The CSM administrative interface allows users to manage CSM authorization policy data for multiple applications from the Application Access Control interface. Using this interface users can view existing applications, add new applications and remove existing applications. To access the Application Access Control interface, first launch the CSM administrative interface. From the Access Control menu item, choose Manage Access Control.
In order to manage CSM applications and resources, you must be logged into a grid account that is configured to be a CSM administrator. During the installation process, it was recommended that at least one grid identity be added as a CSM administrator. If your account was not configured to be a CSM administrator, review step 7 of the Installation Guide.
If you have added your grid account as a CSM administrator but you are experiencing an error similar to the one pictured to the right, make sure that you specified the correct grid account in the Credential select box of the Application Access Control interface.
You can search for existing CSM applications by using the Search form fields on the Application Access Control interface. Select a service using the Service select box and choose your grid credential from the Credential select box. Note that the default value for the Credential select box is "Globus Default Proxy." Select a grid identity that has been configured as a CSM administrator from the Credential select box.
Once you have specified a Service and Credential, click the Search button to show a list of CSM applications associated with the Service you specified.
|As mentioned, the CSM Web Service can be managed using the administrative interface. Thus, it is possible to remove your own user id from having administrative access. If you accidentally lock yourself out of the administrative UI, you can re-enable access using the ant addAdmin command. Instructions for using the addAdmin command can be found in the Installation Guide.|
You may view and manage the protection elements, protection groups, roles, and other attributes of an application using the View button. Perform a search that lists the application you wish to view. Click on the application you wish to view to highlight it in dark blue. Click on the View button to launch the Access Control Management interface.
This interface displays tabs for managing Protection Elements, Protection Groups, Roles, Groups, Permissions and Instance Level Security Filters.
|Note that alternating application rows are highlighted with a light blue. This color differs from the dark blue used to show that a specific application has been selected. In the following screenshot, notice that the 2nd and 4th rows are highlighted in light blue, while the 3rd row is highlighted in dark blue. The 3rd row is the only row that has been clicked and is thus selected.
To add a new application, specify the service you would like to add the application to using the Service select box. Also, select a grid account from the Credential select box that is a CSM administrator. If you attempt to add a new application with an account that is not a CSM administrator, you will encounter the following error message:
Existing applications may be removed using the remove button. First, perform a search such that the application you wish to remove is listed in the search results. Next, click on the application you wish to remove. This will highlight the application row in dark blue. Click the Remove button to remove the selected application.
|Use caution with this feature! Clicking Remove does not prompt for confirmation and cannot be undone.|
Learn how to use the Access Control Management interface to manage protection elements, manage protection groups, manage roles, manage groups, manage permissions and manage instance level security filters.