ESnetESnetNetworking for Science
⨠MyESnet
Services

Contact Us

Technical Assistance:

1 800-33-ESnet (Inside the US)
1 800-333-7638 (Inside the US)
1 510-486-7600 (Globally)
1 510-486-7607 (Globally)

Report Network Problems:

trouble@es.net

Provide Web Site Feedback:

info@es.net

OSCARS

OSCARS Configuration

You will need to modify the files that are located in conf/axis-tomcat for your users. Once you have modified them you should copy them to a domain specific directory, and set the environment variable DOMAIN_HOME to point to them. If $DOMAIN_HOME is set, the ant task setupServer will copy the files from there rather than the conf/axis-tomcat. Also when you update to a newer distribution of OSCARS your changes won't be lost.

 

Server

OSCARS-services.xml,notify-services.xml are generated by WSDL2Java and specify all the methods and their parameters of the respective service. The ws-security-policy specification for message security is included in this file. It also imports rampConfig.xml for the Rampart specific parts of the security policy. Located in the distribution at conf/axis-tomcat. Copied to OSCARS.aar/META-INF/.

rampConfig.xml names the keystore file and has its password. Located in the distribution in conf/axis-tomcat. Copied to $CATALINA_HOME/shared/server/classes/repo.

OSCARS.jks is the keystore that is used to verify signed messages. It needs to contain the trustedCACerts for the issuers of any user who will submit a signed message and a keyEntry for the server to sign responses and forward messages to other IDCs. Located in the distribution in conf/axis-tomcat. Copied to $CATALINA_HOME/shared/server/classes/repo.

ssl-keystore.jks - has the trustedCACert for the ssl certificate of the Tomcat server that hosts the oscars services to which this service may forward messages. Located in the distribution in conf/axis-tomcat. Copied to $CATALINA_HOME/shared/server/classes/repo.

 

Files copied from OSCARS to axis2

conf/logging/axis2.log4j.properties is copied to webapps/axis2/classes/log4j.properties

classes/net/es/oscars/client/security/PWCallback.class copied to webapps/axis2/WEB-INF/net/es/oscars/client/security/PWCallback.class

Client

See Security Reference for more details about these files.

 

axis2.xml - needed when signing messages. It contains:

InFlow and OutFlow parameters

Imports rampConfig.xml

 

The axis2.xml file can be found by the client code from a javavm flag -daxis2.xml=<filename>

or can be set programatically by

ConfigurationContext configContext = 
		ConfigurationContextFactory.createConfigurationContextFromFileSystem(repo, null);
ServiceClient serviceClient = new ServiceClient(configContext, null)

Where repo is a directory on the classpath that contains an axis2.xml file.

The repo directory also contains:

rampConfig.xml contains:

alias for the user who is sending the messages

org.apache.ws.security.crypto.provider=org.apache.ws.security.components.crypto.Merlin

org.apache.ws.security.crypto.merlin.keystore.type=jks

org.apache.ws.security.crypto.merlin.keystore.password=password

org.apache.ws.security.crypto.merlin.file=OSCARS.jks (name of keystore file)

OSCARS.jks contains

keyEntry for the user specified in axis2.xml to be signing the outgoing messages

trustedCACerts for the issuer of this user's certificate

 

ssl-keystore.jks - has the TrustedCACert for the ssl certificate of the Tomcat server that hosts the oscars services to which the client will be connecting