WikiPrint - from Polar Technologies

What is esgf-getCredentials?

A tool to retrieve user credentials from ESGF. It have one graphic interface and another command line interface.

Getting started

Pre-requisites

JDK or OpenJDK 6 and upper versions

Download

Download the jar -> getESGFCredentials-0.1.jar 476.4 KB new

Other versions..

Run it


Go to download folder:

Command line UI Guide

Command line help 

$ java -jar getESGFCredentials-0.1.jar --help

Basic usage 

esgf-getcredentials --openid <openid> [other options]

Summary of options

-o <openid> --openid <openid>OpenID endpoint from where myproxy information can be gathered
-p <password> --password <password>OpenID passphrase
--output <path>Path of folder where the retrieved certificates will be stored[default: /home/terryk/.esg]
-w --writeallGenerate all credentials files. The files generated are the same files generated with opts: --credentials --cacertspem --cacertsjks --cacerts --jkskeystore --jcekskeystore
-b --bootstrapTo bootstrapping certificates in myproxy service
--credentialsWrite user certificate and private key in pem format
--cacertspemWrite trust CA certificates in pem format
--cacertsjksWrite trust CA certificates in JKS keystore format
--cacertsWrite trust CA certificates in a folder
--keystorejksWrite JKS keystore file. This keystore contains certificate, certificate chain and private key of user
--keystorejceksWrite JCEKS keystore file. This keystore contains certificate, certificate chain and private key of user
-d --debugTurn debugging info on
-h --helpShow this screen
--versionShow version

}}}

To view specific use cases -->

Graphic UI Guide

Setting user

You can select your IdP provider in the top drop-down list. If your IdP provider isn't in the list of providers. Select "Custom OpenID URL", with this option the GUI interface change to be able write OpenID URL's

Setting output files

You can select in "Generate" section what output files will be generated in the output folder.

credentials.pemIt's a pem file that contains the x509 user certificate and the RSA private key
keystore (JKS type)It's a keystore in format JKS which is build with user cert, cert chain and private key
keystore (JCEKS type)It's a keystore in format JCEKS which is build with user cert, cert chain and private key
esgf-truststore.tsCA's certificates in keystore in format JKS
certificatesCA's certificate files and policy files in a folder
ca-certificates.pemCA's certificates in pem format

Retrieve credentials

Click on "retrieve credentials" button. If all goes well a success message is shown. However, if some error happens then the Exception is showed

Advanced options

  1. You can bootstrap the certificates. For that, select the check box "bootstrap certificates" in "Select Lib" section
  1. You can change the output folder. The default is $USER_HOME/.esg

  1. You can download a multilib myproxy version to select it in the "Select Lib" section

MultiLib jar -> getESGFCredentialsMultLib-0.1.jar 2.3 MB new

Specific use cases

Aria2

  1. Get a metalink of ESGF Files
  1. Retrieve ESGF credentials in $HOME/.esg 
    java -jar getESGFCredentials-0.1.jar --openid <openid> --password <password> --credentials --cacertspem
  1. Run aria2c with credentials and example_metalink 
    aria2c --private-key=$USER_HOME/.esg/credentials.pem --certificate=$HOME/.esg/credentials.pem --check-certificate=true --ca-certificate=$HOME/.esg/ca-certificates.pem ta_6hrPlev_IPSL-CM5A-LR_esmrcp85_r1i1p1.metalink

WGET (OPENSSL)

  1. Retrieve ESGF credentials in $HOME/.esg 
    java -jar getESGFCredentials-0.1.jar --openid <openid> --password <password> --credentials --cacerts
  1. Wget file
    example_file: ?http://wdcc-esgf.dkrz.de:8080/ESGF/fileServer/cmip5/output1/IPSL/IPSL-CM5A-LR/esmrcp85/6hr/atmos/6hrPlev/r1i1p1/v20120114/ta/ta_6hrPlev_IPSL-CM5A-LR_esmrcp85_r1i1p1_2016010103-2025123121.nc 
    wget -c --ca-directory=$HOME/.esg/certificates --certificate=$HOME/.esg/credentials.pem --private-key=$HOME/.esg/credentials.pem --save-cookies=$HOME/.esg/cookies --load-cookies=$HOME/.esg/cookies ta_6hrPlev_IPSL-CM5A-LR_esmrcp85_r1i1p1_2016010103-2025123121.nc http://wdcc-esgf.dkrz.de:8080/ESGF/fileServer/cmip5/output1/IPSL/IPSL-CM5A-LR/esmrcp85/6hr/atmos/6hrPlev/r1i1p1/v20120114/ta/ta_6hrPlev_IPSL-CM5A-LR_esmrcp85_r1i1p1_2016010103-2025123121.nc

WGET (GNU TLS)

  1. Retrieve ESGF credentials in $HOME/.esg 
    java -jar getESGFCredentials-0.1.jar --openid <openid> --password <password> --credentials --cacertspem
  1. Wget file
    example_file: ?http://wdcc-esgf.dkrz.de:8080/ESGF/fileServer/cmip5/output1/IPSL/IPSL-CM5A-LR/esmrcp85/6hr/atmos/6hrPlev/r1i1p1/v20120114/ta/ta_6hrPlev_IPSL-CM5A-LR_esmrcp85_r1i1p1_2016010103-2025123121.nc 
    wget -c --certificate=$HOME/.esg/credentials.pem --private-key=$HOME/.esg/credentials.pem --save-cookies=$HOME/.esg/cookies --load-cookies=$HOME/.esg/cookies --ca-certificate=$HOME/.esg/ca-certificates.pem ta_6hrPlev_IPSL-CM5A-LR_esmrcp85_r1i1p1_2016010103-2025123121.nc http://wdcc-esgf.dkrz.de:8080/ESGF/fileServer/cmip5/output1/IPSL/IPSL-CM5A-LR/esmrcp85/6hr/atmos/6hrPlev/r1i1p1/v20120114/ta/ta_6hrPlev_IPSL-CM5A-LR_esmrcp85_r1i1p1_2016010103-2025123121.nc

ToolsUI

  1. Retrieve ESGF credentials in $HOME/.esg 
    java -jar getESGFCredentials-0.1.jar --openid <openid> --password <password> -keystorejks --cacertsjks
  1. Start ToolsUI 
    java -Dkeystore=$HOME/keystore_jks.ks -Dkeystorepassword=changeit -Dtruststore=$HOME/.esg/esg-truststore.ts -Dtruststorepassword=changeit -jar toolsUI-4.3.jar
  1. This link is a ESGF OPENDAP resource ?http://esgf-data1.ceda.ac.uk/thredds/dodsC/esg_dataroot/cmip5/output1/IPSL/IPSL-CM5A-LR/esmrcp85/6hr/atmos/6hrPlev/r1i1p1/v20120114/ta/ta_6hrPlev_IPSL-CM5A-LR_esmrcp85_r1i1p1_2036010103-2045123121.nc.html

For more: ?http://www.unidata.ucar.edu/software/thredds/current/netcdf-java/reference/Session.html

ESGF WGET Script (Linux)

java -jar getESGFCredentials-0.0.2.jar -o <openid> -p <password> --credentials --cacerts --cacertsjks

ESGF WGET Script (cygwin)

java -jar getESGFCredentials-0.0.2.jar -o <openid> -p <password> --credentials --cacertspem --cacertsjks

NETCDF DAP

?https://www.unidata.ucar.edu/software/netcdf/docs/netcdf/DAP-Support.html 

java -jar getESGFCredentials-0.0.2.jar -o <openid> -p <password> --credentials --cacerts --cacertspem --output <path>

Developers Guide

Github

?https://github.com/SantanderMetGroup/esgf-getcredentials

Architecture

See Also