VOMS Admin server v. 3.4.0
This release fixes several problems and introduces requested new features in
VOMS Admin server. The list of bug fixes is given in full below. Here the main
new features will be described
VOMS Admin server now requires Java 8.
AUP signature reminders
It is now possible to configure VOMS Admin to send multiple reminders to remind
users of AUP signature requests.
voms.aup.sign_aup_task_reminders option in the
file accepts a comma separated list of values as in:
voms.aup.sign_aup_task_reminders = 14,7,1
With the settings above, VOMS Admin would send three reminders to a user that is requested
to sign the AUP: 14,7 and 1 day before the grace period expiration. These reminders are
sent in addition to the email notification that is sent by VOMS Admin when the AUP
The grace period duration is configured as before with the
voms.aup.sign_aup_task_lifetime = 30
configures a grace period of 30 days.
Improved user requests handling
The handle user request home page has been redesigned to support multiple request handling
with a single click and improved readability.
VOMS Admin audit log
VOMS Admin now keeps an audit log in the database of all the relevant
management actions performed on the VOMS database by administrators and by the
The audit log can be queried from the audit log page, which replaces the former
request log page.
VOMS links to CERN HR DB via the HR db user id field
VOMS now links membership to data in the CERN HR database using the user HR user id field (which
cannot be changed by users) instead of the user email addresses.
The HR id used for a given VOMS user can be changed by VO administrators. This change
does not affect the current registration flow.
Authentication info page
VOMS Admin now has a page that can be used to display information about the
certificate used when connecting to the service. The page will tell:
- if the user is authenticated (i.e. has provided a valid and trusted certificate)
- if the user certificate grants administrator permissions for the VO
- if there’s a VO membership linked to the certificate
Group manager role
It is now possible to leverage VOMS roles to group together group managers,
i.e. administrators that have the right to approve group membership requests
and role assignment requests that are specific for a VO group.
- VOMS-658 : List users should return all certificates for registered VO members
- VOMS-657 : Form validation for the Institute field should be disabled when HR DB integration is on
- VOMS-656 : Suspended users end up in Gridmap files
- VOMS-645 : Force users to include a textual motivation for group and role requests
- VOMS-641 : VO members whose AUP has expired but are not notified
- VOMS-640 : VOMS Admin sessions expire in two minutes
- VOMS-636 : VOMS admin change reacceptance period should be protected by a confirmation dialog
- VOMS-631 : VOMS Admin RPM should depend on Java 8
- VOMS-629 : Improve VOMS Admin request certificate page
- VOMS-628 : VOMS Admin pending request page should provide easy access to requestor email address
- VOMS-625 : Cumulative permissions do not grant all intended privileges
- VOMS-524 : Include Orgdb configuration documentation in VOMS administrator guide
New features and improvements
- VOMS-675 : Provide a VO member targeted VOMS Admin guide
- VOMS-655 : Group-Manager role to grant group membership request rights
- VOMS-654 : VOMS should provide a page that displays detailed information about the certificate used to connect to the service
- VOMS-650 : VOMS should leverage HR member id instead of primary email for linking VOMS and HR membership
- VOMS-649 : Add ability to edit group description
- VOMS-635 : VOMS triggerReacceptance confirm dialog should shield from user mistakes
- VOMS-634 : VOMS Admin handle request page should show only requests that can be handled by an administrator
- VOMS-633 : Add ability to handle multiple requests page from VOMS Admin "Handle requests" page
- VOMS-129 : VOMS admin provides configurable notification interval for Sign AUP messages
Installation and configuration
Upgrade from VOMS Admin Server >= 3.2.0
A database upgrade and a reconfiguration (in this order) are
required to upgrade to VOMS Admin server 3.4.0.
Upgrade from earlier VOMS Admin Server versions
First upgrade to VOMS Admin version 3.2.0 and then to 3.4.0.
Follow the instructions in the VOMS System Administrator Guide.