The WSDD file is pretty straightforward, and similar to the one used in the security configuration file examples. The file can be found here: $TUTORIAL_DIR/org/globus/progtutorial/services/security/delegation/server-deploy.wsdd. This file also includes the deployment descriptor for the next example (the PhysicsService with delegation activated)
However, we'll need to create a custom security configuration file to specify that the service's method must be run under the caller's identity. Otherwise, delegation will not take place. The security configuration file, found at $TUTORIAL_DIR/org/globus/progtutorial/services/security/delegation/config/security-config.xml, looks like this:
<securityConfig xmlns="http://www.globus.org" xmlns:physics="http://www.globus.org/namespaces/2004/02/progtutorial/PhysicsService"> <method name="physics:getAnswerToLifeTheUniverseAndEverything"> <run-as> <caller-identity/> </run-as> <auth-method> <gsi/> </auth-method> </method> <auth-method> <gsi/> </auth-method> </securityConfig>
Before we compile and deploy, make sure you add this line to the $GLOBUS_LOCATION/ogsilogging.properties file:
org.globus.progtutorial.services.security.delegation.impl.PhysicsNoDelegationProvider=console,info
Build the service:
./tutorial_build.sh \ org/globus/progtutorial/services/security/delegation \ schema/progtutorial/PhysicsService/Physics.gwsdl
And deploy the GAR file (from the globus account):
ant deploy \ -Dgar.name=$TUTORIAL_DIR/build/lib/org_globus_progtutorial_services_security_delegation.gar