Access Keys:
Skip to content (Access Key - 0)

Secure the StockManager

The StockManager service allows users to create stock portfolios which are then handed off to the StockPortfolioManager to be managed. In this section we will secure the StockManager such that (1) all communication is encrypted via https, (2) requires users to authenticate with the StockManager with grid credentials, and (3) only allow members of the Training:Trainees group managed by the Grid Grouper https://grouper.training.cagrid.org:8443/wsrf/services/cagrid/GridGrouper to access the service. To secure the StockManager service please complete the following steps:

  • If you closed Introduce then reopen it and open the generated service from Phase 4 for modification. 
    %> cd <introduce install location>
    
%> ant introduce

    Once Introduce comes up you will want to click on the Modify Service button on the top menu bar. This will prompt you to browse to the directory of your generated service. Browse to the Phase 4 generated service and select Open. In the Modification Viewer click the Services tab in the main tab panel.

  • Next, select the StockManager (Main Service) node of the tree.
  • Next, select the Modify Service button on the middle right to open the Modify Service Context dialog.
  • Next select the custom radio button in the Security Configuration Panel.
  • In the Secure Communication tab, select the Transport Layer Security checkbox under the Secure Communication tab.
  • Select Privacy from the Communication Method drop down for Transport Layer Security.
  • Select the Authorization Tab.
  • From the Authorization Mechanism drop down select Grid Grouper.
  • From the Grid Grouper drop down select https://grouper.training.cagrid.org:8443/wsrf/services/cagrid/GridGrouper.
  • Click the Load button, this will populate the Grid Grouper Browser panel on the left side of the screen with the Grid Grouper you selected.
  • In the GridGrouper Expression Editor on the right hand side, select AND.
  • In the GridGrouper Browser, traverse the Training GridGrouper (https://grouper.training.cagrid.org:8443/wsrf/services/cagrid/GridGrouper) => Training => Trainees, selecting the Trainees group.
  • Click the Add Group button in the lower right part of the window.
  • Click the Done button at the bottom of the dialog.
  • Click the Save button at the bottom of the Modify Service Interface window.
Target a Training Grid Securing the service and its resources Secure the StockManager Service getQuote Operation
Last edited by
Joe George (1469 days ago) , ...
Adaptavist Theme Builder Powered by Atlassian Confluence