VOMS module Installation¶
This module assumes that you are running the Keystone 8 (Liberty) version.
Install the Keystone VOMS module¶
Install from Repositories¶
You can install Keystone VOMS from any of the repositories published in the AppDB. If you plan to install it like this, remove any prior version installed via pip and check that you are removing the old versions. If you did not install this module using pip, just ignore this step:
# pip uninstall python-keystone-voms keystone-voms
Please, do not use the OpenSuse build service anymore and switch to the EGI AppDB repositories. Please visit the Keystone-VOMS product page where you can find the download page for all the available and supported versions.
Install from pip¶
With a running Keystone you can install the VOMS module with the following command (note the version range):
# pip install 'keystone-voms>=8.0.0,<9.0.0'
Install from source¶
First, uninstall any old python-keystone-voms
installation. This was the
old name of the package and should be removed:
# pip uninstall python-keystone-voms
With a running Keystone, simply install this egg. In the upper-level
directory run python setup.py install
:
# git clone git://github.com/IFCA/keystone-voms.git -b stable/liberty
# cd keystone-voms
# pip install .
Enable the Keystone VOMS module¶
The authentication module is a WSGI middleware that performs the authentication
and passes the authenticated user down to keystone. Add the VOMS filter to your
paste configuration file (/etc/keystone/keystone-paste.ini
is the default one
in Ubuntu, /usr/share/keystone/keystone-dist-paste.ini
in CentOS). First,
add the VOMS filter as follows:
[filter:voms]
paste.filter_factory = keystone_voms.core:VomsAuthNMiddleware.factory
Then add this filter to the public_api
pipeline for the version V2 of your
API. Probably, you should add it before the debug
, ec2_extension
,
user_crud_extension
and public_service
components:
[pipeline:public_api]
(...)
pipeline = sizelimit url_normalize build_auth_context token_auth admin_token_auth xml_body_v2 json_body ec2_extension voms user_crud_extension public_service
Note that you may have a different pipeline. You don’t need to replace your
pipeline with the above, but just add the voms
filter in the correct place.