[Condor-users] Changes in SOAP (BirdBath) interface in Condor ver 6.7.20

[Todd Tannenbaum <tannenba@xxxxxxxxxxx>]

I just answered a question below that I think may be of interest to 
condor-users readers :

> Hi
>
> My name is James XXXXXX and I am supposed to be implementing a job submission
> portal for Condor, Birdbath might be part of the answer, can you offer any
> further suggestions, I think I heard somewhere that Condor 6.8.0 was due to be
> released with added portal technologies but do you know roughly when that will
> be ?
>
> Thanks in advance
>
> James


Hi James --

Version 6.7.20, which is the last developer release before ver6.8.0 
and is therefore feature complete, is now code complete and being 
tested on the production pool at UW-Madison.  Assuming it checks out, 
it should be on the website Friday or Monday.

So here is what has changed re BirdBath/SOAP in ver 6.7.20 :

+ Support for SOAP over HTTPS (HTTP + SSL).  How it works is clients 
have an SSL client side certificate, and the Condor daemons are given 
an SSL server side certificate (very similar to a web 
server).  Condor can then authenticate the client certificate, "map" 
the certificate subject name to a canonical Condor user id 
(username@uid_domain), check the authorization of the user (by 
checking the ALLOW/DENY settings in the condor_config file), and then 
performing the SOAP calls.  Of course, all communication is private 
(standard SSL).  Condor uses OpenSSL under the covers.  Note that for 
a portal environment, you may not care --- for instance, if the 
portal handles the job of authenticating/authorizing users (with a 
login password or whatever), you could tell Condor to "trust" 
whatever your portal says and the portal could just communicate w/ 
Condor using HTTP (HTTP is a little faster than HTTPS, and less work 
to setup since you don't need to create signed certificates etc).

+ Support for multiple simultaneous transactions to the 
Schedd.  Previous releases of BirdBath were somewhat crippled because 
only one client could be active at any given moment.   This lame 
restriction has finally been removed -- you can have as many 
simultaneous clients as your operating system can handle (the primary 
restriction being the maximum number of allowed TCP sockets).

+ We have a bunch of example code for both Java (using Axis) and for 
C# (using Microsoft .NET) to do things like submit jobs, query about 
job status, remove jobs, etc.  We hope to bundle these code examples 
into the ver 6.7.20 tarball before public release.

Other than the above, everything else is pretty much the same.  In 
particular, the API (WSDL files) did not change w/ v6.7.20, so folks 
who have been working with earlier releases do not have to change anything.

regards,
Todd




-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
Todd Tannenbaum                       University of Wisconsin-Madison
Condor Project Research               Department of Computer Sciences
tannenba@xxxxxxxxxxx                  1210 W. Dayton St. Rm #4257
http://www.cs.wisc.edu/~tannenba      Madison, WI 53706-1685
Phone: (608) 263-7132  FAX: (608) 262-9777