.example
Signature Algorithm: sha512WithRSAEncryption
b5:36:9a:2d:e4:79:56:1a:1c:d0:34:e4:d8:06:2a:03:94:65:
cc:a7:71:bf:88:c6:f9:1d:bf:20:18:d4:25:6a:8a:a5:5e:97:
64:8e:23:d2:51:0a:fb:3a:96:68:f6:a3:75:bd:74:6d:3d:4d:
05:54:1c:b4:43:ee:33:bd:66:80:ee:81:50:f4:9c:ea:38:74:
22:f3:ab:b1:41:04:7f:f5:64:07:49:78:9e:73:a5:00:0d:8f:
e6:c9:ec:bc:3b:f7:00:7e:9e:09:1a:9b:a4:40:a7:39:90:1c:
fa:ca:ec:31:53:52:27:93:88:db:18:b3:f0:b7:7f:65:4e:06:
c5:f5:b4:9e:6c:af:69:ef:da:ea:4c:e8:50:ed:dc:49:a7:fe:
69:90:cf:77:69:58:49:0a:1c:50:5e:ab:26:b0:52:31:ca:6f:
8a:11:78:80:c5:9e:4f:43:40:60:f3:99:46:4d:8d:51:5a:e5:
04:90:9e:ce:40:4a:c5:35:b1:f1:d1:63:86:8b:42:73:79:7a:
f7:33:d3:69:22:45:a2:82:0c:05:69:7d:00:2b:e5:c9:44:38:
f8:ae:e1:81:71:04:b8:48:bf:51:91:22:4e:90:c6:ad:91:cc:
30:a5:e8:53:4f:64:b1:3d:7a:c8:cd:ae:b6:b8:7c:dc:c7:98:
36:eb:a5:e4
79:82:f2:54:44:98:96:25:c2:83:c9:0f:19:69:1c:f6:a7:19:
0d:61:90:f9:96:23:e2:ab:5a:30:db:55:d7:4f:b0:ff:b2:7b:
41:da:35:97:47:86:e4:85:00:6d:11:64:ee:32:a4:64:ee:fe:
b2:83:a5:24:4a:ce:c3:91:ae:db:3d:5b:af:fa:7e:81:1a:1c:
69:d0:1a:9e:70:0e:9e:74:85:6b:48:90:6a:1b:62:ff:6e:b3:
84:30:b7:7f:fa:c0:3e:ee:91:70:0b:f2:13:ea:c8:2c:aa:d8:
cb:3c:60:b1:08:f9:8e:bf:c2:e4:ce:92:6a:7e:0a:41:49:94:
8f:e5:6e:71:f9:47:04:1a:18:1f:65:47:d6:1c:ea:a9:90:71:
82:1b:3b:1f:a5:f2:02:ce:5c:d6:2e:5d:1e:05:c4:92:9e:3d:
8e:ce:fa:00:83:01:d5:c3:c1:cf:e2:e5:fb:08:80:08:f4:6c:
26:64:96:db:cd:be:4c:e7:bc:8f:af:3d:0e:0c:f7:d2:52:15:
9c:d5:15:0d:51:b3:95:72:78:1d:8c:ca:37:55:7a:c0:b0:0f:
18:ae:de:d0:27:6f:1b:e4:5d:1d:4b:f9:4c:5d:44:49:ed:cf:
c2:9e:e7:c6:55:72:ce:2f:43:a7:2f:88:de:b7:da:9f:82:a6:
54:77:c2:2e
-----BEGIN CERTIFICATE-----
MIIDwzCCAqugAwIBAgICAyEwDQYJKoZIhvcNAQENBQAwLTELMAkGA1UEBhMCSVQx
DDAKBgNVBAoMA0lHSTEQMA4GA1UEAwwHVGVzdCBDQTAeFw0xODEwMTUxNTU3MDVa
Fw0yODEwMTIxNTU3MDVaMC8xCzAJBgNVBAYTAklUMQwwCgYDVQQKDANJR0kxEjAQ
BgNVBAMMCXN0b3JtIGRldjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEB
AMuYkdSf9acKHM+4UX0u+qnH33R1u4EaUuClHkhWxYU5v5BKK77F74MKSuCGhIF5
FE+OcLqKo2gHoyy+dtb8KL+RMWdF6y62zjG9MtH0oIgM6S+g7neP2sEbULoNCQUp
ErFMmCj9asD8m9FAzVxZxH1Jv8EPpTpCfEENHiUuLi49DCP7nx9G7PNiqqbKhanq
7FGYJm4avc0O6yJJsubEmS9rPLqCCUZ0sxmm3Lmhg23VKGJDuhvz4R1hYYeyyxsU
SQLe2RDK1wzaxsMc8qtIJ40QF4tWy13U9hllTHglyz2+pZN3zqJ3l960JI6qO9zG
+FfZqbpC2Xp3pErcdgcrQ8MCAwEAAaOB6jCB5zAMBgNVHRMBAf8EAjAAMB0GA1Ud
DgQWBBSvUuqsIohw5caqrsyt+8qV6xc7FTAOBgNVHQ8BAf8EBAMCBeAwPgYDVR0l
BDcwNQYIKwYBBQUHAwEGCCsGAQUFBwMCBgorBgEEAYI3CgMDBglghkgBhvhCBAEG
CCsGAQUFBwMEMB8GA1UdIwQYMBaAFJF3NnsutGnzJ+q39giLSiOiEUnGMEcGA1Ud
EQRAMD6CDXN0b3JtLmV4YW1wbGWCE3N0b3JtLWFsaWFzLmV4YW1wbGWCDW90aGVy
LmV4YW1wbGWCCWxvY2FsaG9zdDANBgkqhkiG9w0BAQ0FAAOCAQEAtTaaLeR5Vhoc
0DTk2AYqA5RlzKdxv4jG+R2/IBjUJWqKpV6XZI4j0lEK+zqWaPajdb10bT1NBVQc
tEPuM71mgO6BUPSc6jh0IvOrsUEEf/VkB0l4nnOlAA2P5snsvDv3AH6eCRqbpECn
OZAc+srsMVNSJ5OI2xiz8Ld/ZU4GxfW0nmyvae/a6kzoUO3cSaf+aZDPd2lYSQoc
UF6rJrBSMcpvihF4gMWeT0NAYPOZRk2NUVrlBJCezkBKxTWx8dFjhotCc3l69zPT
aSJFooIMBWl9ACvlyUQ4+K7hgXEEuEi/UZEiTpDGrZHMMKXoU09ksT16yM2utrh8
3MeYNuul5A==
MIIDmTCCAoGgAwIBAgIBEzANBgkqhkiG9w0BAQ0FADAtMQswCQYDVQQGEwJJVDEM
MAoGA1UECgwDSUdJMRAwDgYDVQQDDAdUZXN0IENBMB4XDTIyMTAxOTA4NTU1N1oX
DTMyMTAxNjA4NTU1N1owNDELMAkGA1UEBhMCSVQxDDAKBgNVBAoMA0lHSTEXMBUG
A1UEAwwOKi50ZXN0LmV4YW1wbGUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQDnOgGokxII9KbJiRCi9mpq05OYxzHA5Yo6RJvP77k9BYYDYQ5u/Mb5mp41
1j04J0jLdyaXFTSgCx2XMd0Y7L942TKeABpEangVH6x7PrutsrQydYwR2DHsGX2/
ul0ecDhiEM86iqSYg7Tf4FA75ewkoIkULBknSGbD1B10Y75jOJU/ZNCRrJX32cqW
tRvncXB7XzsSMCy4Oih5hJyBEts4MW0tKuKABVwpd1NYEBnu+VDhjTsr4sAL0p88
oJUz+DMXziMOMegePX5qyW2Dngv6Q9JKP77TGQcejOT23I/DPjqOZkqH7ws52+g+
MByRnrMe06AeG5qxWJnepbtTOztdAgMBAAGjgbwwgbkwDAYDVR0TAQH/BAIwADAd
BgNVHQ4EFgQUYPohzhy1MY2bAfYIW3JNWVr4cYwwDgYDVR0PAQH/BAQDAgXgMD4G
A1UdJQQ3MDUGCCsGAQUFBwMBBggrBgEFBQcDAgYKKwYBBAGCNwoDAwYJYIZIAYb4
QgQBBggrBgEFBQcDBDAfBgNVHSMEGDAWgBRQm290AeMaA1er2dV9FWRMJfP49DAZ
BgNVHREEEjAQgg4qLnRlc3QuZXhhbXBsZTANBgkqhkiG9w0BAQ0FAAOCAQEAeYLy
VESYliXCg8kPGWkc9qcZDWGQ+ZYj4qtaMNtV10+w/7J7Qdo1l0eG5IUAbRFk7jKk
ZO7+soOlJErOw5Gu2z1br/p+gRocadAannAOnnSFa0iQahti/26zhDC3f/rAPu6R
cAvyE+rILKrYyzxgsQj5jr/C5M6San4KQUmUj+VucflHBBoYH2VH1hzqqZBxghs7
H6XyAs5c1i5dHgXEkp49js76AIMB1cPBz+Ll+wiACPRsJmSW282+TOe8j689Dgz3
0lIVnNUVDVGzlXJ4HYzKN1V6wLAPGK7e0CdvG+RdHUv5TF1ESe3Pwp7nxlVyzi9D
py+I3rfan4KmVHfCLg==
-----END CERTIFICATE-----
50 changes: 25 additions & 25 deletions compose/assets/certs/hostkey.pem
View file
Original file line number Diff line number Diff line change
@@ -1,27 +1,27 @@
-----BEGIN RSA PRIVATE KEY-----
MIIEpAIBAAKCAQEAy5iR1J/1pwocz7hRfS76qcffdHW7gRpS4KUeSFbFhTm/kEor
vsXvgwpK4IaEgXkUT45wuoqjaAejLL521vwov5ExZ0XrLrbOMb0y0fSgiAzpL6Du
d4/awRtQug0JBSkSsUyYKP1qwPyb0UDNXFnEfUm/wQ+lOkJ8QQ0eJS4uLj0MI/uf
H0bs82KqpsqFqersUZgmbhq9zQ7rIkmy5sSZL2s8uoIJRnSzGabcuaGDbdUoYkO6
G/PhHWFhh7LLGxRJAt7ZEMrXDNrGwxzyq0gnjRAXi1bLXdT2GWVMeCXLPb6lk3fO
oneX3rQkjqo73Mb4V9mpukLZenekStx2BytDwwIDAQABAoIBAHFYwWeEnniekqe6
T/PHodm/4tGtcfRQOW/DvXY8iL7BBbtI783H2K41nrYdbcu/IuWfwXa5FHwoNFoG
t5a8z9rG9KAwNtzM/UKHuLFW5cCYn4HasKhzuC/mCy1pcGolEbkPkW7QlwxWFlGL
KEmP2GqAEndjRHOI7DAzI2NDsIYgjBARGCWLURcjohr8q5Z1EC9B8ClmzA94f7EZ
RZ61mN3oOZiJtulGRnmn70lIdcJ4sWMlJbrLtKsPK0rHAv8U5Yjs+TSsrz4lYTVa
5sdp9nhr5GpZ3W+JDEq0ZyeiJ5FxyR4krcIj8HVVDVavauW4vRu9CeqnDwDunPl6
L14O/uECgYEA75RpcfM4bzULJpVbLNHZTkClZtWNyY77rDkfvrOjlsD06QMDBeQh
vFxiNxwO2JqSKoJf1vay8Hn7un9NSm5x8MgRfrMjhsG6MzavycrxESRFtq5Adkdk
3lQyn0WGYsPHFLVs/tx1GtdzCqU5SyBUkeLCqMNaARV1xmD4AjFcaasCgYEA2YzM
ZZ8Z4aAqkv6gJiZTN1gQxMO8nPiCwY8NefI/Mm1U+X6j4ZYRkqTcvdsJzFtnj+ab
rrguS1AOuyDMID2NKjQTrzJLBUhNYzbo7YeMsY2U+k9z0fvM3WGzX0YBvcxtnqXm
BLMKHjbF0YvzEbu0qD1dWj5CZ6e/+DXfK5QlZkkCgYAEAa9hwHeJJJHzKzxDG59O
t7YMajXc0Q9UagAl6EssEj4GR46dYptN0x2xXj7BUJRxMYz4w1dqvh9/lvFr9Tzi
kfX48HX/ou3CPX/jGAnAB6NC0tcxIzCEp1PRZhBBRpTlu8L+4CD1OfUqkGjM4NWJ
OwmWWO4AZqN5ldWP89Nf0QKBgQDUR1RHMNljVRNV/gmtUCZRUaiDJ3ALR17nmjwP
KzdJcG/DSDSHchTRn/cZdvt3ohVK0D5HXccmjAbjx9wG9aiibtBqWsvjaqrAzhq5
dFPwCPQ+z3p3gpljx+rsY3ZdinXIoZ7yJPYRh2a90y6qthtRMxe9cBUB6iki/QY4
EsXvqQKBgQCUokN2XeonTeJCIDKU7XKd5JNOuWFWCz/tsBu2lnMSr/2txiL3cCgt
BNJw+rbZ08hMMNeD871lsYKTrPigEXKpMlHlC8RodWK7XEGhTL4nHoZQ/PE8Zq71
Q6+DM27CV0IU7/78rrWO0YdHii2pE72Fp05i/X16apjTSFi9InL6ZQ==
MIIEowIBAAKCAQEA5zoBqJMSCPSmyYkQovZqatOTmMcxwOWKOkSbz++5PQWGA2EO
bvzG+ZqeNdY9OCdIy3cmlxU0oAsdlzHdGOy/eNkyngAaRGp4FR+sez67rbK0MnWM
Edgx7Bl9v7pdHnA4YhDPOoqkmIO03+BQO+XsJKCJFCwZJ0hmw9QddGO+YziVP2TQ
kayV99nKlrUb53Fwe187EjAsuDooeYScgRLbODFtLSrigAVcKXdTWBAZ7vlQ4Y07
K+LAC9KfPKCVM/gzF84jDjHoHj1+asltg54L+kPSSj++0xkHHozk9tyPwz46jmZK
h+8LOdvoPjAckZ6zHtOgHhuasViZ3qW7Uzs7XQIDAQABAoIBAAx5xL0jskVpbdZR
3uPsB7Hb2IrVtImD2QFr0jxV4ti4A5MLGYxDdzjgbsjY1lTBSdwwgZSFQGGiN+aA
ej1uCKaskV6VAtXOKMx6+QNtTxMAIVjXnscXsxnaBj7h/0Q1KdWgso2mDVttP8UU
hT+2GBeh0cOU3YaREXpfZ3dwKkWQHbtO/UYwVzu+XVFt8kApPoLMMHoXZfetP6Yp
7YSCuI6id44mwqkP7aY8iGhcUpVTkP3LD7z8nUp4LaG9my6T1Wev8x7hstb/NIsZ
DPiXAzfDUkHWqpMthnoWyOdghGc6JzKGFeJVHqrW4byJ4hNU3WvNIdvZ8tyIEpd1
56uP/gECgYEA92oUhzHjvw87qfo6tPDai2I8AghXJoPGB6xYYhchlirYMGPx9fU/
rcVEGbmSBDqXMg9eZUqiXB+E/hukCOrFZJt4kt656Nm/Xy68IDwSifmf5vcUde6q
j0pD6i0vwJFjYWBjjS7gRBK83pr/jHhy8aK1+79lZ0GfbQkLxF/2TxkCgYEA70Af
A387tHDmct7ZH0gAZx9QKYZhtS+WWVCIoZ81028DEeGri0By83KFkU0QZ9RfWKQi
RajBYkB35xJFv4fSX5s4+tcVaTVJKOn7V5YGmUIxrGY3IMuE77+h9SEHd8GY723q
9qgwTF5SQP3cGiVpGFB99M44CBuHbbypFh67iuUCgYEA3Zp6QI2C/AJc4mZqZt7E
IMwgC4IE7U5h9UV89H7banF9qfobIr5EBxUFZjU8f+Uqv3/cgMVUn0bsC94eEo6V
twM5//LWeaVvL4Xgos6rnEGl422zOd5HjohqRDms58JRTUrUYAR4gwB1gr0530uT
SLMAZTiNTusMLNFJZN6+8yECgYAulAY1sRSXmY9T98y/iU4CxZberrnhA2W697HR
/WQGSMuJNK0oDCEVAku8sQsrm64AXNwLQcJ8dV6iju0jT7cGQ/sA4tTZSbV3kK4N
LDkWp0tya+f5q4WzA1Ttm0OP7hHvMzAWW0Ij7A0JeCLcuEHQqQMMoQVJlspz89Hb
a5pJfQKBgFZb6XnLMTSCs/SQe38PQiawIQcA+zXmhG83xkEKspQGm2KqyJL+AdKQ
fXQKoKa/Ubyp7PKRJVZ8raX1/kvtFDQIQ+G3L/hps5rhZgDh5S2n0xd4zlbK/Sw6
l3RjOUpHSe8oz+X3Jinl/Rwr39I9hrRAW2xj7vkFb84IE98mJu2X
-----END RSA PRIVATE KEY-----
19 changes: 0 additions & 19 deletions compose/assets/etc/storm/webdav/README.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -11,22 +11,3 @@ service.

Storage area configuration lives in the `sa.d` directory.
For more information see the README.md file there.

## VOMS map files configuration

VOMS map files contains the list of VO members as obtained by running the
voms-admin list-users command.

When VOMS mapfiles are enabled, users can authenticate to the StoRM webdav
service using the certificate in their browser and be granted VOMS attributes
if their subject is listed in one of the supported VOMS mapfile.

For each supported VO, a file having the same name as the VO is put in the
voms-mapfiles directory.

*Example*: to generate a VOMS mapfile for the `cms` VO, run the following
command

```bash
voms-admin --host voms.cern.ch --vo cms list-users > cms
```
6 changes: 6 additions & 0 deletions compose/assets/etc/storm/webdav/config/application-issuers.yml
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,6 @@
oauth:
issuers:
- name: egi-checkin
issuer: https://egi-checkin.example/
- name: dev
issuer: https://iam-dev.cloud.cnaf.infn.it/
Loading

0 comments on commit c8af5a2

Please sign in to comment.