[OTDev] Authorisation error

Sun Oct 6 20:50:28 CEST 2013

Pantelis,

The OpenSSO policies should be according to XACML
http://en.wikipedia.org/wiki/XACML , there should be a XML schema defining
all fields.

Nina

On 6 October 2013 21:32, Pantelis Sopasakis
<pantelis.sopasakis at imtlucca.it>wrote:

> Dear all,
>
> Problem solved: it is because it is not allowed to create policies with
> the same name. Actually, as I already mentioned in a previous email we
> didn't consider the contingency that multiple instances of our services run
> at the same time. A few modifications need to be done in our
> implementation, so I would like to know:
>
> * Which characters are allowed in a policy name?
> * What is the maximum length for the name of a policy?
>
> Best regards,
> Pantelis Sopasakis
> Post-doctoral Fellow
>
> IMT Institute for Advanced Studies Lucca
> Piazza San Ponziano, 6
> 55100 Lucca – Italy
> Tel: +39 0583 4326 710
> Fax: +39 0583 4326 565
> E-mail: pantelis.sopasakis at imtlucca.it
> web: dysco.imtlucca.it/sopasakis
>
> On 05/ott/2013, at 01:21, Pantelis Sopasakis <
> pantelis.sopasakis at imtlucca.it> wrote:
>
> > Hi Philip,
> >
> > Regarding #2, you need to provide the Header 'subjectid' so as to
> authenticate yourself against the SSO server (through JAQPOT); to do so you
> need to add in the curl command a -H subjected:$token, where $token is your
> token.
> >
> > #Your username:
> > export username=guest
> > #Your password:
> > export password=guest
> > #Retrieve the token:
> > export token=`curl -X POST -k '
> https://opensso.in-silico.ch:443/auth/authenticate?uri=service=openldap'
> -d username=$username -d password=$password`
> > token=`echo $token | cut -c10-80`;
> > #Train a model:
> > curl -X POST -H Accept:text/uri-list -H subjectid:$token \
> > -d 'dataset_uri=http://apps.ideaconsult.net:8080/ambit2/dataset/R545' \
> > -d 'prediction_feature=
> http://apps.ideaconsult.net:8080/ambit2/feature/22200' \
> > -d 'dataset_service=http://apps.ideaconsult.net:8080/ambit2/dataset' \
> > http://147.102.82.124:8080/algorithm/mlr
> > #Logout (optional):
> > curl -i -d subjectid=$token
> http://opensso.in-silico.ch/opensso/identity/logout
> >
> > By the way, the dataset you used in the example you posted doesn't exist
> - check:
> > curl http://apps.ideaconsult.net:8080/ambit2/dataset/1037 -H
> Accept:text/uri-list -v
> > * About to connect() to apps.ideaconsult.net port 8080 (#0)
> > *   Trying 93.123.36.100...
> > * connected
> > * Connected to apps.ideaconsult.net (93.123.36.100) port 8080 (#0)
> > > GET /ambit2/dataset/1037 HTTP/1.1
> > > User-Agent: curl/7.24.0 (x86_64-apple-darwin12.0) libcurl/7.24.0
> OpenSSL/0.9.8r zlib/1.2.5
> > > Host: apps.ideaconsult.net:8080
> > > Accept:text/uri-list
> > >
> > < HTTP/1.1 404 Not Found
> > < Date: Fri, 04 Oct 2013 23:12:30 GMT
> > < Set-Cookie: subjectid=; Path=/
> > < Vary: Accept-Charset, Accept-Encoding, Accept-Language, Accept
> > < Accept-Ranges: bytes
> > < Server: Restlet-Framework/2.0m6
> > < Content-Type: text/html
> > < Transfer-Encoding: chunked
> >
> > I believe however that the answer is somewhere in our code. Running a
> local instance of JAQPOT on your machine will shed a lot of light on the
> problem. Let's keep in touch.
> >
> > Best,
> > Pantelis Sopasakis
> > Post-doctoral Fellow
> >
> > IMT Institute for Advanced Studies Lucca
> > Piazza San Ponziano, 6
> > 55100 Lucca – Italy
> > Tel: +39 0583 4326 710
> > Fax: +39 0583 4326 565
> > E-mail: pantelis.sopasakis at imtlucca.it
> > web: dysco.imtlucca.it/sopasakis
> >
> > On 05/ott/2013, at 00:07, Philip Doganis <filipposd at gmail.com> wrote:
> >
> >> Dear all,
> >> it certainly is nice to have the help of the group in this! So, please
> check my replies to the instructions from Pantelis.
> >> Best regards,
> >> Philip
> >>
> >> --
> >> Philip Doganis
> >> Sent with Sparrow (http://www.sparrowmailapp.com/?sig)
> >>
> >>
> >> On Friday, October 4, 2013 at 6:33 PM, Pantelis Sopasakis wrote:
> >>
> >>> Dear Micha, Philip,
> >>>
> >>> Thanks a lot for the help. I think this is a shortcoming of our
> implementation; We had never thought that there could be multiple instances
> of our services wanting to create policies with the same name. This is
> something to be fixed. However, in order to understand and reproduce the
> error and tell whether it is related to our implementation or to the SSO
> services I would recommend that the following action is taken from Philip
> who has access to his account:
> >>>
> >>> 1. Verify that the user "filipposd" is a member of the group "member"
> (see my previous email)
> >> The output I get is:
> >> < HTTP/1.1 200 OK
> >> < Server: nginx/0.7.67
> >> < Date: Fri, 04 Oct 2013 21:41:55 GMT
> >> < Content-Type: text/plain;charset=UTF-8
> >> < Connection: keep-alive
> >> < Content-Length: 232
> >> <
> >> identitydetails.name=filipposd
> >> identitydetails.type=user
> >> identitydetails.realm=dc=opensso,dc=java,dc=net
> >> identitydetails.group=development
> >> identitydetails.group=member
> >> identitydetails.attribute=
> >> identitydetails.attribute.name=group
> >> * Connection #0 to host opensso.in-silico.ch left intact
> >> * Closing connection #0
> >> * SSLv3, TLS alert, Client hello (1):
> >>
> >> (A more detailed version of the output can be found at:
> https://github.com/filipd/StrayCode/edit/master/output.rtf)
> >>> 2. Check whether "filipposd" is allowed to perform a POST at
> http://147.102.82.124:8080/algorithm/mlr using the authorization API.
> (Although if I remember well, JAQPOT will just check whether you are
> authenticated as all users are allowed to use our algorithms.
> >> I gave curl -X POST -d 'dataset_uri=
> http://apps.ideaconsult.net:8080/ambit2/dataset/1037' -d
> 'prediction_feature=http://apps.ideaconsult.net:8080/ambit2/feature/26701'
> -d 'dataset_service=http://apps.ideaconsult.net:8080/ambit2/dataset'
> http://147.102.82.124:8080/algorithm/mlr
> >>
> >> <rdf:RDF
> >>    xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#"
> >>    xmlns:ot="http://www.opentox.org/api/1.1#"
> >>    xmlns:otrs="http://opentox.org/opentox-rest.owl#"
> >>    xmlns:ota="http://www.opentox.org/algorithmTypes.owl/#"
> >>    xmlns:owl="http://www.w3.org/2002/07/owl#"
> >>    xmlns:dc="http://purl.org/dc/elements/1.1/"
> >>    xmlns:bibtex="http://purl.oclc.org/NET/nknouf/ns/bibtex#"
> >>    xmlns:xsd="http://www.w3.org/2001/XMLSchema#"
> >>    xmlns:jaqpot="http://opentox.ntua.gr:3000"
> >>    xmlns:rdfs="http://www.w3.org/2000/01/rdf-schema#" >
> >>  <rdf:Description rdf:about="http://www.opentox.org/api/1.1#Dataset">
> >>    <rdfs:subClassOf rdf:resource="
> http://www.opentox.org/api/1.1#OpenToxResource"/>
> >>    <rdfs:comment rdf:datatype="http://www.w3.org/2001/XMLSchema#string">Provides
> access to chemical compounds and their features (e.g. structural,
> physical-chemical, biological, toxicological properties)</rdfs:comment>
> >>    <rdf:type rdf:resource="http://www.w3.org/2002/07/owl#Class"/>
> >>  </rdf:Description>
> >>  <rdf:Description rdf:about="
> http://purl.org/dc/elements/1.1/description">
> >>    <rdf:type rdf:resource="
> http://www.w3.org/2002/07/owl#AnnotationProperty"/>
> >>  </rdf:Description>
> >>  <rdf:Description rdf:about="http://www.opentox.org/api/1.1#message">
> >>    <rdfs:comment rdf:datatype="http://www.w3.org/2001/XMLSchema#string">For
> example: 'Prediction feature not provided'</rdfs:comment>
> >>    <dc:description rdf:datatype="
> http://www.w3.org/2001/XMLSchema#string">A simple message providing some
> simple description of the exceptional event.</dc:description>
> >>    <dc:title rdf:datatype="http://www.w3.org/2001/XMLSchema#string">error
> message</dc:title>
> >>    <rdfs:range rdf:resource="http://www.w3.org/2001/XMLSchema#string"/>
> >>    <rdfs:domain rdf:resource="
> http://www.opentox.org/api/1.1#ErrorReport"/>
> >>    <rdf:type rdf:resource="
> http://www.w3.org/2002/07/owl#DatatypeProperty"/>
> >>  </rdf:Description>
> >>  <rdf:Description rdf:about="http://www.opentox.org/api/1.1#DataType">
> >>    <rdfs:subClassOf rdf:resource="
> http://www.opentox.org/api/1.1#OpenToxResource"/>
> >>    <rdf:type rdf:resource="http://www.w3.org/2002/07/owl#Class"/>
> >>  </rdf:Description>
> >>  <rdf:Description rdf:about="http://purl.org/dc/elements/1.1/identifier
> ">
> >>    <rdf:type rdf:resource="
> http://www.w3.org/2002/07/owl#AnnotationProperty"/>
> >>  </rdf:Description>
> >>  <rdf:Description rdf:about="http://www.opentox.org/api/1.1#Feature">
> >>    <rdfs:subClassOf rdf:resource="
> http://www.opentox.org/api/1.1#OpenToxResource"/>
> >>    <rdf:type rdf:resource="http://www.w3.org/2002/07/owl#Class"/>
> >>  </rdf:Description>
> >>  <rdf:Description rdf:about="http://www.opentox.org/api/1.1#httpStatus
> ">
> >>    <dc:title rdf:datatype="http://www.w3.org/2001/XMLSchema#string">HTTP
> status</dc:title>
> >>    <rdfs:range rdf:resource="http://www.w3.org/2001/XMLSchema#int"/>
> >>    <rdfs:domain rdf:resource="
> http://www.opentox.org/api/1.1#ErrorReport"/>
> >>    <rdf:type rdf:resource="
> http://www.w3.org/2002/07/owl#DatatypeProperty"/>
> >>  </rdf:Description>
> >>  <rdf:Description rdf:about="http://www.opentox.org/api/1.1#errorCode">
> >>    <dc:description rdf:datatype="
> http://www.w3.org/2001/XMLSchema#string">Error codes of error reports are
> specified by the service providers that produce the error report. These are
> characteristic for every class of exceptional events.</dc:description>
> >>    <dc:title rdf:datatype="http://www.w3.org/2001/XMLSchema#string">error
> code</dc:title>
> >>    <rdfs:range rdf:resource="http://www.w3.org/2001/XMLSchema#string"/>
> >>    <rdfs:domain rdf:resource="
> http://www.opentox.org/api/1.1#ErrorReport"/>
> >>    <rdf:type rdf:resource="
> http://www.w3.org/2002/07/owl#DatatypeProperty"/>
> >>  </rdf:Description>
> >>  <rdf:Description rdf:about="
> http://anonymous.org/error/625d13f4-2e21-4400-b77c-7fe2127d5d46">
> >>    <ot:httpStatus rdf:datatype="http://www.w3.org/2001/XMLSchema#int
> ">401</ot:httpStatus>
> >>    <ot:errorCode rdf:datatype="http://www.w3.org/2001/XMLSchema#string
> ">Anonymous</ot:errorCode>
> >>    <ot:actor rdf:datatype="http://www.w3.org/2001/XMLSchema#string">(Client
> Error) 85.75.73.141 using curl/7.21.4 (universal-apple-darwin11.0)
> libcurl/7.21.4 OpenSSL/0.9.8y zlib/1.2.5</ot:actor>
> >>    <ot:details rdf:datatype="http://www.w3.org/2001/XMLSchema#string">You
> have to authenticate yourself using the 'Authorization' Header according to
> the OpenTox API specifications</ot:details>
> >>    <ot:message rdf:datatype="http://www.w3.org/2001/XMLSchema#string">Anonymous
> predictions are now allowed</ot:message>
> >>    <dc:title rdf:datatype="http://www.w3.org/2001/XMLSchema#string">Error
> report produced by '(Client Error) 85.75.73.141 using curl/7.21.4
> (universal-apple-darwin11.0) libcurl/7.21.4 OpenSSL/0.9.8y
> zlib/1.2.5'</dc:title>
> >>    <dc:identifier rdf:datatype="http://www.w3.org/2001/XMLSchema#anyURI
> ">http://anonymous.org/error/625d13f4-2e21-4400-b77c-7fe2127d5d46
> </dc:identifier>
> >>    <rdf:type rdf:resource="http://www.opentox.org/api/1.1#ErrorReport
> "/>
> >>  </rdf:Description>
> >>  <rdf:Description rdf:about="
> http://www.opentox.org/api/1.1#OpenToxResource">
> >>    <rdfs:subClassOf rdf:resource="http://www.w3.org/2002/07/owl#Thing
> "/>
> >>    <rdfs:comment rdf:datatype="http://www.w3.org/2001/XMLSchema#string">Generic
> OpenTox Resource</rdfs:comment>
> >>    <rdf:type rdf:resource="http://www.w3.org/2002/07/owl#Class"/>
> >>  </rdf:Description>
> >>  <rdf:Description rdf:about="http://www.opentox.org/api/1.1#actor">
> >>    <dc:description rdf:datatype="
> http://www.w3.org/2001/XMLSchema#string">URI of the peer that produces
> the exception.</dc:description>
> >>    <dc:title rdf:datatype="http://www.w3.org/2001/XMLSchema#string">error
> actor</dc:title>
> >>    <rdfs:range rdf:resource="http://www.w3.org/2001/XMLSchema#string"/>
> >>    <rdfs:domain rdf:resource="
> http://www.opentox.org/api/1.1#ErrorReport"/>
> >>    <rdf:type rdf:resource="
> http://www.w3.org/2002/07/owl#DatatypeProperty"/>
> >>  </rdf:Description>
> >>  <rdf:Description rdf:about="http://www.opentox.org/api/1.1#Model">
> >>    <rdfs:subClassOf rdf:resource="
> http://www.opentox.org/api/1.1#OpenToxResource"/>
> >>    <rdf:type rdf:resource="http://www.w3.org/2002/07/owl#Class"/>
> >>  </rdf:Description>
> >>  <rdf:Description rdf:about="http://www.opentox.org/api/1.1#Task">
> >>    <rdfs:subClassOf rdf:resource="http://www.opentox.org/api/1.1#String
> "/>
> >>    <rdfs:subClassOf rdf:resource="
> http://www.opentox.org/api/1.1#Feature"/>
> >>    <rdf:type rdf:resource="http://www.w3.org/2002/07/owl#Class"/>
> >>  </rdf:Description>
> >>  <rdf:Description rdf:about="http://www.opentox.org/api/1.1#Algorithm">
> >>    <rdfs:subClassOf rdf:resource="
> http://www.opentox.org/api/1.1#OpenToxResource"/>
> >>    <rdfs:comment rdf:datatype="http://www.w3.org/2001/XMLSchema#string">Provides
> access to OpenTox algorithms</rdfs:comment>
> >>    <rdf:type rdf:resource="http://www.w3.org/2002/07/owl#Class"/>
> >>  </rdf:Description>
> >>  <rdf:Description rdf:about="http://www.opentox.org/api/1.1#hasSource">
> >>    <rdfs:range rdf:resource="http://www.opentox.org/api/1.1#Model"/>
> >>    <rdfs:range rdf:resource="http://www.opentox.org/api/1.1#Dataset"/>
> >>    <rdfs:range rdf:resource="http://www.opentox.org/api/1.1#Algorithm
> "/>
> >>    <rdfs:domain rdf:resource="http://www.opentox.org/api/1.1#Feature"/>
> >>    <rdfs:domain rdf:resource="http://www.opentox.org/api/1.1#Task"/>
> >>    <rdf:type rdf:resource="http://www.w3.org/2002/07/owl#ObjectProperty
> "/>
> >>  </rdf:Description>
> >>  <rdf:Description rdf:about="http://www.opentox.org/api/1.1#details">
> >>    <dc:description rdf:datatype="
> http://www.w3.org/2001/XMLSchema#string">Detailed message including
> technical information about the exceptional event. Can be used to help both
> peers in the debugging.</dc:description>
> >>    <dc:title rdf:datatype="http://www.w3.org/2001/XMLSchema#string">error
> details</dc:title>
> >>    <rdfs:range rdf:resource="http://www.w3.org/2001/XMLSchema#string"/>
> >>    <rdfs:domain rdf:resource="
> http://www.opentox.org/api/1.1#ErrorReport"/>
> >>    <rdf:type rdf:resource="
> http://www.w3.org/2002/07/owl#DatatypeProperty"/>
> >>  </rdf:Description>
> >>  <rdf:Description rdf:about="http://www.opentox.org/api/1.1#ErrorReport
> ">
> >>    <rdfs:subClassOf rdf:resource="
> http://www.opentox.org/api/1.1#OpenToxResource"/>
> >>    <dc:description rdf:datatype="
> http://www.w3.org/2001/XMLSchema#string">Instances of the class
> ErrorReport appear in ontological models to report some exceptional event
> that happened during the transaction of data from one server to another,
> request errors or internal server errors. An error report is characterized
> by its actor, the corresponding status code, some unique identifier for the
> exceptional event and possibly another error report that triggered its
> creation.</dc:description>
> >>    <rdf:type rdf:resource="http://www.w3.org/2002/07/owl#Class"/>
> >>  </rdf:Description>
> >>  <rdf:Description rdf:about="http://www.opentox.org/api/1.1#String">
> >>    <rdfs:subClassOf rdf:resource="
> http://www.opentox.org/api/1.1#DataType"/>
> >>    <rdf:type rdf:resource="http://www.w3.org/2002/07/owl#Class"/>
> >>  </rdf:Description>
> >>  <rdf:Description rdf:about="
> http://www.w3.org/2000/01/rdf-schema#comment">
> >>    <rdf:type rdf:resource="
> http://www.w3.org/2002/07/owl#AnnotationProperty"/>
> >>  </rdf:Description>
> >>  <rdf:Description rdf:about="http://purl.org/dc/elements/1.1/title">
> >>    <rdf:type rdf:resource="
> http://www.w3.org/2002/07/owl#AnnotationProperty"/>
> >>  </rdf:Description>
> >>   </rdf:RDF>
> >>
> >>> 3. Check the logs of our services for additional error messages.
> >>>
> >>>
> >>
> >> will do that...
> >>>
> >>> Best regards,
> >>> Pantelis
> >>>
> >>>
> >>> On 04/ott/2013, at 11:37, Micha Rautenberg <mr at mrautenberg.de (mailto:
> mr at mrautenberg.de)> wrote:
> >>>
> >>>> Hello Philip,
> >>>>
> >>>> I checked the OpenSSO logs and found some lines with the following
> error:
> >>>>
> >>>> S: Create pol[Policy service] Resolved to user: 'filipposd'[Policy
> service] Create Policy 'user_filipposd at opensso.in-silico.ch (mailto:
> user_filipposd at opensso.in-silico.ch)'Policy '
> user_filipposd at opensso.in-silico.ch (mailto:
> user_filipposd at opensso.in-silico.ch)' already exists
> >>>>
> >>>> please have in mind that each policy must have a different name.
> >>>> e.G.: in the XML policy template
> https://github.com/opentox/opentox-client/blob/master/lib/templates/default_policy.xml#L5<Policy name="policy_user" and later: <Policy name="policy_group" has to be
> replaced before creating a new policy.
> >>>>
> >>>> Cheers,
> >>>> Micha
> >>>>
> >>>>
> >>>> Am 04.10.2013 09:46, schrieb Micha Rautenberg:
> >>>>>
> >>>>> Am 04.10.2013 09:22, schrieb Nina Jeliazkova:
> >>>>>> On 4 October 2013 10:18, Micha Rautenberg <mr at mrautenberg.de(mailto:
> mr at mrautenberg.de)> wrote:
> >>>>>>
> >>>>>>> Hi Pantelis,
> >>>>>>> Am 04.10.2013 02:14, schrieb Pantelis Sopasakis:
> >>>>>>>
> >>>>>>> @Barry: Could you add Philip (in CC) to the development mailing
> list?
> >>>>>>> Philip is already in the development mailing list.
> >>>>>>>
> >>>>>>>
> >>>>>>>> @Philip, All,
> >>>>>>>>
> >>>>>>>> Some instructions on how to obtain group membership data using the
> >>>>>>>> OpenTox A&A API (required authentication):
> >>>>>>>>
> >>>>>>>
> >>>>>>> I hope this excellent example is already somewhere in our
> documentation :-)
> >>>>>>>
> >>>>>>
> >>>>>> +1
> >>>>>>
> >>>>>> Or perhaps we could start a repository with such examples at
> >>>>>> https://github.com/opentox-api ?
> >>>>>>
> >>>>>
> >>>>> good idea
> >>>>>>
> >>>>>> Nina
> >>>>>>
> >>>>>>
> >>>>>>> best, Micha
> >>>>>>>
> >>>>>>>
> >>>>>>>> #Your username:
> >>>>>>>> export username=guest
> >>>>>>>> $Your password:
> >>>>>>>> export password=guest
> >>>>>>>> export token=`curl -X POST -k 'https://opensso.in-silico.ch:**
> >>>>>>>> 443/auth/authenticate?uri=**service=openldap<
> https://opensso.in-silico.ch:443/auth/authenticate?uri=service=openldap>'
> >>>>>>>> -d username=$username -d password=$password`
> >>>>>>>> token=`echo $token | cut -c10-80`;
> >>>>>>>> curl -k -v -d name=$username -d attributes_names="group" -d
> admin=$token
> >>>>>>>> https://opensso.in-silico.ch/**opensso/identity/read<
> https://opensso.in-silico.ch/opensso/identity/read>
> >>>>>>>>
> >>>>>>>> This will produce an output like this:
> >>>>>>>>
> >>>>>>>> < HTTP/1.1 200 OK
> >>>>>>>> < Server: nginx/0.7.67
> >>>>>>>> < Date: Fri, 04 Oct 2013 00:25:35 GMT
> >>>>>>>> < Content-Type: text/plain;charset=UTF-8
> >>>>>>>> < Connection: keep-alive
> >>>>>>>> < Content-Length: 194
> >>>>>>>> <
> >>>>>>>> identitydetails.name (http://identitydetails.name)=guest
> >>>>>>>> identitydetails.type=user
> >>>>>>>> identitydetails.realm=dc=**opensso,dc=java,dc=net
> >>>>>>>> identitydetails.group=member
> >>>>>>>> identitydetails.attribute=
> >>>>>>>> identitydetails.attribute.name (
> http://identitydetails.attribute.name)**=group
> >>>>>>>>
> >>>>>>>> A more detailed report is returned by:
> >>>>>>>>
> >>>>>>>> curl -k -v -d name=$username -d admin=$token
> >>>>>>>> https://opensso.in-silico.ch/**opensso/identity/read<
> https://opensso.in-silico.ch/opensso/identity/read>
> >>>>>>>>
> >>>>>>>> and finally, logout:
> >>>>>>>>
> >>>>>>>> curl -i -d subjectid=$token http://opensso.in-silico.ch/**
> >>>>>>>> opensso/identity/logout<
> http://opensso.in-silico.ch/opensso/identity/logout>
> >>>>>>>>
> >>>>>>>> Best regards,
> >>>>>>>> Pantelis
> >>>>>>>>
> >>>>>>>>
> >>>>>>>> On 03/ott/2013, at 14:05, Nina Jeliazkova <
> jeliazkova.nina at gmail.com (mailto:jeliazkova.nina at gmail.com)>
> >>>>>>>> wrote:
> >>>>>>>>
> >>>>>>>> Philip,
> >>>>>>>>> Most probably Pantelis is right, this is something related to
> the group
> >>>>>>>>> memberships. You could check the access rights by yourself via
> the
> >>>>>>>>> OpenTox
> >>>>>>>>> AA .
> >>>>>>>>>
> >>>>>>>>> I am usually using the command line application (this is a
> library as
> >>>>>>>>> well)
> >>>>>>>>> in such cases
> >>>>>>>>>
> >>>>>>>>> http://vedina.github.io/**opentox-aa-cli/#cli.html<
> http://vedina.github.io/opentox-aa-cli/#cli.html>
> >>>>>>>>>
> >>>>>>>>> Best regards,
> >>>>>>>>> Nina
> >>>>>>>>>
> >>>>>>>>>
> >>>>>>>>> On 3 October 2013 14:57, Philip Doganis <filipposd at gmail.com(mailto:
> filipposd at gmail.com)> wrote:
> >>>>>>>>>
> >>>>>>>>> Hello Nina,
> >>>>>>>>>> Many thanks for your reply.
> >>>>>>>>>>
> >>>>>>>>>> Earlier today, I was trying to find the source of the problem
> and I
> >>>>>>>>>> logged
> >>>>>>>>>> on to the opentox ntua service with my credentials and operated
> >>>>>>>>>> successfully! I still get an error when trying to access
> >>>>>>>>>> http://opentox.ntua.gr:8080/**user <
> http://opentox.ntua.gr:8080/user>, but I can access the User Quota Report.
> >>>>>>>>>>
> >>>>>>>>>> My main goal is to set up the successor of NTUA opentox server
> and for
> >>>>>>>>>> that purpose I am setting it up an another machine.
> >>>>>>>>>> While I can construct models using the guest account and someone
> >>>>>>>>>> else's, I
> >>>>>>>>>> can't do that with mine.
> >>>>>>>>>> Pantelis sent a message while I was typing this message, some
> info can
> >>>>>>>>>> be
> >>>>>>>>>> found in his e-mail...
> >>>>>>>>>>
> >>>>>>>>>> Since this is a public forum, I can give more info in a private
> message.
> >>>>>>>>>>
> >>>>>>>>>> Thanks for your help.
> >>>>>>>>>>
> >>>>>>>>>> Best regards,
> >>>>>>>>>> Philip
> >>>>>>>>>>
> >>>>>>>>>> --
> >>>>>>>>>> Philip Doganis
> >>>>>>>>>> Sent with Sparrow (http://www.sparrowmailapp.**com/?sig<
> http://www.sparrowmailapp.com/?sig>
> >>>>>>>>>> )
> >>>>>>>>>>
> >>>>>>>>>>
> >>>>>>>>>> On Thursday, October 3, 2013 at 2:15 PM, Nina Jeliazkova wrote:
> >>>>>>>>>>
> >>>>>>>>>> Dear Philip,
> >>>>>>>>>>> This seems to be an error when creating a policy at the
> OpenSSO server,
> >>>>>>>>>>> probably when creating a new model, but this is not explicit
> in the
> >>>>>>>>>>> error
> >>>>>>>>>>> log. Do I understand you use the "guest" user, or do you use
> your own
> >>>>>>>>>>> OpenTox user?
> >>>>>>>>>>>
> >>>>>>>>>>> Micha, could you have a look at the OpenSSO and policy server
> logs.
> >>>>>>>>>>>
> >>>>>>>>>>> Thanks,
> >>>>>>>>>>> Nina
> >>>>>>>>>>>
> >>>>>>>>>>>
> >>>>>>>>>>>
> >>>>>>>>>>>
> >>>>>>>>>>> On 1 October 2013 20:00, Philip Doganis <filipposd at gmail.com(mailto:
> filipposd at gmail.com) (mailto:
> >>>>>>>>>> filipposd at gmail.com (mailto:filipposd at gmail.com))> wrote:
> >>>>>>>>>>
> >>>>>>>>>>> Dear Opentox community,
> >>>>>>>>>>>> My name is Philip Doganis, I am a postgraduate researcher
> working at
> >>>>>>>>>>>
> >>>>>>>>>>> NTUA
> >>>>>>>>>>> with Prof. Sarimveis.
> >>>>>>>>>>>> I am writing about the problem I encountered in my effort to
> use the
> >>>>>>>>>>>> opentox service. I have created the user filipposd but I am
> unable to
> >>>>>>>>>>>> perform any action, other than receive a token. As a guest
> user, I can
> >>>>>>>>>>>> create and manage models and I have checked my cookie
> settings (I
> >>>>>>>>>>>>
> >>>>>>>>>>>
> >>>>>>>>>>> accept
> >>>>>>>>>>> everything). I get this error:
> >>>>>>>>>>>> https://gist.github.com/**alphaville/**07536df6f3b8e252832a<
> https://gist.github.com/alphaville/07536df6f3b8e252832a>.
> >>>>>>>>>>>> Please check any problems there might be with my account, so
> I can
> >>>>>>>>>>>> make
> >>>>>>>>>>>> use of the services. Thanks in advance for your time.
> >>>>>>>>>>>>
> >>>>>>>>>>>> Best regards,
> >>>>>>>>>>>> Philip Doganis
> >>>>>>>>>>>>
> >>>>>>>>>>>>
> >>>>>>>>>>>>
> >>>>>>>>>>>> --
> >>>>>>>>>>>> Philip Doganis
> >>>>>>>>>>>> Sent with Sparrow (http://www.sparrowmailapp.**com/?sig<
> http://www.sparrowmailapp.com/?sig>
> >>>>>>>>>>>> )
> >>>>>>>>>>>>
> >>>>>>>>>>>> ______________________________**_________________
> >>>>>>>>>>>> Development mailing list
> >>>>>>>>>>>> Development at opentox.org (mailto:Development at opentox.**org<
> Development at opentox.org (mailto:Development at opentox.org)>
> >>>>>>>>>>>> )
> >>>>>>>>>>>> http://www.opentox.org/**mailman/listinfo/development<
> http://www.opentox.org/mailman/listinfo/development>
> >>>>>>>>>>>>
> >>>>>>>>>>>> ______________________________**_________________
> >>>>>>>>>>> Development mailing list
> >>>>>>>>>>> Development at opentox.org (mailto:Development at opentox.**org<
> Development at opentox.org (mailto:Development at opentox.org)>
> >>>>>>>>>>> )
> >>>>>>>>>>> http://www.opentox.org/**mailman/listinfo/development<
> http://www.opentox.org/mailman/listinfo/development>
> >>>>>>>>>>>
> >>>>>>>>>>
> >>>>>>>>>> ______________________________**_________________
> >>>>>>>>>> Development mailing list
> >>>>>>>>>> Development at opentox.org (mailto:Development at opentox.org)
> >>>>>>>>>> http://www.opentox.org/**mailman/listinfo/development<
> http://www.opentox.org/mailman/listinfo/development>
> >>>>>>>>>>
> >>>>>>>>>> ______________________________**_________________
> >>>>>>>>> Development mailing list
> >>>>>>>>> Development at opentox.org (mailto:Development at opentox.org)
> >>>>>>>>> http://www.opentox.org/**mailman/listinfo/development<
> http://www.opentox.org/mailman/listinfo/development>
> >>>>>>>>>
> >>>>>>>>> ______________________________**_________________
> >>>>>>>> Development mailing list
> >>>>>>>> Development at opentox.org (mailto:Development at opentox.org)
> >>>>>>>> http://www.opentox.org/**mailman/listinfo/development<
> http://www.opentox.org/mailman/listinfo/development>
> >>>>>>>>
> >>>>>>>
> >>>>>>> ______________________________**_________________
> >>>>>>> Development mailing list
> >>>>>>> Development at opentox.org (mailto:Development at opentox.org)
> >>>>>>> http://www.opentox.org/**mailman/listinfo/development<
> http://www.opentox.org/mailman/listinfo/development>
> >>>>>>>
> >>>>>>
> >>>>>> _______________________________________________
> >>>>>> Development mailing list
> >>>>>> Development at opentox.org (mailto:Development at opentox.org)
> >>>>>> http://www.opentox.org/mailman/listinfo/development
> >>>>>>
> >>>>>
> >>>>>
> >>>>> _______________________________________________
> >>>>> Development mailing list
> >>>>> Development at opentox.org (mailto:Development at opentox.org)
> >>>>> http://www.opentox.org/mailman/listinfo/development
> >>>>>
> >>>>
> >>>>
> >>>> _______________________________________________
> >>>> Development mailing list
> >>>> Development at opentox.org (mailto:Development at opentox.org)
> >>>> http://www.opentox.org/mailman/listinfo/development
> >>>>
> >>>
> >>>
> >>> _______________________________________________
> >>> Development mailing list
> >>> Development at opentox.org (mailto:Development at opentox.org)
> >>> http://www.opentox.org/mailman/listinfo/development
> >>>
> >>>
> >>
> >>
> >> _______________________________________________
> >> Development mailing list
> >> Development at opentox.org
> >> http://www.opentox.org/mailman/listinfo/development
> >>
> >
>
> _______________________________________________
> Development mailing list
> Development at opentox.org
> http://www.opentox.org/mailman/listinfo/development
>