VOMS proxy time limited and how to request an extension

From GridPP Wiki
Jump to: navigation, search

For security reason, it was agreed by JSPG and all VOs to limit the proxy lifetime to 24 hours for all VOs, both at the authentication and at the authorization level. The proxy renewal functionality is available in the glite WMS and FTS services. The standard gLite renewal mechanism can be used to support long-term operations. Grid middleware, whenever possible, should make use of approved services like MyProxy server to store long-lived proxy.

Using myproxy

$ voms-proxy-init --voms [vo]
Enter GRID pass phrase for this identity:
[confirmation messages]
Remote VOMS server contacted succesfully.

Created proxy in [location].

Your proxy is valid until [date and time]
$ myproxy-init -d -n
Your identity: [your DN]
Enter GRID pass phrase for this identity:
Creating proxy ........................................................................................................... Done
Proxy Verify OK
Your proxy is valid until: [date and time]
A proxy valid for 168 hours (7.0 days) for user [your DN] now exists on myproxy.gridpp.rl.ac.uk # <- should be this for UK users...

Documentation on using myproxy can be found at:

http://www.gridpp.ac.uk/deployment/users/gridsite-admin.cgi?cmd=print&file=myproxy.html


  • (PROBABLY OUT OF DATE) If your VO's users experience specific difficulty with 24 hours proxy and need a TEMPORARY extension of the proxy lifetime (more than 24 hours), the relevant VO manager(s) MUST follow the OSCT opertional noticeto make a request.
Retrieved from "https://www.gridpp.ac.uk/w/index.php?title=VOMS_proxy_time_limited_and_how_to_request_an_extension&oldid=4432"