[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [HTCondor-users] çå: Where can I find the wsdl file?
- Date: Fri, 18 Sep 2015 13:16:41 -0500
- From: Todd Tannenbaum <tannenba@xxxxxxxxxxx>
- Subject: Re: [HTCondor-users] çå: Where can I find the wsdl file?
On 9/13/2015 10:07 PM, feih@xxxxxxxxxxxxxxxxxxxxxxxxx wrote:
Thank you very much for help. I can send condorSchedd.getVersionString command successfully. But when I try to use the beginTransaction() function, a permission denied was returned. I have set ALLOW_SOAP=* and ALLOW_WRITE=*.nttdocomo.local. I can use condor_submit from 192.168.0.160 for submission. And here is the relevant log from condor schedd:
09/14/15 10:50:33 (pid:1328) Received HTTP POST connection from <192.168.0.160:4
09/14/15 10:50:33 (pid:1328) About to serve HTTP request...
09/14/15 10:50:33 (pid:1328) Completed servicing HTTP request
09/14/15 10:50:45 (pid:1328) Received HTTP POST connection from <192.168.0.160:4
09/14/15 10:50:45 (pid:1328) About to serve HTTP request...
09/14/15 10:50:45 (pid:1328) PERMISSION DENIED to unauthenticated user from host
1c INVALID ADDRESS FAMILY for SOAP, access level WRITE: reason: WRITE authoriza
tion policy contains no matching ALLOW entry for this request; identifiers used
for this host: , hostname size = 0, original ip address = 1c INVALID ADDRESS FAM
Where you can find the first ip address is correct, which is 192.168.0.160, but the soap server falsely report that address as 1c, I cannot explain why. Could you please help to find a solution. Thank you very much.
My guess is that the schedd is refusing to allow the SOAP submission to
happen because it cannot authenticate the client. Your choices are to
either a) connect via HTTPS with client-side SSL certificate, or b)
simply set QUEUE_ALL_USERS_TRUSTED=True in the condor_config of your
schedd and do a condor_reconfig. Obviously option (b) is much easier,
but it means you need to trust all the clients that can access the
schedd (i.e. do NOT do this on a schedd that is on the public internet!).
You may find this URL of help