get                     CredentialManager                    get

NAME

       get - retrieve the  credential

SYNOPSIS

       get [ options ] <IndexService's base URL>  user name credential name 

DESCRIPTION

       The  get  command  retrieves  a  credential from the server that was 
       previously stored using init.  The  user must  have  a valid proxy 
       credential as generated by grid-proxy-init or init when running this 
       command. In the default mode, the command prompts for the Credential pass 
       phrase associated with the credential to be retrieved and stores the retrieved 
       credential in the standard location ( /tmp/x509up_u<uid> ).
       This standard location can be overridden by environmental variable X509_USER_PROXY.
       Currently, the  get  command  does not support credential renewal. 
         

OPTIONS

       -gsiSecConv type --gsi_Secure_Conversation type
	       Specifies the type of GSI Secure Conversation.
               There are two types available: 
		     'sig' - for XML Signature
                     'enc' - for XML Encryption (default)
                     'anon' - for anonymous authentication
               
       -gsiXmlSig
	       Enables GSI XML Signature (can be used together with -gssxml).

       -deleg mode --delegation_mode mode
	       Specifies the mode of delegation.
               The modes available are: 
		     'limited' - performs limited delegation
                     'full'    - performs full delegation (default)

       -auth type --authorization_type type		     
               The types available are: 
		     'host' - performs host authorization (default)
                     'self' - performs self authorization
		     'none' - disables authorization
		     Otherwise, identity authorization is performed with type identity.

       -debug
	       Enables debug mode.


       -t hours, --proxy_lifetime hours
              Specifies the  lifetime  of  credentials  retrieved  from  the
              server using the stored  credential.   The  resulting lifetime  
	      is the shorter of the requested lifetime and the lifetime 
	      specified when the credential  was  stored  using init.  
              Default: 12 hours

       -o file, --out file
              Specifies where the retrieved proxy credential should be stored.
              If this option is not specified, the proxy  credential  will  be
              stored in the location specified by X509_USER_PROXY. If 
	      X509_USER_PROXY is not set, the proxy credential will be 
              stored in the default location ( /tmp/x509up_u<uid> ).

       -p password, --credential_password password
              Specifies the  password  of  credentials  to be gotten. If the user uses
	      this option, he will not be prompted for the password.


       -h handle, --handle handle
              Specifies the handle of the service instance.  There is a 
              one-to-one mapping between the credentials and the service 
              instances. The service instance is accessed through its handle. 
              By default, the user name and credential name is used in get 
              command and the handle is obtained by querying the index service. 
              This option will allow user to directly specify the handle of 
              the service instance for that credential without using index 
              service. For more information, please refer to index service.

ENVIRONMENT

       X509_USER_PROXY
              Specifies a non-standard location for the retrieved proxy credential.