Authorization

Only aurhorized users are allowed to use the computing infrastructure exposed by QCG. In case of QCG-Now, the user’s authorization is done with so called proxy certificates. When a user configure to use SFTP as a transfer protocol, the SFTP connections will be authorized independently with login / password.

Proxy certificate

The proxy certificate is created on a basis of personal certificate of a user and for a period of performing computing, it replaces that certificate. The proxy is not protected by password, but it has a limited lifetime.

When needed to create a new proxy, QCG-Now displays a dialog, where a user needs to specify:

  • name of the account - “plg***”
  • password to the account.
  • password to the personal certificate (if it is different than the password to the account)

QCG-Now creates proxy certificates remotely with help of services that store personal certificates of users. When created, the proxy certificate is downloaded to a local filesystem and employed to authorization of a user as long as it is valid. By default the proxy certificate is removed when QCG-Now exits, but this setting, as well as proxy lifetime parameters, may be easily changed from the configuration window.

User / password (SFTP)

In case of data transfer with SFTP, QCG doesn’t use proxy certificates. When the connection is established, a user is requested to provide account name (plg***) and password. By default the provided data won’t remain longer than the program is running, but it is possible to store them by selecting a checkbox in the displayed dialog.