Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
gplazma: scitoken make ExemptFromNamespaceChecks principal optional
Motivation: A change, introduced with commit d9eb9a9, introduces a new @AuthenticationOutput principal: ExemptFromNamespaceChecks. However, that patch failed to provide a safe-guard that prevents that new principal being sent to dCache nodes that run a version of dCache that doesn't support that new principal. For example, if a Subject (containing ExemptFromNamespaceChecks) is sent to a pool node that doesn't support the principal then that message will fail to deserialise. This means that, for SciToken clients, dCache will no longer work correctly after upgrading gPlazma. Modification: Make the inclusion of the ExemptFromNamespaceChecks principal configurable, disabled by default. Add unit tests to verify correct behaviour. Result: Avoid an unreleased regression in backwards compatibility. Target: master Requires-notes: no Requires-book: no Request: 7.2 Request: 7.1 Request: 7.0 Request: 6.2
- Loading branch information
1 parent
14f2019
commit 08b81e3
Showing
3 changed files
with
61 additions
and
1 deletion.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters