Difference: DynaFed (4 vs. 5)

Revision 52017-06-27 - mebert

Line: 1 to 1
 
META TOPICPARENT name="DynaFed"

Dynafed installation and user authentication

Line: 68 to 68
 

Authentication

Changed:
<
<

for clients using voms proxy

>
>

for clients using voms proxy (not needed if general certificate based authentication is used)

 
  • add in /etc/ugr/ugr.conf
    • glb.allowgroups[]: /atlas/* /myfed/S3-Atlas rl
  • restart httpd and memcached
Line: 86 to 86
  glb.authorizationplugin[]: libugrauthplugin_python27.so authplug1 ugrauth_gridmap isallowed
      • depending on OS and python version it needs to be python27 or python26
      • the correct version is in /usr/lib64/ugr/
Added:
>
>
    • NOTE: IF there are no glb.allow.... directives used then access will be granted (at least in a browser)
      • to activate authorization and deactivate general glb.allow-authorization, add also something like: glb.allowgroups[]: * /noexistent rld
      • important is to have something in there which doesn't exists, just to activate the general authorization system
 
    • in /etc/grid-security/ create the file accessfile
      • accessfile contains a line per directory and access mode
        • e.g.: /myfed/S3-Atlas atlas rl
 
This site is powered by the TWiki collaboration platform Powered by PerlCopyright © 2008-2019 by the contributing authors. All material on this collaboration platform is the property of the contributing authors.
Ideas, requests, problems regarding TWiki? Send feedback