GridSite Architecture

From GridSite
Jump to: navigation, search
GridSite/Apache Architecture

GridSite was originally a web application developed for managing and formatting the content of the GridPP website. Over the past three years it has grown into a set of extensions to the Apache web server and a toolkit for Grid credentials, GACL access control lists and HTTP(S) protocol operations.

In its simplest application, GridSite uses X.509 certificates loaded into unmodified versions of web browsers like Internet Explorer, Netscape or Mozilla to authenticate users, and then grants read and write authorization on this basis. HTML and text files can be edited within a browser window, or pages and binary files can be uploaded from local disk. Certificate based authentification of users is now far more practical with the start of large scale issuing of X.509 certificates within Grid projects.

The current 2.x series is a substantial rewrite of GridSite, consisting of mod_gridsite, gridsite-admin.cgi, a toolkit libgridsite and the htcp command-line HTTP(S) client. Sources of the development versions are available from the CESNET/gridsite at github, and are published under the Modified BSD License. Sources are available in the EMI repositories.

mod_gridsite is a loadable module for the Apache web server which provides access control and page formatting for GridSite HTTP(S) Fileservers, Websites and Web Services hosts. mod_gridsite also intercepts some processing in the standard mod_ssl module to support GSI Proxies and VOMS attribute certificates, as well as the normal X.509 client certificates. The verification of these credentials is handled by functions within mod_gridsite and the main GridSite shared library, without the need to patch or rebuild mod_ssl.

gridsite-admin.cgi provides editing of webpages and other text files through web browsers, and management of the internal GridSite groups and Access Control Lists.

Functions from libgridsite are used by the GridSite modules and CGI programs, and the library can be used by third-party developers, using its published C/C++ API.

htcp is a client to fetch files or directory listings from remote servers using HTTP or HTTPS, or to put or delete files or directories onto remote servers using HTTPS. htcp is similar to scp, but uses HTTP/HTTPS rather than ssh as its transfer protocol.

The GridSite project is maintained by the CESNET.

Where to next? - All pages

GridSite Protocols - GridHTTP, Delegation protocol, Compact credentials, Namespaces

Implementations - GridSite, GridSiteWiki, Perl Clients, PHP, htcp command, WWFS

Design - GRACE Paradigm, Webservices on GridSite, Access Control model