/
TODO
39 lines (29 loc) · 1.24 KB
/
TODO
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
To do list:
===========
FQAN support:
-------------
Being able to push FQANs over the REST interface.
Proposal:
Send FQANs in the URI form: http://<uri>?subjectdn=<subject>&fqan=/dteam&fqan=/dteam/somegroup
Double identity aka pilot job support:
--------------------------------------
SSL + REST information, meaning double identity
Rate limiter/pool mapping commiter:
-----------------------------------
Being able to rate limit mapping requests.
Possibly by allowing endless mappings to occure, but being able to commit them
or release them on PAM failure, for example.
Sign response with private key of the LCMAPS-REST service
---------------------------------------------------------
Allows for caching of the data, while being able to verify that it originated
from it in the first place. This safes you the entire LCMAPS step on a cache
hit.
Back-map-feature
----------------
Implement backmapping from a different URI.
Proposal:
- Do this without LCMAPS.
- When GET'ing a poolaccount name, return the subject DN from the
gridmapdir from the same inode (when mapped). Alternatively when
pushing a subjectdn, lookup the gridmapdir's entry for this subjectdn
and return the poolaccount attached to the same inode.