Dear Micha, Philip,

Thanks a lot for the help. I think this is a shortcoming of our implementation; We had never thought that there could be multiple instances of our services wanting to create policies with the same name. This is something to be fixed. However, in order to understand and reproduce the error and tell whether it is related to our implementation or to the SSO services I would recommend that the following action is taken from Philip who has access to his account:

1. Verify that the user "filipposd" is a member of the group "member" (see my previous email)
2. Check whether "filipposd" is allowed to perform a POST at http://147.102.82.124:8080/algorithm/mlr using the authorization API. (Although if I remember well, JAQPOT will just check whether you are authenticated as all users are allowed to use our algorithms. 
3. Check the logs of our services for additional error messages.

Best regards,
Pantelis


On 04/ott/2013, at 11:37, Micha Rautenberg <mr at mrautenberg.de> wrote:

> Hello Philip,
> 
> I checked the OpenSSO logs and found some lines with the following error:
> 
> S: Create pol[Policy service] Resolved to user: 'filipposd'[Policy service] Create Policy 'user_filipposd at opensso.in-silico.ch'Policy 'user_filipposd at opensso.in-silico.ch' already exists
> 
> please have in mind that each policy must have a different name.
> e.G.: in the XML policy template https://github.com/opentox/opentox-client/blob/master/lib/templates/default_policy.xml#L5 <Policy name="policy_user" and later: <Policy name="policy_group" has to be replaced before creating a new policy.
> 
> Cheers,
> Micha
> 
> 
> Am 04.10.2013 09:46, schrieb Micha Rautenberg:
>> 
>> Am 04.10.2013 09:22, schrieb Nina Jeliazkova:
>>> On 4 October 2013 10:18, Micha Rautenberg <mr at mrautenberg.de> wrote:
>>> 
>>>> Hi Pantelis,
>>>> Am 04.10.2013 02:14, schrieb Pantelis Sopasakis:
>>>> 
>>>>  @Barry: Could you add Philip (in CC) to the development mailing list?
>>>> Philip is already in the development mailing list.
>>>> 
>>>> 
>>>>> @Philip, All,
>>>>> 
>>>>> Some instructions on how to obtain group membership data using the
>>>>> OpenTox A&A API (required authentication):
>>>>> 
>>>> I hope this excellent example is already somewhere in our documentation :-)
>>>> 
>>> +1
>>> 
>>> Or perhaps we could start a repository with such examples at
>>> https://github.com/opentox-api ?
>> good idea
>>> 
>>> Nina
>>> 
>>> 
>>>> best, Micha
>>>> 
>>>> 
>>>>> #Your username:
>>>>> export username=guest
>>>>> $Your password:
>>>>> export password=guest
>>>>> export token=`curl -X POST -k 'https://opensso.in-silico.ch:**
>>>>> 443/auth/authenticate?uri=**service=openldap<https://opensso.in-silico.ch:443/auth/authenticate?uri=service=openldap>' 
>>>>> -d username=$username -d password=$password`
>>>>> token=`echo $token | cut -c10-80`;
>>>>> curl -k -v -d name=$username -d attributes_names="group" -d admin=$token
>>>>> https://opensso.in-silico.ch/**opensso/identity/read<https://opensso.in-silico.ch/opensso/identity/read> 
>>>>> 
>>>>> This will produce an output like this:
>>>>> 
>>>>> < HTTP/1.1 200 OK
>>>>> < Server: nginx/0.7.67
>>>>> < Date: Fri, 04 Oct 2013 00:25:35 GMT
>>>>> < Content-Type: text/plain;charset=UTF-8
>>>>> < Connection: keep-alive
>>>>> < Content-Length: 194
>>>>> <
>>>>> identitydetails.name=guest
>>>>> identitydetails.type=user
>>>>> identitydetails.realm=dc=**opensso,dc=java,dc=net
>>>>> identitydetails.group=member
>>>>> identitydetails.attribute=
>>>>> identitydetails.attribute.name**=group
>>>>> 
>>>>> A more detailed report is returned by:
>>>>> 
>>>>> curl -k -v -d name=$username -d admin=$token
>>>>> https://opensso.in-silico.ch/**opensso/identity/read<https://opensso.in-silico.ch/opensso/identity/read> 
>>>>> 
>>>>> and finally, logout:
>>>>> 
>>>>> curl -i -d subjectid=$token http://opensso.in-silico.ch/**
>>>>> opensso/identity/logout<http://opensso.in-silico.ch/opensso/identity/logout>
>>>>> 
>>>>> Best regards,
>>>>> Pantelis
>>>>> 
>>>>> 
>>>>> On 03/ott/2013, at 14:05, Nina Jeliazkova <jeliazkova.nina at gmail.com>
>>>>> wrote:
>>>>> 
>>>>>  Philip,
>>>>>> Most probably Pantelis is right, this is something related to the group
>>>>>> memberships.  You could check the access rights by yourself via the
>>>>>> OpenTox
>>>>>> AA .
>>>>>> 
>>>>>> I am usually using the command line application (this is a library as
>>>>>> well)
>>>>>> in such cases
>>>>>> 
>>>>>> http://vedina.github.io/**opentox-aa-cli/#cli.html<http://vedina.github.io/opentox-aa-cli/#cli.html> 
>>>>>> 
>>>>>> Best regards,
>>>>>> Nina
>>>>>> 
>>>>>> 
>>>>>> On 3 October 2013 14:57, Philip Doganis <filipposd at gmail.com> wrote:
>>>>>> 
>>>>>>  Hello Nina,
>>>>>>> Many thanks for your reply.
>>>>>>> 
>>>>>>> Earlier today, I was trying to find the source of the problem and I
>>>>>>> logged
>>>>>>> on to the opentox ntua service with my credentials and operated
>>>>>>> successfully! I still get an error when trying to access
>>>>>>> http://opentox.ntua.gr:8080/**user <http://opentox.ntua.gr:8080/user>, but I can access the User Quota Report.
>>>>>>> 
>>>>>>> My main goal is to set up the successor of NTUA opentox server and for
>>>>>>> that purpose I am setting it up an another machine.
>>>>>>> While I can construct models using the guest account and someone
>>>>>>> else's, I
>>>>>>> can't do that with mine.
>>>>>>> Pantelis sent a message while I was typing this message, some info can
>>>>>>> be
>>>>>>> found in his e-mail...
>>>>>>> 
>>>>>>> Since this is a public forum, I can give more info in a private message.
>>>>>>> 
>>>>>>> Thanks for your help.
>>>>>>> 
>>>>>>> Best regards,
>>>>>>> Philip
>>>>>>> 
>>>>>>> -- 
>>>>>>> Philip Doganis
>>>>>>> Sent with Sparrow (http://www.sparrowmailapp.**com/?sig<http://www.sparrowmailapp.com/?sig>
>>>>>>> )
>>>>>>> 
>>>>>>> 
>>>>>>> On Thursday, October 3, 2013 at 2:15 PM, Nina Jeliazkova wrote:
>>>>>>> 
>>>>>>>  Dear Philip,
>>>>>>>> This seems to be an error when creating a policy at the OpenSSO server,
>>>>>>>> probably when creating a new model, but this is not explicit in the
>>>>>>>> error
>>>>>>>> log. Do I understand you use the "guest" user, or do you use your own
>>>>>>>> OpenTox user?
>>>>>>>> 
>>>>>>>> Micha, could you have a look at the OpenSSO and policy server logs.
>>>>>>>> 
>>>>>>>> Thanks,
>>>>>>>> Nina
>>>>>>>> 
>>>>>>>> 
>>>>>>>> 
>>>>>>>> 
>>>>>>>> On 1 October 2013 20:00, Philip Doganis <filipposd at gmail.com (mailto:
>>>>>>>> 
>>>>>>> filipposd at gmail.com)> wrote:
>>>>>>> 
>>>>>>>> Dear Opentox community,
>>>>>>>>> My name is Philip Doganis, I am a postgraduate researcher working at
>>>>>>>>> 
>>>>>>>> NTUA
>>>>>>>> with Prof. Sarimveis.
>>>>>>>>> I am writing about the problem I encountered in my effort to use the
>>>>>>>>> opentox service. I have created the user filipposd but I am unable to
>>>>>>>>> perform any action, other than receive a token. As a guest user, I can
>>>>>>>>> create and manage models and I have checked my cookie settings (I
>>>>>>>>> 
>>>>>>>> accept
>>>>>>>> everything). I get this error:
>>>>>>>>> https://gist.github.com/**alphaville/**07536df6f3b8e252832a<https://gist.github.com/alphaville/07536df6f3b8e252832a>. 
>>>>>>>>> Please check any problems there might be with my account, so I can
>>>>>>>>> make
>>>>>>>>> use of the services. Thanks in advance for your time.
>>>>>>>>> 
>>>>>>>>> Best regards,
>>>>>>>>> Philip Doganis
>>>>>>>>> 
>>>>>>>>> 
>>>>>>>>> 
>>>>>>>>> -- 
>>>>>>>>> Philip Doganis
>>>>>>>>> Sent with Sparrow (http://www.sparrowmailapp.**com/?sig<http://www.sparrowmailapp.com/?sig>
>>>>>>>>> )
>>>>>>>>> 
>>>>>>>>> ______________________________**_________________
>>>>>>>>> Development mailing list
>>>>>>>>> Development at opentox.org (mailto:Development at opentox.**org<Development at opentox.org>
>>>>>>>>> )
>>>>>>>>> http://www.opentox.org/**mailman/listinfo/development<http://www.opentox.org/mailman/listinfo/development> 
>>>>>>>>> 
>>>>>>>>>  ______________________________**_________________
>>>>>>>> Development mailing list
>>>>>>>> Development at opentox.org (mailto:Development at opentox.**org<Development at opentox.org>
>>>>>>>> )
>>>>>>>> http://www.opentox.org/**mailman/listinfo/development<http://www.opentox.org/mailman/listinfo/development> 
>>>>>>>> 
>>>>>>>> 
>>>>>>>> 
>>>>>>> ______________________________**_________________
>>>>>>> Development mailing list
>>>>>>> Development at opentox.org
>>>>>>> http://www.opentox.org/**mailman/listinfo/development<http://www.opentox.org/mailman/listinfo/development> 
>>>>>>> 
>>>>>>>  ______________________________**_________________
>>>>>> Development mailing list
>>>>>> Development at opentox.org
>>>>>> http://www.opentox.org/**mailman/listinfo/development<http://www.opentox.org/mailman/listinfo/development> 
>>>>>> 
>>>>>>  ______________________________**_________________
>>>>> Development mailing list
>>>>> Development at opentox.org
>>>>> http://www.opentox.org/**mailman/listinfo/development<http://www.opentox.org/mailman/listinfo/development> 
>>>>> 
>>>>> 
>>>> ______________________________**_________________
>>>> Development mailing list
>>>> Development at opentox.org
>>>> http://www.opentox.org/**mailman/listinfo/development<http://www.opentox.org/mailman/listinfo/development> 
>>>> 
>>> _______________________________________________
>>> Development mailing list
>>> Development at opentox.org
>>> http://www.opentox.org/mailman/listinfo/development
>>> 
>> 
>> _______________________________________________
>> Development mailing list
>> Development at opentox.org
>> http://www.opentox.org/mailman/listinfo/development
>> 
> 
> _______________________________________________
> Development mailing list
> Development at opentox.org
> http://www.opentox.org/mailman/listinfo/development
>