To create an account with BOINC projects, a participant must: and then for each selected project:

If the participant chooses N projects, there are N web sites to visit and N Wizards to complete. This is tedious if there are lots of projects.

This document describes BOINC's support for account management systems, which streamline the process of finding and joining BOINC projects. A typical account management system is implemented as a web site. The participant experience is:

This requires many fewer interactions than the manual approach.

Implementation

An account management system works as follows:

  1. The participant sets up his meta-account and selects projects.
  2. The account manager issues a create account RPC to each selected project.
  3. the participant downloads and installs the BOINC client software from the account manager. The install package includes a file (specific to the account manager) containing the URL of the account manager.
  4. The BOINC client runs, and asks the participant to enter the name and password of his meta-account.
  5. The BOINC client does an RPC to the account manager, obtaining a list of accounts. It then attaches to these accounts and proceeds.
RPCs to create, look up, and modify accounts are described here.

Security

If hackers break into an account manager server, they could potentially cause the account manager to instruct all its clients to attach to malicious a BOINC project that runs a malicious application. To prevent this type of attack, the URLs distributed by an account manager are digitally signed. Each AM has its own signing key pair. The public key is distributed with the AM's configuration file and in all RPC replies. The private key should be stored only on a physically secure, non-connected host that is used to sign URLs.

To sign URLs, compile crypt_prog, BOINC's encryption utility program. (Instructions for downloading and compiling code are here.) Generate a key pair and generate signatures for your URLs. At some point you'll need to commit to a permanent key pair, at which point you should move the private key to the signing machine (disconnected). Make a copy or two on CD-ROM also, and/or print it out on paper; keep these in a safe place. Delete all other copies of the private key.

Farm managers

The AM mechanism can also be used to implement systems for configuring and controlling BOINC on large clusters. We call such systems farm managers. Farm managers may want to provide fine-grained control over clients, e.g. the ability to suspend/resume results. This can be done using GUI RPCs (assuming that the farm manager able to contact clients via HTTP on the GUI RPC port). However, the farm manager must learn the GUI RPC port and password for each client. To support this, the AM configuration file (see below) can specify that the GUI RPC port and password are to be included in each AM RPC request.

If a farm manager uses GUI RPC to attach/detach projects, it should not use the AM mechanism for this purpose. I.e., its AM RPC replies should not list any projects. The function of the AM mechanism, in this case, is to allow sysadmins to set up new clients by copying files. The AM mechanism takes care of registering new clients centrally.

Core client functionality

The BOINC core client uses the following files to keep track of account manager information.

acct_mgr_url.xml
This file identifies the account manager. It is typically bundled with the BOINC client in an installer package. Its format is: ".html_text(" Name of BOINC account management system http://acctmgr.com/ [ ] 1024 ae843acebd4c7250b0fa575d14971b17a56a386a6bb1733d98f4b00460c26159 c8b3217e6cdff938ec0454330c70553fbe3d1f0d0184d8c628db2e093121ee98 8ddbda6e8991879317afccab41f84e9de4903a656f4d3f3e4e7dbc0af9362a05 6ece5ff401a380f3a1d1254d477f7bc84fdcebcca6cb035e776452d3d6d21471 0000000000000000000000000000000000000000000000000000000000000000 0000000000000000000000000000000000000000000000000000000000000000 0000000000000000000000000000000000000000000000000000000000000000 0000000000000000000000000000000000000000000000000000000000010001 . ")."

The URL is that of the account manager's web site.

If the <send_gui_rpc_info/> tag is present, account manager RPCs will include the client's GUI RPC port and password hash (see below).

acct_mgr_login.xml
This file contains meta-account information. Its format is: ".html_text(" name xxx ")."

The password is stored as MD5(password_lowercase(login)).

If the core client finds acct_mgr_url.xml but not acct_mgr_login.xml, it prompts for a name and password, stores them in acct_mgr_login.xml, and makes an account manager RPC. The core client offers menu items for making an account manager RPC, and for changing the name/password.

Account manager RPCs

An account manager must provide a get_project_config.php file containing its name and minimum password length, and containing a <account_manager/> tag.

In addition, an account manager must provide the following RPC, which uses an HTTP POST request. "; list_start(); list_item("URL", "BASE_URL/rpc.php, where BASE_URL is the URL of the account manager web site."); list_item("input", html_text(" John xxx b11ddc5f36c9a86ff093c96e6930646a b11ddc5f36c9a86ff093c96e6930646a host.domain 5.3.2 auto 1133905881 http://setiathome.berkeley.edu/ http://setiathome.berkeley.edu/ SETI@home 0 397d250e02ec02be8141b8d109d5ec73e5 NNN [ ] [ ... other projects ] [ N ] [ xxxx ] ... ") ); list_item("output", html_text(" Account Manager Name 1024 ae843acebd4c7250b0fa575d14971b17a56a386a6bb1733d98f4b00460c26159 c8b3217e6cdff938ec0454330c70553fbe3d1f0d0184d8c628db2e093121ee98 8ddbda6e8991879317afccab41f84e9de4903a656f4d3f3e4e7dbc0af9362a05 6ece5ff401a380f3a1d1254d477f7bc84fdcebcca6cb035e776452d3d6d21471 0000000000000000000000000000000000000000000000000000000000000000 0000000000000000000000000000000000000000000000000000000000000000 0000000000000000000000000000000000000000000000000000000000000000 0000000000000000000000000000000000000000000000000000000000010001 . [ this is a message ] [ ... ] [ MSG ] [ xxx ] [ URL 397d250e02ec02be8141b8d196a118d909d5ec73e592ed50f9d0ad1ce5bf87de e37f48079db76128b20f913a04e911489330a7cab8c346177f1682d236bc7201 42b32665d0d83474bf12aebd97b2bb9a4c4461fa3f0b49bbd40ecfa16715ced7 f72103eb0995be77cac54f253c0ba639a814d3293646ae11894e9d1367a98790 . KEY [ ] [ ] ... ] ") ); list_item("action", "Returns a list of the accounts associated with this meta-account. The arguments are:

password_hash
the account password, hashed as MD5(password_lowercase(name)).
host_cpid
Identifies the host.
previous_host_cpid
The host identifier passed in the previous RPC. Host identifiers can change occasionally. This lets the account manager maintain host identity.
domain_name
The host's domain name.
run mode
The current mode (always/auto/never).
gui_rpc_port, gui_rpc_password
GUI RPC information. Included only if the <send_gui_rpc_info> element is included in the AM URL file (see above).
In addition, a list of projects and their suspended flags is included.

The return values are:

repeat_sec
A time interval after which another RPC should be done.
signing_key
The public key used to sign URLs, in an encoded notation. Use the BOINC crypt_prog program to generate this.
message
A message to be displayed to the user.
For each account, the following items are returned:
url
The project URL
url_signature
A signature for the URL. Use the BOINC crypt_prog program to generate this.
authenticator
The account's authenticator.
detach
If present, the client should detach this project.
update
If present, the client should contact this project to get new global preferences.
NOTE: the XML must be as above, with the <url> and <authenticator> elements on a single line, and the <account> and </account> tags on separate lines." ); list_end(); echo "

Host identification

BOINC uses two ID spaces for hosts:

An account manager RPC request includes the host's CPID, and its DBID on all projects to which it's attached (see above).

A suggested method of maintaining a user's hosts is as follows:

"; page_tail(); ?>