Project

General

Profile

Bug #11142

Collision when 2 credentials use the same file name

Added by Marco Mambelli over 3 years ago. Updated 12 months ago.

Status:
New
Priority:
Low
Category:
-
Target version:
Start date:
12/14/2015
Due date:
% Done:

0%

Estimated time:
First Occurred:
Stakeholders:
Duration:

Description

When there are multiple credentials with different trust domain but the same file names, like in the example below, the frontend overwrites the credentials in its internal dictionary because it is using the file name as key.
Multiple trust domain are needed because some attributes different form the file name, e.g. the vmid in the e.g. below, are different.
This causes less glideins to be submitted because the frontend thinks there are multiple credentials for the same entry but there is only one.

A workaround for this problem is to use different file names: make a copy with a different name of the key/certificate files and use only once each copy

E.g. of a configuration causing the problem:

         <security>
            <credentials>
               <credential absfname="/etc/gwms-frontend/hepcloud_cms_accesskey" keyabsfname="/etc/gwms-frontend/hepcloud_cms_secretkey" pilotabsfname="/etc/gwms-frontend/cloud_proxy" security_class="cms" trust_domain="HEPCloud_AWS_USEAST_1_CMS" type="key_pair+vm_id" vm_id="ami-044e0e6e"/>
               <credential absfname="/etc/gwms-frontend/hepcloud_cms_accesskey" keyabsfname="/etc/gwms-frontend/hepcloud_cms_secretkey" pilotabsfname="/etc/gwms-frontend/cloud_proxy" security_class="cms" trust_domain="HEPCloud_AWS_USWEST_1_CMS" type="key_pair+vm_id" vm_id="ami-a2b1d8c2"/>
               <credential absfname="/etc/gwms-frontend/hepcloud_cms_accesskey" keyabsfname="/etc/gwms-frontend/hepcloud_cms_secretkey" pilotabsfname="/etc/gwms-frontend/cloud_proxy" security_class="cms" trust_domain="HEPCloud_AWS_USWEST_2_CMS" type="key_pair+vm_id" vm_id="ami-6d9d800c"/>
            </credentials>
         </security>

History

#1 Updated by Parag Mhashilkar over 3 years ago

  • Target version set to v3_2_13

Another idea, is using filename+trust_domain+security_class as a filename an option?

#2 Updated by Parag Mhashilkar over 3 years ago

  • Assignee set to Parag Mhashilkar
  • Target version changed from v3_2_13 to v3_2_14

#3 Updated by Parag Mhashilkar over 3 years ago

  • Assignee changed from Parag Mhashilkar to Marco Mambelli

#4 Updated by Parag Mhashilkar about 3 years ago

  • Target version changed from v3_2_14 to v3_2_15

#5 Updated by Parag Mhashilkar about 3 years ago

  • Target version changed from v3_2_15 to v3_2_16

#6 Updated by Parag Mhashilkar almost 3 years ago

  • Priority changed from Normal to Low
  • Target version changed from v3_2_16 to v3_2_x

#7 Updated by Marco Mambelli over 1 year ago

  • Target version changed from v3_2_x to v3_4_x

#8 Updated by Marco Mambelli 12 months ago

  • Target version changed from v3_4_x to v3_5_x


Also available in: Atom PDF