New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Use the FTS instance domain as audience #6590
Comments
dchristidis
added a commit
to dchristidis/rucio
that referenced
this issue
Mar 29, 2024
The discussion on how the Audience claim should be handled is still on-going. However, the FTS team has expressed their wish to stop supporting the WLCG wildcard audience. For the time being, it was agreed to use the domain of the targeted FTS instance, mimicking how it’s done for tokens destined at storages.
dchristidis
added a commit
to dchristidis/rucio
that referenced
this issue
Mar 29, 2024
The discussion on how the Audience claim should be handled is still on-going. However, the FTS team has expressed their wish to stop supporting the WLCG wildcard audience. For the time being, it was agreed to use the domain of the targeted FTS instance, mimicking how it’s done for tokens destined at storages.
rdimaio
pushed a commit
that referenced
this issue
Mar 29, 2024
The discussion on how the Audience claim should be handled is still on-going. However, the FTS team has expressed their wish to stop supporting the WLCG wildcard audience. For the time being, it was agreed to use the domain of the targeted FTS instance, mimicking how it’s done for tokens destined at storages.
bari12
pushed a commit
that referenced
this issue
Apr 2, 2024
The discussion on how the Audience claim should be handled is still on-going. However, the FTS team has expressed their wish to stop supporting the WLCG wildcard audience. For the time being, it was agreed to use the domain of the targeted FTS instance, mimicking how it’s done for tokens destined at storages.
voetberg
pushed a commit
to voetberg/rucio
that referenced
this issue
Apr 15, 2024
The discussion on how the Audience claim should be handled is still on-going. However, the FTS team has expressed their wish to stop supporting the WLCG wildcard audience. For the time being, it was agreed to use the domain of the targeted FTS instance, mimicking how it’s done for tokens destined at storages.
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Description
The use of the WLCG wildcard audience for the FTS authentication tokens was used for the Data Challenge. Now it can be made so that the token targets a particular FTS instance.
rucio/lib/rucio/transfertool/fts3.py
Lines 833 to 837 in bed3f05
Motivation
The FTS development team explicitly requested to stop supporting the WLCG wildcard audience.
Change
Replace
'https://wlcg.cern.ch/jwt/v1/any'
withfts_hostname
.The text was updated successfully, but these errors were encountered: