jpr's blog

[phpwiki]
Checkout uabgridca project from metric. It's best to check this out
into your local web development space (eg. public_html) in order to run
the application:

cvs co uabgridca

Setup symbolic links to reflect a post-setup configured environment:

sh links-postsetup.sh

Create a user account system to define usernames. uabgridca leverages
web server authentication and the REMOTE_USER environment to identify
users and create certificates. Users cannot enter their own values for
key certificate fields.

htpasswd -s phpkipasswd

Secure the CA for developer user. Note: this is not "secure". It

I've identified three areas I felt we touched on in today's discussion
and want to make some notes about where IM fits in each one.

I feel that part of the challenge in our discussion is that a deployment
touches on many issues. It's a broad discussion and some requirements
are likely to conflict with others.

Hopefully these categories are useful and help to further our discussion.

1) Identity Management

While IM doesn't define your identity, as we commonly think of it, IM
does leverage identity. The concepts of pseudononimty we've defined
fall into the area of identity management for the IM space. Such a

taxonomy; [uabgridca]

orienting myself again with the code and cvs structure.

there are a few things which need to be addressed with the phpki code. it
looks like the code build it's own http response headers and also looks
like it prefers to manage it's own basic auth interaction (based on lookup
of PHP_AUTH_USER var). this needs to be converted to use REMOTE_USER.
also all basic forms need to be converted to work with key/cert files
based on username not serial number.

we need custom code to assign rapid certs (very modified request_cert.php)
and code to just assign/download cert based on blazerid authn (slightly

this error is vague message that indicates the attempt to create a
certificate for a signing request is for a dn that already exists in the
CA's assigned certificate, i.e. it's been signed before.

http://saintaardvarkthecarpeted.com/wiki/index.php/TxtDbErrorNumber2

[phpwiki]
review how to deal with lab-subscribed groups by individuals

a few problems with this: I want a forum block to tie in specific forum to
a project page; don't seem to be able to restrict no comments on such
forums to prevent responses (or posts) from anyone but the gateway, eg.
must post to mailling list not forum; would be nice to just have a web
interface to news groups, eg. don't delete the messages out of a backend
subscribers folder. don't take them to the web, show them on the web.

felt really motivated this morning. like i haven't in a long while. got a
good start with the grid status mtg and laying out the plan till i2 demo.
(need to write that up). then got side tracked stepping yiyi through the
grid login service we're building when i noticed that the myproxyinit.php
script wasn't getting the proxy set correctly.

looked for a while like it was setting the wrong (new style) proxy, but
then finally realized that the it was still just the segv'ing of the
myproxy-init command in the expect script.

at the end of the day, i came back to the realization that the tcl/tk was

followed some of the moodle demo stuff and came across a link to
freesoftware.mit.edu which has an execellent collection of papers worth
reading. makes me realize that some of this stuff just needs to get done.
i need to just keep plugging away at it. little by little the bits will
fall in place. uabgrid is a good example. a year ago it was an intangible
collection of links on a web site. it solidified in march and is now a
reality and will continue to grow. the steps are becoming clearer and the
integration is becoming easier.

i was trying to remember the name of the project mitch kapor was working
on after reading about the jetspeed/turbine/velocity/etc technology stack
in OGCE. google helps of course.

the name of the project is chandler. what's more
interesting is that my search
led me to mitch's blog at
ogsa. it makes for great reading and is what i'm hoping to achieve
with our work here. it's too easy not to keep the site updated. it
take's lots of effort to do it.

cleaning up missed merges. the main problems have been with the uabgrid
logo, the color of the header, and the bottom navigation links. these
seem to not show up at all in the orginal sources. I guess I'm just not
looking hard enough or something. annoyingly a lot of the these changes
don't just get made in a style sheet or some central file, they are
scattered throughout various files and reflect a seemly primitive website
design models.

different systems often have a different concept about what a user is.
some systems use a simple username, some use a structured user name.

bugzilla uses a login name structured as an email address. The login name
serves both to identify the user and as a contact address for the user.
The user@domain structure in names helps bugzilla span virtual org
boundaries, an environment it's typically deployed in.

bugzilla uses a login type of DB or LDAP to determin the correct
behavior. seems i should introduce a new authn method, maybe EXTERNAL, to
tell it how to behave with remote user. will need to also define a default