The WSDD file is pretty straightforward, and similar to the one used in the security configuration file examples. The file can be found here: $TUTORIAL_DIR/org/globus/progtutorial/services/security/delegation/server-deploy.wsdd. This file also includes the deployment descriptor for the next example (the PhysicsService with delegation activated)

However, we'll need to create a custom security configuration file to specify that the service's method must be run under the caller's identity. Otherwise, delegation will not take place. The security configuration file, found at $TUTORIAL_DIR/org/globus/progtutorial/services/security/delegation/config/security-config.xml, looks like this:

<securityConfig xmlns="http://www.globus.org"
  xmlns:physics="http://www.globus.org/namespaces/2004/02/progtutorial/PhysicsService">

<method name="physics:getAnswerToLifeTheUniverseAndEverything">
  
  <run-as>
    <caller-identity/>
  </run-as>
  <auth-method>
    <gsi/>
  </auth-method>
</method>

<auth-method>
  <gsi/>
</auth-method>

</securityConfig>

Before we compile and deploy, make sure you add this line to the $GLOBUS_LOCATION/ogsilogging.properties file:

org.globus.progtutorial.services.security.delegation.impl.PhysicsNoDelegationProvider=console,info

Build the service:

./tutorial_build.sh \
org/globus/progtutorial/services/security/delegation \
schema/progtutorial/PhysicsService/Physics.gwsdl

And deploy the GAR file (from the globus account):

ant deploy \
-Dgar.name=$TUTORIAL_DIR/build/lib/org_globus_progtutorial_services_security_delegation.gar