EMI Hydra Service Reference Card

Service Reference Card (Hydra Service 3.2.1 for EMI-2)

  • Functional description: Stores encryption key fragments over many services.
  • Services running:
    • Java application org.glite.data.hydra.helpers.HydraContextListener
  • Init scripts and options:
    • service tomcat5 {start|stop|status|restart}
  • Configuration files location with example:
  • Open ports:
    • Service port: *:8443
  • Possible unit test of the service: None
  • Where is service state held (and can it be rebuilt): mysql database. User name and password has been specified in the YAIM configuration file already.
  • Cron jobs: None
  • Security information
    • Access control mechanism (authentication & authorization):
      • Authentication: SSL/TLS client authentication on the service port
      • Authorization: Configured in the configuration file (subject DN and/or VOMS attributes)
    • How to block/ban a user
      • Not supported, except via certificate revocation
    • Network Usage
      • TCP traffic to the service port, outgoing TCP traffic to the online CA, attribute authority and possibly audit database.
    • Firewall configuration
      • The service port should be open for TCP traffic.
    • Security recommendations
    • Security incompatibilities
    • List of externals (packages are NOT maintained by Red Hat)
    • Other security relevant comments
  • Utility scripts: None
  • Location of reference documentation for users:
  • Location of reference documentation for administrators:

-- JohnWhite - 06-Jul-2012

Topic attachments
I Attachment HistorySorted ascending Action Size Date Who Comment
PDFpdf HydraServiceRefCard.pdf r1 manage 380.5 K 2012-10-25 - 15:43 JohnWhite  
Edit | Attach | Watch | Print version | History: r3 < r2 < r1 | Backlinks | Raw View | WYSIWYG | More topic actions
Topic revision: r3 - 2012-10-25 - JohnWhite
 
    • Cern Search Icon Cern Search
    • TWiki Search Icon TWiki Search
    • Google Search Icon Google Search

    EMI All webs login

This site is powered by the TWiki collaboration platform Powered by PerlCopyright & 2008-2020 by the contributing authors. All material on this collaboration platform is the property of the contributing authors.
Ideas, requests, problems regarding TWiki? Send feedback