BOOTSTRAPPING WITHOUT SECURITY

Bootstrapping a new Genesis II net without security can be done in two separate phases. In the first, we configure Genesis II to not sign message and to ignore access control on resources. In the second phase, we can also indicate that we wish to use a regular http connection rather than an https connection. We highly discourage turning off SSL without turning off message signing and authentication as this will tend to expose delegate credential keys in plain text.


Turning off Message Signing on the client

Edit deployments/default/configuration/security.properties:

  • Change the property edu.virginia.vcgr.genii.client.security.message.min-config so that it's new value is NONE|WARN.

Turning off Authentication on the server

Edit src/edu/virginia/vcgr/genii/container/common/GenesisIIBase.java:

  • The class is annotated with defaultAuthZProvider=GamlAclAuthZProvider.class. Change the provider to OpenAuthZProvider.class.

Turning off SSL

For the purposes of the directions in this section, assume that all files are located in deployments/default/configuration.

Edit the web-container.properties File

  • Change the value of the property edu.virginia.vcgr.genii.container.listen-port.use-ssl to false.

Edit the bootstrap.xml File

  • In the <geniix:create-rns-root> element, change the --protocol parameter from https to http.
  • In the <geniix:ln> element, change the --service-url parameter from https to http.

Bootstrapping the Net

When you have configured Genesis II the way you like, you need to bootstrap a new net. Before you bootstrap a new Genesis II net, you should verify that you have a clean state directory to start with. By default your state directory will be located in your user home directory (C:\Documents and Settings\<username> on Windows) and will be called .genesisII-2.0. Before bootstrapping a net, you should consider completely removing this state directory.

Start the Genesis II container with the runContainer script that comes with your installation. This will start up the container and after 10 seconds or so you will see a message printed out saying that the "Container Started".

Next, you need to run the bootstrap script using the grid command. Change directory into your Genesis II install and run the command grid script file:deployments/default/configuration/bootstrap.xml. This should run the bootstrap script with security turned off. When this script is finished running, you should have a running, insecure Genesis II Grid.