I figured it out. It couldn't read the files because of file permissions.

I'm getting a new error now. I created the certs as the labkey user and signed them as root.
Thanks,
Bill




28 Oct 2009 16:53:21,759 ERROR: org.globus.wsrf.impl.security.authorization.exceptions.AuthorizationException: "/O=Grid/OU=GlobusTest/OU=simpleCA-msfcluster.gws.uky.edu/OU=gws.uky.edu/CN=labkey" is not authorized to use operation: {http://www.globus.org/namespaces/2004/10/gram/job}createManagedJob on this service
org.mule.umo.ComponentException: Failed to invoke org.labkey.pipeline.mule.PipelineJobRunnerGlobus. Component that caused exception is: PipelineJobRunnerGlobusUMO. Message payload is of type: ActiveMQTextMessage

Bill,
I am a bit confused as to the status of your server. Which certificate expired? The user certificates, the container certificates or the CA certificates?

I have found that debugging Globus problems it is best to take the LabKey Server out of the picture. So using the labkey user certificates, can you see if you can successfully execute "Test the GRAM server: Test #1" and "Test the GRAM server: Test #2" that are located at the bottom of https://www.labkey.org/wiki/home/Documentation/page.view?name=globusServer

Also on your globus server, after you created the cert for the labkey user, were you able to perform a "grid-proxy-init -debug -verify" as the user labkey?

Thank you,

Brian

Hi Brian,
Thanks for your quick response. I'm going on vacation tomorrow and Friday so I'm a little rushed. I looks like I'll be searching out WIFI in the Appalachians tomorrow (I doubt there are many Starbucks)
In hindsight I guess it was just the user certificates, but I over reacted and created all of the certificates from scratch.

test #1 and #2 return pretty much the same thing:
[labkey@msfcluster ~]$ globusrun-ws -submit -f gramtest
Submitting job...Failed.
globusrun-ws: Error submitting job
globus_soap_message_module: SOAP Fault
Fault code: soapenv:Server.userException
Fault string: org.globus.wsrf.impl.security.authorization.exceptions.AuthorizationException: "/O=Grid/OU=GlobusTest/OU=simpleCA-msfcluster.gws.uky.edu/OU=gws.uky.edu/CN=labkey" is not authorized to use operation: {http://www.globus.org/namespaces/2004/10/gram/job}createManagedJob on this service
 

grid-proxy-init looks OK?


[labkey@msfcluster ~]$ grid-proxy-init -debug -verify

User Cert File: /home/labkey/.globus/usercert.pem
User Key File: /home/labkey/.globus/userkey.pem

Trusted CA Cert Dir: /etc/grid-security/certificates

Output File: /tmp/x509up_u503
Your identity: /O=Grid/OU=GlobusTest/OU=simpleCA-msfcluster.gws.uky.edu/OU=gws.uky.edu/CN=labkey
Enter GRID pass phrase for this identity:
Creating proxy .....++++++++++++
..++++++++++++
 Done
Proxy Verify OK
Your proxy is valid until: Thu Oct 29 10:12:30 2009

Thanks,
Bill

Hi Brian,
Thanks again for your responses. Sorry I was not able to get a hold of you. I could not find a Starbucks in Appalachia. The only thing close was a Frosty Freeze; they didn't have WI-FI but you could still smoke there.
I did find the problem.
I had not been able to find the "Enable a user to submit jobs to the WS-GRAM service" section of the documents so I had used the Globus manual's procedure. That procedure did not include editing the grid-map file.
-Bill