3
xmlns="http://www.nordugrid.org/schemas/arcconfig/2009/08"
4
xmlns:tcp="http://www.nordugrid.org/schemas/tcp/2009/08"
5
xmlns:arex="http://www.nordugrid.org/schemas/a-rex/LRMS/2009/08"
7
<!-- Common configuration of the daemon -->
9
<PidFile>/var/run/arched.pid</PidFile>
11
<File>/var/log/arc/arched.log</File>
15
<!-- Where to find plugins -->
17
<Path>@prefix@/lib/arc/</Path>
19
<!-- Simply load all needed plugins -->
20
<Plugins><Name>mcctcp</Name></Plugins>
21
<Plugins><Name>mcctls</Name></Plugins>
22
<Plugins><Name>mcchttp</Name></Plugins>
23
<Plugins><Name>mccsoap</Name></Plugins>
24
<Plugins><Name>arcshc</Name></Plugins>
25
<Plugins><Name>identitymap</Name></Plugins>
26
<Plugins><Name>arex</Name></Plugins>
27
<!-- Create a chain -->
29
<!-- TCP listening socket -->
30
<Component name="tcp.service" id="tcp">
32
<tcp:Listen><tcp:Port>60000</tcp:Port></tcp:Listen>
34
<!-- Transport-level security -->
35
<Component name="tls.service" id="tls">
37
<!-- Location of server's security keys -->
38
<KeyPath>/etc/grid-security/hostkey.pem</KeyPath>
39
<CertificatePath>/etc/grid-security/hostcert.pem</CertificatePath>
40
<CACertificatesDir>/etc/grid-security/certificates</CACertificatesDir>
41
<VOMSCertTrustDNChain>
42
<VOMSCertTrustRegex>.*</VOMSCertTrustRegex>
43
</VOMSCertTrustDNChain>
44
<!-- Evaluate requestor's identity into local identity.
45
Comment it if no user mapping is needed. -->
46
<SecHandler name="identity.map" id="map" event="incoming">
47
<!-- Safe choice if all other rules failed -->
48
<PDP name="allow.pdp"><LocalName>nobody</LocalName></PDP>
51
<!-- HTTP processing is done here -->
52
<Component name="http.service" id="http">
53
<next id="soap">POST</next>
54
<next id="plexer">GET</next>
55
<next id="plexer">PUT</next>
56
<next id="plexer">HEAD</next>
58
<!-- This one parses content into XML tree -->
59
<Component name="soap.service" id="soap">
62
<!-- Directing messages to proper service -->
63
<Plexer name="plexer.service" id="plexer">
64
<!-- RegExp pattern is matched to path part of endpoint.
65
Unmatched part of path is propagated to service in
66
PLEXER:EXTENSION attribute. -->
67
<next id="a-rex">^/arex</next>
69
<!-- A-Rex service -->
70
<Service name="a-rex" id="a-rex">
71
<!-- Optional endpoint element is advised in case of multiple IP adresses -->
72
<arex:endpoint>https://localhost:60000/arex</arex:endpoint>
73
<!-- Use information generated by identity.map plugin or default provided below -->
74
<arex:usermap><arex:defaultLocalName>nobody</arex:defaultLocalName></arex:usermap>
75
<!-- grid-manager part of a-rex requires legacy configuration file.
76
Use arc_arex.conf example or write own. -->
77
<arex:gmconfig>/etc/arc_arex.conf</arex:gmconfig>