Subsequent transfer ops gives cert errors
已查看 35 次
跳至第一个未读帖子
James Carr
2024年4月30日 17:38:344月30日
收件人 Discuss
I am developing a two-pane file manager, similar to the official Globus file manager.
Currently, a user selects a collection from one of the 2 panes and their files are displayed. Since I am using Flask, I cannot use ajax/async, so I am having to refresh the page with each change, which is fine for now.
On the backend, I am creating a transfer_client with each page load. Basically:
create transfer client
if user requested files for left pane -> do operation_ls(left_id)
if user requested files for right pane -> do operation_ls(right_id)
The left pane works, files are displayed. But when the user selects a collection from the right pane, it gives the error.
My solution was to use 2 transfer clients, one for left and one for right; this worked fine the first time requesting a file list, however if the user tries two-times (i.e. if the same transfer client gets created more than once, I get the error.
The error:
globus_sdk.services.transfer.errors.TransferAPIError: ('GET', 'https://transfer.api.globus.org/v0.10/operation/endpoint/<removed>/ls', 'Bearer', 502, 'ExternalError.DirListingFailed.ConnectFailed', 'Command Failed: Error (connect)\nEndpoint: MyCollection (<id>)\nServer: <removed>:443\nMessage: Could not connect to server\n---\nDetails: an authorization operation failed\\nglobus_xio_gsi: gss_init_sec_context failed.\\nGSS failure: \\nGSS Major Status: Unexpected Gatekeeper or Service Name\\nGSS Minor Status Error Chain:\\nglobus_gsi_gssapi: Authorization denied: The expected name for the remote host (host@<removed>.data.globus.org) does not match the authenticated name of the remote host (host@<mydomain>). This happens when the name in the host certificate does not match the information obtained from DNS and is often a DNS configuration problem.\\n\\n\n', '<removed>')
Note: The transfer client is not being stored anywhere, which I suspect to be the issue. When the page reloads, it has to create a new transfer client. Is there a way to store it? I tried session variables, but was not able to get it working so I presume there's another way.
Thank you!
Vas Vasiliadis
2024年5月1日 14:29:005月1日
收件人 James Carr、Discuss
Hi James,
I’ll let the code experts respond to your error, but I’m curious as to why you’re developing a file manager UI. Is there something specific missing from the Globus UI that’s needed to address your use case? I ask because, beyond authorization, there are myriad considerations that are handled by the Globus UI to make the application more robust, and replicating those in custom code would be a massive undertaking. If we can address your requirements directly, you may be able to focus your efforts on higher-value things.
If you do continue down this path, you may also want to take a look at our new JavaScript SDK (https://github.com/globus/globus-sdk-javascript), which presents a better experience using async methods.
Cheers,
Vas
I’ll let the code experts respond to your error, but I’m curious as to why you’re developing a file manager UI. Is there something specific missing from the Globus UI that’s needed to address your use case? I ask because, beyond authorization, there are myriad considerations that are handled by the Globus UI to make the application more robust, and replicating those in custom code would be a massive undertaking. If we can address your requirements directly, you may be able to focus your efforts on higher-value things.
If you do continue down this path, you may also want to take a look at our new JavaScript SDK (https://github.com/globus/globus-sdk-javascript), which presents a better experience using async methods.
Cheers,
Vas
James Carr
2024年5月1日 14:59:355月1日
收件人 Discuss、v...@uchicago.edu、Discuss、James Carr
My institution has a data portal and they want users to be able to manage their files and collection within, so unfortunately this show much continue. I am not very familiar with TS but I will look at the JS SDK
A modular file manager would be amazing... something with a config file we can fill out and then implement it into our websites.
James Carr
2024年5月2日 15:01:195月2日
收件人 Discuss、James Carr、v...@uchicago.edu、Discuss
Update: I have implemented an async javascript solution, which simplifies things much more. However, the error still occurs sporadically when transfer client calls are made. I can try 2-3 times and the operation_ls() will succeed.
globus_sdk.services.transfer.errors.TransferAPIError: ('GET', 'https://transfer.api.globus.org/v0.10/operation/endpoint/removed/ls', 'Bearer', 502, 'ExternalError.DirListingFailed.ConnectFailed', 'Command Failed: Error (connect)\nEndpoint: My Collection (removed)\nServer: IP:443\nMessage: Could not connect to server\n---\nDetails: an authorization operation failed\\nglobus_xio_gsi: gss_init_sec_context failed.\\nGSS failure: \\nGSS Major Status: Unexpected Gatekeeper or Service Name\\nGSS Minor Status Error Chain:\\nglobus_gsi_gssapi: Authorization denied: The expected name for the remote host (host@-removed-.data.globus.org) does not match the authenticated name of the remote host (host@*.mydomain). This happens when the name in the host certificate does not match the information obtained from DNS and is often a DNS configuration problem.\\n\\n\n', 'removed')
James Carr
2024年5月6日 17:05:265月6日
收件人 Discuss、James Carr、v...@uchicago.edu、Discuss
This was resolved. It was an issue with one of our DNS nodes not syncing properly.
回复全部
回复作者
转发
0 个新帖子