|
Hi again Robert, and sorry to bump this thread..
The solution you gave me in this thread it working perfectly.
So far, I have been using my own computer to deploy local Handle server. For research purposes, I'm moving the Handle server installation from my computer to a local server (it's just for research/test purposes) and everything
works fine (deployment, login, admintools, etc), EXCEPT the possibility to create new handles by other handles identified as HS_ADMIN in the 0.NA/55555 handle (55555 is my test-prefix), basically that you explained in this thread.
I have an automatic process to construct the Handle structure (0.NA/55555, 55555/creators, etc) and, after the full Handle structure is created, in my local computer I'm able to create new handles with the handles that are in 200:55555/creators (e.g. 300:55555/user1). But, doing the same process (with the same software) in my local server, I do not why, it is not possible to create new handles with the handles that are in 200:55555/creators. In this case, in my local computer, being identified as 55555/user1 I can create new handles, but in my local server I cannot.
The rest of Handle services works fine (manage handles with server admin, login through REST api, etc)..the only issue is about the 0.NA/55555 HS_ADMIN records..
I have checked the config.dct files (are equals, except the ip address), I have created in the .handle dir of my local server the local_nas file (to avoid GHR), etc. In addition, I tried a new Handle installation from scratch (instead copy hsj and svr_1 folders) but it is exactly the same...
I guess I'm missing some configuration parameter in some file...but I have no idea what is missing.
Any idea?.
Thanks in advance and best regards.
P.S. Below are the configuration text from config.dtc file: --> Inside server_config block:
"server_admin_full_access" = "no"
"allow_na_admins" = "yes"
"anonymous_admin_full_access" = "no"
"server_admins" = (
"0.NA:55555/ADMIN"
"55555/ADMIN"
)
"replication_admins" = (
"0.NA:55555/ADMIN"
)
"auto_homed_prefixes" = (
"0.NA/55555"
)
--> Inside the local_nas file (.handle/local_nas) there is just a *
--> In the DB, in the nas table: 0.NA and 0.NA/55555
--> In the DB, in the handles table: 0.NA/55555 , 55555/ADMIN, 55555/creators, etc etc
De: Robert Tupelo-Schneck <schneck@cnri.reston.va.us>
Enviado: jueves, 15 de junio de 2017 19:35:18 Para: Ruiz-Zafra, Angel Cc: handle-info@cnri.reston.va.us Asunto: Re: [Handle-info] Handles that create new handles Authorization is controlled by HS_ADMIN values. If you want users to be able to create handles starting with 55555/, then that can be controlled by an HS_ADMIN value on 0.NA/55555, specifying which users have "create handle" permissions. Now,
you presumably need to have CNRI (or other prefix administrator) change the prefix handle 0.NA/55555; but it could be set up so that the HS_ADMIN on 0.NA/55555 specifies that 200:55555/creators has "create handle" permission. Then you can add users to an
HS_VLIST at index 200 in 55555/creators.
Robert
|
_______________________________________________ Handle-Info mailing list Handle-Info@cnri.reston.va.us http://www.handle.net/mailman/listinfo/handle-info