ExoGENI does not support slice delegation

[lnevers@bbn.com]

In scenarios where a slice is delegated, ExoGENI AM does not handle the delegation. Following are two scenario that were tested, along with the "Result Summary" from the command.

Scenario 1:

User "lnevers" creates a slice named "lnev-deleg" and delegates the slice to user "lnevers1":

$ omni.py createslice lnev-deleg
$ omni.py getslicecred lnev-deleg -o
$ ./src/delegateSliceCred.py --cert ~/.ssl/pgeni/encrypted-cleartext.pem \
  --key ~/.ssl/pgeni/encrypted-cleartext.pem --slicecred ./lnev-deleg-cred.xml \
  --delegeegid ~/gcf-test/lnevers1-encrypted-cleartext.pem

User "lnevers1" with delegation file executes commands listresources and createsliver:

$ omni.py -a exobbn listresources lnev-deleg --slicecred pgeni--gpolab--bbn--com-lnevers1-delegated-lnev-deleg-cred.xml
Result Summary: Got no resources on slice lnev-deleg. No resources from AM https://bbn-hn.exogeni.net:11443/orca/xmlrpc:
Credendial Exception: javax.security.auth.login.CredentialException: No credential was found with appropriate privileges.

$ omni.py -a exobbn createsliver lnev-deleg --slicecred pgeni--gpolab--bbn--com-lnevers1-delegated-lnev-deleg-cred.xml ./exo.rspec
Result Summary: Slice urn:publicid:IDN+pgeni.gpolab.bbn.com+slice+lnev-deleg expires on 2012-07-31 17:29:29 UTC
Asked https://bbn-hn.exogeni.net:11443/orca/xmlrpc to reserve resources. No manifest Rspec returned. Credendial
Exception: javax.security.auth.login.CredentialException: No credential was found with appropriate privileges.

Scenario 2:

User "lnevers" creates a slice named "lnev-deleg-2", creates sliver, and then delegates the slice to "lnevers1":

$ omni.py createslice lnev-deleg-2
$ omni.py -a exobbn createsliver lnev-deleg-2 exo.rspec
$ omni.py getslicecred lnev-deleg-2 -o
$ ./src/delegateSliceCred.py --cert ~/.ssl/pgeni/encrypted-cleartext.pem \
--key ~/.ssl/pgeni/encrypted-cleartext.pem --slicecred ./lnev-deleg-2-cred.xml \\--delegeegid ~/gcf-test/lnevers1-encrypted-cleartext.pem

User "lnevers1" with delegation file from "lnevers" executes listresources and deletesliver:

$ omni.py -a exobbn listresources lnev-deleg-2 --slicecred pgeni--gpolab--bbn--com-lnevers1-delegated-lnev-deleg-2-cred.xml
Result Summary: Got no resources on slice lnev-deleg-2. No resources from AM https://bbn-hn.exogeni.net:11443/orca/xmlrpc:
Credendial Exception: javax.security.auth.login.CredentialException: No credential was found with appropriate privileges.

$ omni.py -a exobbn deletesliver lnev-deleg-2 --slicecred pgeni--gpolab--bbn--com-lnevers1-delegated-lnev-deleg-2-cred.xml
Result Summary: Failed to delete sliver urn:publicid:IDN+pgeni.gpolab.bbn.com+slice+lnev-deleg-2 on unspecified_AM_URN at
https://bbn-hn.exogeni.net:11443/orca/xmlrpc Credendial Exception: javax.security.auth.login.CredentialException: No credential was found with appropriate privileges.

[lnevers@bbn.com]

Attached the 2 delegation files used in the scenarios outlined. Please let me know if more information is needed.

[jaipuria@cs.duke.edu]

Looking into the issue.

[jaipuria@cs.duke.edu]

Defect. Two issues.

1. can_delegate was expecting only [true, false] not [1, 0]

2. Code to find delegate-able privileges wasn't looking for individual privileges and not [*]

[jaipuria@cs.duke.edu]

Fixed.

[lnevers@bbn.com]

Will this fix be available when the next schedules update takes place? Or is this the type of fix that can be applied on the fly?

[lnevers@bbn.com]

Slice delegation was successfully tested. Problem is addressed.