gfal-token - Man Page

retrieve SE-issued token for a given path

Synopsis

gfal-token [ OPTION ]... PATH [ ACTIVITY ]...

Description

gfal-token This command retrieves a Storage Element issued token for a given path. Additionally, a token issuer URL may be passed. The command can take either a list of user-defined activities or use predefined activities for the read/write access flag. Behind the scenes, Gfal2 will try to first retrieve a SciTokens-style token, followed by a macaroon-style token. If at any point, a token is successfully retrieved, operation stops and the token is printed.

Options

-h, --help

show help about the command.

-V, --version

output version information and exit.

-v, --verbose

verbose mode. Repeat up to 3 times for the most verbose mode.

-D, --definition DEFINITION

define properties for gfal2. Definitions have the following syntax: "CONFIG_GROUP:KEY=VALUE"

-t, --timeout TIMEOUT

global timeout for the execution of the command. Command is interrupted if time expires before it finishes. Note: A grace period of 30 seconds is given to the global timeout.

-E, --cert CERT

user certificate. (This option takes effect only after X509_USER_PROXY environment variable and default /tmp/x509up_u`id -u` location cannot provide a certificate)

--key KEY

user private key.

-4

forces Gfal2 to use IPv4 addresses only. (Option valid only for GridFTP protocol)

-6

forces Gfal2 to use IPv6 addresses only. (Option valid only for GridFTP protocol)

-C, --client-info CLIENT_INFO

provide custom client-side information.

--log-file LOG_FILE

write Gfal2 library logs to the given file location.

--issuer ISSUER

token issuer endpoint.

--validity VALIDITY

token validity expressed in minutes.

-w, --write

token read/write access flag. Default activities associated with these flags: read = [LIST,DOWNLOAD], write = [LIST,DOWNLOAD,MANAGE,UPLOAD,DELETE]

PATH

resource URI for which token is requested.

ACTIVITY

optional argument, user-specified activity list. This list takes precedence over the read/write access flag default activities.

Examples

Retrieve a SE-issued token using default write activities

gfal-token --write https://endpoint.cern.ch/path/file

Retrieve a SE-issued token using custom activities

gfal-token https://endpoint.cern.ch/path/file LIST MANAGE UPLOAD

Files

/etc/gfal2.d/*

All configuration files in this directory affect the behavior of the underlying gfal2.

Authors

Duarte Meneses <duarte.meneses@cern.ch>
Adrien Devresse <adrien.devresse@cern.ch>
Alejandro Alvarez Ayllon <alejandro.alvarez.ayllon@cern.ch>
Andrea Manzi <andrea.manzi@cern.ch>
Mihai Patrascoiu <mihai.patrascoiu@cern.ch>
Joao Lopes <joao.pedro.batista.lopes@cern.ch>

See Also

gfal-cat(1), gfal-chmod(1), gfal-copy(1), gfal-ls(1), gfal-mkdir(1), gfal-rename(1), gfal-rm(1), gfal-save(1), gfal-stat(1), gfal-sum(1), gfal-token(1), gfal-xattr(1)

Referenced By

gfal-cat(1), gfal-chmod(1), gfal-copy(1), gfal-ls(1), gfal-mkdir(1), gfal-rename(1), gfal-rm(1), gfal-save(1), gfal-stat(1), gfal-sum(1), gfal-xattr(1).

March 2022 v1.7.1