Difference between revisions of "Transferring data to/from PIC"
Jump to navigation
Jump to search
(Created page with "== How to provide data access to external users without PIC account == I will use an example for MICE === Steps === 1) Ensure you have a dCache webdav door that exports yo...") |
|||
Line 5: | Line 5: | ||
=== Steps === | === Steps === | ||
− | 1) | + | 1) dCache webdav door that exports your data. |
− | + | https://webdav-mice.pic.es:8454 | |
− | + | 2) dCacheView frontend (optional) | |
− | + | ||
− | + | https://webdav-mice.pic.es:8464 | |
+ | |||
+ | 3) Authentication | ||
+ | |||
+ | Either PIC credentials (user/password) or a macaroon (https://dcache.org/old/manuals/UserGuide-7.0/macaroons.shtml). | ||
+ | Any authenticated user can get a macaroon for an external user. Remember to add proper caveats to restrict privileges. | ||
+ | In the next example, I retrieve a macaroon with 7 days validity, that can only download and list, and can only access the subtree of the provided URL. | ||
+ | |||
+ | <pre> | ||
+ | $ curl -u tallada -X POST -H 'Content-Type: application/macaroon-request' \ | ||
+ | -d '{"caveats": ["activity:DOWNLOAD,LIST"], "validity": "P7D"}' \ | ||
+ | https://webdav-mice.pic.es:8454/tape/raw/production/N4096_L3072_LC3/maps/n8192/kmapgcpy/ | ||
+ | |||
+ | { | ||
+ | "macaroon": "MDA3NWxvJmc2lnbmF0dXJlIJt81Pp8G1KXMH8FqwpWhJtwYnLfUAvNPQuq7bTwNOxGCg", | ||
+ | } | ||
+ | </pre> |
Revision as of 08:50, 23 December 2021
How to provide data access to external users without PIC account
I will use an example for MICE
Steps
1) dCache webdav door that exports your data.
https://webdav-mice.pic.es:8454
2) dCacheView frontend (optional)
https://webdav-mice.pic.es:8464
3) Authentication
Either PIC credentials (user/password) or a macaroon (https://dcache.org/old/manuals/UserGuide-7.0/macaroons.shtml). Any authenticated user can get a macaroon for an external user. Remember to add proper caveats to restrict privileges. In the next example, I retrieve a macaroon with 7 days validity, that can only download and list, and can only access the subtree of the provided URL.
$ curl -u tallada -X POST -H 'Content-Type: application/macaroon-request' \ -d '{"caveats": ["activity:DOWNLOAD,LIST"], "validity": "P7D"}' \ https://webdav-mice.pic.es:8454/tape/raw/production/N4096_L3072_LC3/maps/n8192/kmapgcpy/ { "macaroon": "MDA3NWxvJmc2lnbmF0dXJlIJt81Pp8G1KXMH8FqwpWhJtwYnLfUAvNPQuq7bTwNOxGCg", }