X-Git-Url: http://git.onelab.eu/?a=blobdiff_plain;f=TODO;h=5aa5541fecf963a838f26eea8f54667640b3bfc0;hb=98dafe3d2313b0d3606c1c69c8cf1c7fd04ce105;hp=8665a2b0e9d9f9ac91f690d7e061a767b35d9368;hpb=e4cae43d6c8a51b2c8ac041c98c9fa211e183212;p=sfa.git diff --git a/TODO b/TODO index 8665a2b0..5aa5541f 100644 --- a/TODO +++ b/TODO @@ -1,36 +1,25 @@ -- Component manager -* install the slice and node gid when the slice is created (create NM plugin to execute sfa_component_setup.py ?) +Registry +- Verify that sub authority certificates still work --GetTicket -* sm, am only -* sm calls getticket on am and merges resulting tickets into 1 ticket +SM +- Slice Manager methods should return real result instead of just 1 (Renew + Sliver, etc) -- sfa-clean-peer-records -* modify resolve to support a list of hrns -* resolve a list of peer hrns instead of each hrn individally +- connect SM to ProtoGeni Aggregates -- sfi remove, if removing a site, remove any record that site is an an authority for +Stop invalid users + * a recently disabled/deleted user may still have a valid cred. Keep a list of valid/invalid users on the aggregate and check callers against this list -- routing sm calls -* sfi -a option should send request to sm with an extra argument to - specify which am to contact instead of connecting directly to the am - (am may not trust client directly) +Component manager + * install trusted certs when interface starts (component_manager_pl.init_server()) + * Redeem ticket - RedeemTicket/AdminTicket not working. Why? + ** This may be replaced by sfa + credentials -- make registry more generic -* support interface managers -* support generic registry records (dont depend on postgres! object db?) +GUI/Auth Service + * develop a simple service where users auth using username/passord and + receive their cred + * service manages users key/cert,creds + * gui requires user's cred (depends on Auth Service above) + -- checking support for conventional ssl (creating a shared keypair for the request) -- Initscripts on sfa / geniwrapper - -- Geni identification on nodes -* nodes pk stored in /etc/sfa/nodekey -* slice's gid and nodes gid stored in all slices (/etc/sfa/slicegid, /etc/sfa/nodegid) -- Fully integrate SOAP (need to throw either soap or xmlrpc exceptions depending on the client) - -- error messages -* error messages should be easier to understand -* (failing to connect to plcapi shoudl return a helpful message, not a generic internal server error) - -- unit tests