[Moabusers] moab + gold

Scott Jackson scottmo at clusterresources.com
Wed Jun 7 13:08:34 MDT 2006 

Great. Thanks for letting me know!

Scott

On Wed, 2006-06-07 at 15:00 -0400, Caird, Andrew J wrote:
> Scott,
> 
> Sorry I didn't reply earlier. This is working well for us now, thanks.
> 
> --andy
>   
> > Subject: Re: [Moabusers] moab + gold
> > 
> > -----Original Message-----
> > From: Scott Jackson [mailto:scottmo at clusterresources.com] 
> > Sent: Thursday, April 13, 2006 5:44 PM
> > To: Caird, Andrew J
> > Cc: moabusers at supercluster.org
> 
> > Andy,
> > 
> > I examined this issue and had to make a code change to 
> > support disabling Gold authentication in Moab. We pushed out 
> > a new snapshot with the fix.
> > It should just work as you have it now. When it comes time 
> > that you would like to turn authentication back on in Moab, 
> > you will have to add the CLIENTCFG[AM:bank] ALGO=HMAC 
> > KEY=mysecret line into moab-private.cfg. With the new change, 
> > ALGO=NONE or leaving it blank has the effect of disabling 
> > Gold authentication.
> > 
> > Let me know if you have any trouble,
> > 
> > Scott
> > 
> > 
> > On Thu, 2006-04-13 at 16:07 -0400, Andrew J Caird wrote:
> > > Hi Scott,
> > > 
> > > Yes, I have a moab-private.cfg, but there's nothing in it.  
> > Is there a 
> > > default security in moab that needs to over-ridden somewhere?
> > > 
> > > Thanks.
> > > --andy
> > > 
> > > On Thu, 13 Apr 2006, Scott Jackson wrote:
> > > 
> > > > Andy,
> > > >
> > > > Does Moab have a moab-private.cfg file with a CLIENTCFG line for 
> > > > your AM (with CSALGO or ALGO specified)? If so, try removing that 
> > > > line (or renaming the entire file if that is the only 
> > thing in it). 
> > > > Let me know if that works.
> > > >
> > > > Scott
> > > >
> > > > On Wed, 2006-04-12 at 14:25 -0400, Andrew J Caird wrote:
> > > >> We've been using Gold with Maui for a while and have had 
> > good luck.
> > > > We're
> > > >> slowly implementing Moab and it isn't talking nicely to our Gold 
> > > >> installation.
> > > >>
> > > >> We have:
> > > >>
> > > >>     security.authentication = false
> > > >>
> > > >> in goldd.conf, but Moab seems to be sending auth information to 
> > > >> Gold
> > > > (see
> > > >> below).  Since I don't want to try to get our Maui 
> > installations to 
> > > >> do
> > > >
> > > >> authentication now, how can I get Moab to just be happy chatting 
> > > >> insecurely?
> > > >>
> > > >> Thanks for any advice.
> > > >> --andy
> > > >>
> > > >> 2006-04-12 11:56:04.049 INFO  main::  New Connection Received
> > > >> 2006-04-12 11:56:04.052 TRACE Gold::Message::new  invoked with
> > > > arguments: (connection => IO::Socket::INET=GLOB(0x96a9ad4))
> > > >> 2006-04-12 11:56:04.052 TRACE 
> > Gold::Message::receiveChunk  invoked
> > > > with arguments: ()
> > > >> 2006-04-12 11:56:04.053 DEBUG Gold::Message::receiveChunk  Read
> > > > message header (POST /SSSRMAP3 HTTP/1.1
> > > >> 2006-04-12 11:56:04.054 INFO  Gold::Message::receiveChunk  Read
> > > > message payload (351, <Envelope 
> > component="ClusterScheduler" count="1"
> > > > name="moab"
> > > > 
> > version="4.5.0p0"><Signature><DigestValue>Ki+eYe2e4BjFBYMv7whH0Y6AEs
> > > > c=</
> > > > 
> > DigestValue><SignatureValue>9F0Sm1FFaB336lTbMsn4IAdAnoU=</SignatureV
> > > > DigestValue>alue
> > > >> </Signature><Body actor="root"><Request action="Query"
> > > > actor="root"><Object>System</Object><Get
> > > > name="Version"></Get></Request></Body></Envelope>).
> > > >> 2006-04-12 11:56:04.054 TRACE Gold::Message::unmarshallChunk  
> > > >> invoked
> > > > with arguments: (<Envelope component="ClusterScheduler" count="1"
> > > > name="moab"
> > > > 
> > version="4.5.0p0"><Signature><DigestValue>Ki+eYe2e4BjFBYMv7whH0Y6AEs
> > > > c=</
> > > > 
> > DigestValue><SignatureValue>9F0Sm1FFaB336lTbMsn4IAdAnoU=</SignatureV
> > > > DigestValue>alue
> > > >> </Signature><Body actor="root"><Request action="Query"
> > > > actor="root"><Object>System</Object><Get
> > > > name="Version"></Get></Request></Body></Envelope>)
> > > >> 2006-04-12 11:56:04.056 TRACE Gold::Chunk::authenticate  invoked 
> > > >> with
> > > > arguments: (XML::LibXML::Document=SCALAR(0x96aa0f8))
> > > >> 2006-04-12 11:56:04.057 DEBUG Gold::Chunk::authenticate  The 
> > > >> security
> > > > token type is (Symmetric).
> > > >> 2006-04-12 11:56:04.057 DEBUG Gold::Chunk::authenticate  The
> > > > canonicalized body text is (<Body actor="root"><Request 
> > action="Query"
> > > > actor="root"><Object>System</Object><Get
> > > > name="Version"></Get></Request></Body>).
> > > >> 2006-04-12 11:56:04.058 DEBUG Gold::Chunk::authenticate  The
> > > > base64-encoded message digest is (Ki+eYe2e4BjFBYMv7whH0Y6AEsc=).
> > > >> 2006-04-12 11:56:04.059 DEBUG Gold::Chunk::authenticate  The
> > > > base64-encoded MAC is (Li3c8/u2v//jfxZHzFgqBl3j4+o=).
> > > >> 2006-04-12 11:56:04.063 ERROR Gold::Exception::new  Incoming MAC 
> > > >> does
> > > > not match calculated MAC at 
> > /usr/local/gold/lib/Gold/Chunk.pm line 
> > > > 597
> > > >> 2006-04-12 11:56:04.065 ERROR Gold::Exception::new  Failed
> > > > authenticating message: (Incoming MAC does not match calculated 
> > > > MAC). at /usr/local/gold/lib/Gold/Message.pm line 716
> > > >> 2006-04-12 11:56:04.070 ERROR main::__ANON__  Gold 
> > server error (424):
> > > > Failed authenticating message: (Incoming MAC does not match 
> > > > calculated MAC)..
> > > >> 2006-04-12 11:56:04.071 TRACE Gold::Response::new  invoked with
> > > > arguments: ()
> > > >> 2006-04-12 11:56:04.071 TRACE Gold::Response::failure  
> > invoked with
> > > > arguments: (424, Failed authenticating message: (Incoming 
> > MAC does 
> > > > not match calculated MAC).)
> > > >> 2006-04-12 11:56:04.072 TRACE Gold::Reply::new  invoked with
> > > > arguments: (connection => IO::Socket::INET=GLOB(0x96a9ad4))
> > > >> 2006-04-12 11:56:04.072 TRACE Gold::Reply::sendChunk  
> > invoked with
> > > > arguments: (Gold::Chunk=HASH(0x96aa53c))
> > > >> 2006-04-12 11:56:04.073 DEBUG Gold::Reply::sendChunk  
> > Writing reply
> > > > header (HTTP/1.1 200 OK
> > > >> 2006-04-12 11:56:04.073 TRACE Gold::Reply::marshallChunk 
> >  invoked 
> > > >> with
> > > > arguments: (Gold::Chunk=HASH(0x96aa53c))
> > > >> 2006-04-12 11:56:04.074 INFO  Gold::Reply::sendChunk  
> > Writing reply
> > > > payload (102, <?xml version="1.0" encoding="UTF-8"?>
> > > >> _______________________________________________
> > > >> moabusers mailing list
> > > >> moabusers at supercluster.org
> > > >> http://www.supercluster.org/mailman/listinfo/moabusers
> > > >
> > > >
> > 
> > 
-- 
Scott Jackson
Cluster Resources, Inc.
scottmo at clusterresources.com

More information about the moabusers mailing list