Difference between revisions of "USG Join VO"

Latest revision as of 14:16, 10 January 2013

Main

EGI.eu operations services

Support

Documentation

Tools

Activities

Performance

Technology

Catch-all Services

Resource Allocation

Security

Documentation menu:

Home •

Manuals •

Procedures •

Training •

Other •

Contact ►

For:

VO managers •

Administrators

<< EGI User Start Guide

You will find what a Virtual Organisation is, how to find which one is appropriate for the user's application area, and how to apply for membership.

Virtual Organisations

A Virtual Organisation (VO) is an entity which typically corresponds to a real organisation or group of people in the real world. Membership of a VO grants specific privileges to a user. For example, a user belonging to the atlas VO will be able to read ATLAS files and to use resources reserved for the ATLAS collaboration.

To avoid problems with conflicting names, at the present, VO are registered in the style of DNS names, e.g. newvo.vo.eu-egee.org, where newvo is a customizable name and vo.eu-egee.org is an existent DNS domain. However, the VOs registered before that this rule was introduced have an old-style name as short string like cms or biomed.

Becoming a member of a VO usually requires membership of the corresponding collaboration; in any case, a user must comply with the rules of the VO to gain membership. A user may be expelled from a VO for failure to comply with these rules.

It is possible to belong to more than one VO, although this is unusual.

The Registration Service

Before a user can use the EGI infrastructure, registration of some personal data and acceptance of some usage rules are necessary and the first step is getting a valid certificate. The user must also choose a VO. The VO must ensure that all of its members have provided the necessary information, which is stored in a database maintained by the VO, and that all have accepted the usage rules. The procedure to do this vary. A list of registered VOs is availble on the grid operations web site.

Note that some VOs are national and are not registered globally in EGI; in this case users should consult local documentation for information on the registration procedures.

The registration procedure normally requires the use of a web browser with the user certificate loaded, to enable the request to be properly authenticated. Browsers normally use the PKCS12 certificate format: if the certificate was issued to a user in the PEM format it has to be converted to PKCS12. The following command can be used to perform that conversion:

openssl pkcs12 -export -inkey userkey.pem -in usercert.pem \
               -out my_cert.p12 -name "My certificate"

where:

`userkey.pem`	is the path to the private key file;
`usercert.pem`	is the path to the `PEM` certificate file;
`my_cert.p12`	is the path for the output `PKCS12`-formatfile to be created;
`"My certificate"`	is an optional name which can be used to select this certificate in the browser after the user has uploaded it if the user has more than one certificate available.

Once in PKCS12 format, the certificate can be loaded into the browser.

@@ Line 7: / Line 7: @@
 ----
-What a Virtual Organisation is, how to find which one is appropriate for the user's application area, and how to apply for membership.
+You will find what a Virtual Organisation is, how to find which one is appropriate for the user's application area, and how to apply for membership.
-== Virtual Organisations ==
+== Virtual Organisations  ==
 A <span class="emphasis">''Virtual Organisation (VO)''</span> is an entity which typically corresponds to a real organisation or group of people in the real world. Membership of a VO grants specific privileges to a user. For example, a user belonging to the <code class="code">atlas</code> VO will be able to read ATLAS files and to use resources reserved for the ATLAS collaboration.
 To avoid problems with conflicting names, at the present, VO are registered in the style of DNS names, e.g. <code class="code">newvo.vo.eu-egee.org</code>, where <code class="code">newvo</code> is a customizable name and <code class="code">vo.eu-egee.org</code> is an existent DNS domain. However, the VOs registered before that this rule was introduced have an old-style name as short string like <code class="code">cms</code> or <code class="code">biomed</code>.
 Becoming a member of a VO usually requires membership of the corresponding collaboration; in any case, a user must comply with the rules of the VO to gain membership. A user may be expelled from a VO for failure to comply with these rules.
 It is possible to belong to more than one VO, although this is unusual.
-== The Registration Service ==
+== The Registration Service  ==
-Before a user can use the EGEE infrastructure, registration of some personal data and acceptance of some usage rules are necessary and the first step is getting a valid certificate. The user must also choose a VO. The VO must ensure that all of its members have provided the necessary information, which is stored in a database maintained by the VO, and that all have accepted the usage rules. The procedure to do this vary. A [http://cic.gridops.org/index.php?section=home&page=volist list of registered VOs] is availble on the grid operations web site.
+Before a user can use the EGI infrastructure, registration of some personal data and acceptance of some usage rules are necessary and the first step is getting a valid certificate. The user must also choose a VO. The VO must ensure that all of its members have provided the necessary information, which is stored in a database maintained by the VO, and that all have accepted the usage rules. The procedure to do this vary. A [http://operations-portal.egi.eu/vo list of registered VOs] is availble on the grid operations web site.
-Note that some VOs are local and are not registered with EGEE as a whole; in this case users should consult local documentation for information on the registration procedures.
+Note that some VOs are national and are not registered globally in EGI; in this case users should consult local documentation for information on the registration procedures.<br>
-As an example of a registration service, the [http://lcg.web.cern.ch/LCG/registration.htm LCG Registrar] serves the VOs of the LHC experiments.
 The registration procedure normally requires the use of a web browser with the user certificate loaded, to enable the request to be properly authenticated. Browsers normally use the <code class="code">PKCS12</code> certificate format: if the certificate was issued to a user in the <code class="code">PEM</code> format it has to be converted to <code class="code">PKCS12</code>. The following command can be used to perform that conversion:
 <pre class="command">openssl pkcs12 -export -inkey userkey.pem -in usercert.pem \
                 -out my_cert.p12 -name "My certificate"
 </pre>
 where:
 {| class="wikitable"
@@ Line 48: / Line 46: @@
 |}
-Once in <code class="code">PKCS12</code> format, the certificate can be loaded into the browser. [http://lcg.web.cern.ch/LCG/loading-certifs.htm Instructions] for some popular browsers are available.
+Once in <code class="code">PKCS12</code> format, the certificate can be loaded into the browser. <br>
 [[Category:Operations_Manuals]]

Difference between revisions of "USG Join VO"

Latest revision as of 14:16, 10 January 2013

Contents

Virtual Organisations

The Registration Service

Navigation menu

Difference between revisions of "USG Join VO"

Latest revision as of 14:16, 10 January 2013

Virtual Organisations

The Registration Service

Navigation menu

Search