The Plug-in Skeleton

The federation distribution includes a functional skeletion that illustrates handling the interface calls though it does not manipulate any external testbed. It does illustrate most of the support for creating plug-ins, including reading configuration files, creating access control databases that map to local permission structures, storing persistent state and allocating local resources. The skeleton merely assigns an non-negative integer to each request. The range of integers is set from a configuration file.

This page describes how to set-up and run the skeleton plug-in, as well as what it does.

Configuration

These are the steps to configure the skeleton:

• Create a configuration directory that's readable by the user that the plugin will run as (probably your uid)
• make subdirectories in it called certs and userconf. The certs directory must be writeable.
• Copy skel.conf​ into thie configuration directory.
• Copy skel_access​ into the configuration directory
• Create a certificate representing a fedid in this directory.
• Follow the steps below to edit skel.conf​ for your installation.

If you put the certificate you created above into fedd.pem all you need to do is change the first line to include the full pathname to your configuration directory. Something like:

base: /my/config/directory

If you named the certificate something other than fedd.pem, you need to change the line that starts with cert_file: to point to your file. This means changing the pathname. For example if the certificate was called mycert.pem the line would change to:

cert_file: %(base)s/mycert.pem

If the certificate you created has a password, that password must be included as the cert_pwd parameter. For example:

cert_pwd: mypwd

In a real installation, including such passwords in the configuration file implies that the configuration file must be secured.

The next section explains the contents of the configuration files in more detail, but you can skip ahead to running the plug-in if you perfer.

Configuration File Contents

The skel.conf​ file contains three sections, each set off by a section name in braces, e.g., [access]. We will explain this file section by section.

DEFAULT

The first section, [DEFAULT] contains parameters that will be expanded in later sections. The base parameter will be used in other pathnames, to avoid having to hard code each full pathname. In later sections,the %(base)s construction will expand to the contents of the base} parameter. This is a standard construction in a configuration file parsed by python's ​ConfigParser module. The value inside the %() is the variable to expand, which is followed by a single character for formatting. More information about these conventions is ​available.

access

The [access] section contains most of the plug-in configuration information.