This network configuration was used to validate the following guide.
h3. Obtaining Proxy Information
In order to configure caGrid to utilize your proxy, you must collect information concerning the proxy host that is used in your institution. There are a couple of ways to determine this information.
# Communicate with your Help Desk or IT Support to obtain the proxy hostname, port and some rules about which hosts must use the proxy.
# Look at your Internet browser's configuration.
## IE 8
### From the "Tools" menu, select "Internet Options".
### Click the "Connections" tab.
### Click the "LAN Settings" button.
### If "Proxy Server" is selected, copy the Address and Port values.
### If "Automatic configuration" \-> "use automatic configuration script" is selected, copy the "Address" of the configuration script.
### If "Automatic configuration" \-> "Automatically detect settings" is selected, contact your Help Desk to obtain the proxy hostname and port.
## Firefox 3.x
### From the "Tools" menu, select "Options...".
### Click the "Advanced" icon.
### Click the "Network" tab.
### Click the "Settings" button.
### If "Manual proxy configuration" is selected, copy the "HTTP Proxy" and "Port" values.
### If "Automatic proxy configuration URL" is selected, copy the URL of the configuration script.
### Otherwise, contact your Help Desk to obtain the proxy hostname and port.
# Determine proxy from the automatic proxy configuration URL.
## In your browser, open the proxy configuration URL to view the contents of the proxy configuration.
### Note: in IE you may have to right-click the web page and select "view source" to see the contents.
## This PAC file should contain a FindProxyForURL function that determines which URLs are proxied and which are not.
## Your proxy will be identified in return statements like this: "return "PROXY 10.127.20.41:8080";"
## Pay specific attention to URLs that are NOT proxied. Non-proxied connections are identified by a return statement that indicates "Direct".
h2. System Configuration
Many of the Java applications in caGrid, such as Introduce and GAARDS, are invoked using Ant. Our proxy will be configured in Ant environment variables and then set on Java calls as parameters.
h3. Environment Variables
A single environment variable, ANT_OPTS, can be used to hold the proxy configuration for Ant. Another optional variable, ANT_ARGS, can be used to indicate that Ant should always utilize this configuration.
ANT_OPTS
Contains command-line arguments that should be passed to the JVM. We will use the following options for proxy support.
# http.proxyHost - contains hostname or IP address of http proxy.
# http.proxyPort - contains the port number of the http proxy.
# http.nonProxyHosts - contains a pipe (\|) delimited list of hosts that should connect directly, rather than through, the proxy.
# http.proxyUser - optional - contains the username required to authenticate with the proxy server.
# http.proxyPassword - optional - contains the password required to authenticate with the proxy server.
h2. caGrid 1.4 Configuration
The caGrid 1.4 distribution allows users to configure proxy usage for the following:
* caGrid Installer
* GAARDS Security User Interface
* Introduce Service Development Tool
* Synchronization with Trust Fabric
h2. caGrid 1.3 Configuration
caGrid 1.3 was not distributed with the ability to be configured for proxy usage.
h2. Example Configuration
The following steps show how to configure caGrid 1.4 to utilize a proxy.
Example configuration:
* Browser configured with a proxy PAC file, proxy.pac, that identifies which URLs must use the proxy.
* HTTP Proxy host: 10.127.20.41
* HTTP Proxy port: 8080
* No user authentication is required at the proxy.
* All HTTP traffic must use the proxy.
* All HTTPS traffic must bypass the proxy.
h3. Obtain Proxy Information
# Open browser and view proxy configuration as specified in the "Obtain Proxy Information" section above.
# Download proxy automatic configuration file.
# Determine rules in file.
From my proxy.pac file:
# Proxy host: 10.127.20.41
# Proxy port: 8080
# Rules that pertain to caGrid:
## All http traffic is proxied.
## All secure training grid URLs fall into a rule that indicates direct connection.
\\
h3. caGrid Installer
h4. caGrid Installer Configuration
# Download and extract the caGrid Installer.
# Open the appropriate script in a text editor.
## Windows: install.bat
## Unix/Mac: install.sh
# Find the "HTTP Proxy Settings" line in the file.
## Remove the "REM" or "#" at the beginning of the subsequent line.
## After "-Dhttp.proxyHost=", type the proxy hostname or IP.
## After "-Dhttp.proxyPort=", type the proxy port number.
## After "-Dhttp.nonProxyHosts=", type the list of HTTPS hosts that must bypass the proxy server.
# If proxy authentication is required, find the "Set username" line in the file.
## Remove the "REM" or "#" at the beginning of the subsequent line.
## After "-Dhttp.proxyUser=", type your username.
## After "-Dhttp.proxyPassword=", type your password.
h5. Example Proxy Configuration
This is an example:
{code}REM HTTP proxy settings
set JAVA_OPTS=%JAVA_OPTS% -Dhttp.proxyHost=10.127.20.41 -Dhttp.proxyPort=8080 -Dhttp.nonProxyHosts=\"\"
{code}
h5. caGrid Installer Execution
Now that the installer script has been configured, run the installer for either an open network or a proxied network.
# Open Network:
## Windows command: install.bat
## Unix/Mac:
### Set execute permission: chmod u+x install.sh
### Command: ./install.sh
# Firewalled Network:
## Windows command: install.bat \-proxy
## Unix/Mac:
### Set execute permission: chmod u+x install.sh
### Command: ./install.sh \-proxy
\\
h2. GAARDS-UI, Introduce and syncWithTrustFabric
These three applications will utilize the ANT_OPTS environment variable to hold a common required proxy configuration. This variable, created in this section, will define the proxy configuration for the Training Grid using the example proxy server.
h3. Create the ANT_OPTS Contents
Create the contents of the ANT_OPTS environment variable in a text editor.
# Open a new file in a text editor.
# Paste the following:
## ANT_OPTS='-Dhttp.proxyHost= \-Dhttp.proxyPort= \-Dhttp.nonProxyHosts="localhost"'
# Set the proxyHost value to "10.127.20.41".
# Set the proxyPort value to "8080".
# Because all secure training grid hosts bypass the proxy we must add the hostnames of the services to the "nonProxyHost" list.
## Set the hostname list to include:
### dorian.training.cagrid.org
### globalmodelexchange.training.cagrid.org
### mastergts.training.cagrid.org
### slavegts.training.cagrid.org
### grouper.training.cagrid.org
### cds.training.cagrid.org
### fqp.training.cagrid.org
### workflow-scufl.training.cagrid.org
### workflow-bpel.training.cagrid.org
### cagrid-gme.nci.nih.gov - production server used by Introduce
### cadsrapi.nci.nih.gov - production server used by Introduce
## The final environment variable:
{code}ANT_OPTS=-Dhttp.proxyHost=10.127.20.41 -Dhttp.proxyPort=8080 -Dhttp.nonProxyHosts="localhost|dorian.training.cagrid.org|globalmodelexchange.training.cagrid.org|mastergts.training.cagrid.org|slavegts.training.cagrid.org|grouper.training.cagrid.org|cds.training.cagrid.org|fqp.training.cagrid.org|workflow-scufl.training.cagrid.org|workflow-bpel.training.cagrid.org|cagrid-gme.nci.nih.gov|cadsrapi.nci.nih.gov"{code}
h4. Set the Environment Variable
Now set the environment variable so that it is available for use by Ant.
# Unix / Mac
## Open your initialization file for your shell. This file will be at the root level of your user directory. The file is specific to the shell that you use.
### Bourne Shell: \~/.profile
### Bash Shell: \~/.bashrc or \~/.profile
### C Shell : \~/.cshrc or \~/.login
### Korn Shell: \~/.profile or \~/.kshrc
## Add an entry for your new variable.
### export ANT_OPTS=
## Provide the values for the environment variable.
{code}-Dhttp.proxyHost=10.127.20.41 \-Dhttp.proxyPort=8080 \-Dhttp.nonProxyHosts="localhost\|dorian.training.cagrid.org\|globalmodelexchange.training.cagrid.org\|mastergts.training.cagrid.org\|slavegts.training.cagrid.org\|grouper.training.cagrid.org\|cds.training.cagrid.org\|fqp.training.cagrid.org\|workflow-scufl.training.cagrid.org\|workflow-bpel.training.cagrid.org\|cagrid-gme.nci.nih.gov\|cadsrapi.nci.nih.gov"
{code}
## Save the file.
## Open a new terminal.
### Echo the new variable to verify it. "*echo $ANT_OPTS*"
# Windows
## On the Desktop, right-click *My Computer*, and then click *Properties*.
## Click the *Advanced* tab.
## Click the *Environment Variables* button.
## In the Environment Variables window, under the "Environment Variables for <Usename>", click *New*.
## In the New User Variable window:
### Variable name: "ANT_OPTS"
### Variable value: {code}-Dhttp.proxyHost=10.127.20.41 \-Dhttp.proxyPort=8080 \-Dhttp.nonProxyHosts="localhost\|dorian.training.cagrid.org\|globalmodelexchange.training.cagrid.org\|mastergts.training.cagrid.org\|slavegts.training.cagrid.org\|grouper.training.cagrid.org\|cds.training.cagrid.org\|fqp.training.cagrid.org\|workflow-scufl.training.cagrid.org\|workflow-bpel.training.cagrid.org\|cagrid-gme.nci.nih.gov\|cadsrapi.nci.nih.gov"{code}
### Click *OK*.
## In the Environment Variables window, click *OK*.
## In the System Properties window, click *OK*.
## Open a new command prompt
### Start->Run, type "*cmd*"
### In the command prompt, verify that your variable is set by typing *echo %ANT_OPTS%*.
h4. Application Execution
Once the environment variable is defined, the caGrid applications can be started and they will automatically be configured with your proxy information when you run the Ant command to start the application.
The "use.proxy" parameter will be used to determine whether the application will be configured to use the proxy configured in ANT_OPTS. When the flag is not present, no proxy configuration will be used.
# Open a terminal.
# Change directory to caGrid directory.
# Introduce
## ant introduce \-Duse.proxy=true
# GAARDS UI
## ant gaardsui \-Duse.proxy=true
# Synchronize with trust fabric.
## ant syncWithTrustFabric \-Duse.proxy=true
h2. Appendix
----
h3. Installer Host Dependencies
The caGrid Installer obtains installer files from several servers and provides the ability to use the GAARDS UI to obtain host certificates and to synchronize with the grid trust fabric. For this reason, the installer must access many servers.
h4. Download Servers
* [http://archive.apache.org] : Tomcat and Ant
* [http://downloads.sourceforge.net] : JBoss
* [http://gforge.nci.nih.gov] : caGrid and Globus
* [ftp://ftp1.nci.nih.gov] : caGrid installer properties
h4. Training Grid
* [https://dorian.training.cagrid.org:8443]
* [https://cds.training.cagrid.org:8443]
* [https://slavegts.trainging.cagrid.org:8443]
* [https://grouper.training.cagrid.org:8443]
h4. Production Grid
* [https://cagrid-dorian.nci.nih.gov:8443]
* [https://cagrid-cds.nci.nih.gov:8443]
* [https://cagrid-gts-slave.nci.nih.gov:8443]
* [https://cagrid-gridgrouper.nci.nih.gov:8443]
\\
----
h3. Introduce Host Dependencies
h4. Training Grid
Service Creation
* [https://globalmodelexchange.training.cagrid.org:8443]
* [http://mms.training.cagrid.org:8080]
* [http://cadsr-dataservice.nci.nih.gov:80]
* [https://cagrid-gme.nci.nih.gov:8443]
* [http://cadsrapi.nci.nih.gov]
Introduce Updates
* [http://software.cagrid.org]
Security
* [https://dorian.training.cagrid.org:8443]
* [https://cds.training.cagrid.org:8443]
* [https://slavegts.trainging.cagrid.org:8443]
* [https://grouper.training.cagrid.org:8443]
h4. Production Grid
Service Creation
* [https://cagrid-gme.nci.nih.gov:8443]
* [http://cagrid-mms.nci.nih.gov:8080]
* [http://cadsr-dataservice.nci.nih.gov:80]
* [https://cagrid-gme.nci.nih.gov:8443]
Introduce Updates
* [http://software.cagrid.org]
Security
* [https://cagrid-dorian.nci.nih.gov:8443]
* [https://cagrid-cds.nci.nih.gov:8443]
* [https://cagrid-gts-slave.nci.nih.gov:8443]
* [https://cagrid-gridgrouper.nci.nih.gov:8443]
\\
----
h3. GAARDS UI Host Dependencies
GAARDS IU provides many security related functions that require access to several secure grid services.
h4. Training Grid
* [https://dorian.training.cagrid.org:8443]
* [https://cds.training.cagrid.org:8443]
* [https://slavegts.trainging.cagrid.org:8443]
* [https://grouper.training.cagrid.org:8443]
h4. Production Grid
* [https://cagrid-dorian.nci.nih.gov:8443]
* [https://cagrid-cds.nci.nih.gov:8443]
* [https://cagrid-gts-slave.nci.nih.gov:8443]
* [https://cagrid-gridgrouper.nci.nih.gov:8443]
\\
----
h3. SyncWithTrustFabric Host Dependencies
The syncWithTrustFabric ANT task is used to configure your local caGrid installation to trust a specific grid. This is performed by connecting to the SlaveGTS server to obtain the grid's CA certificates.
h4. Training Grid
* [https://slavegts.training.cagrid.org:8443]
h4. Production Grid
* [https://cagrid-gts-slave.nci.nih.gov:8443]
Administration
...