-
Notifications
You must be signed in to change notification settings - Fork 149
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
[XrdCrypto][XrdHttp] Extract DN from user (proxy, multi-proxy) certif… #1239
[XrdCrypto][XrdHttp] Extract DN from user (proxy, multi-proxy) certif… #1239
Conversation
…icate and properly handle the gridmap-file functionality when accessing through HTTP Conflicts: src/XrdHttp/XrdHttpProtocol.cc src/XrdHttp/XrdHttpProtocol.hh
Did this get closed by accident? The commit message in e6a7b0b closed this PR but clearly is unrelated. |
Inadvertent close. |
Hi Brian,
Thanks for pointing this out. The commit message referenced the wrong
issue.
Andy
…On Sun, 5 Jul 2020, Brian P Bockelman wrote:
Did this get closed by accident? The commit message in e6a7b0b closed this PR but clearly is unrelated.
--
You are receiving this because you are subscribed to this thread.
Reply to this email directly or view it on GitHub:
#1239 (comment)
########################################################################
Use REPLY-ALL to reply to list
To unsubscribe from the XROOTD-DEV list, click the following link:
https://listserv.slac.stanford.edu/cgi-bin/wa?SUBED1=XROOTD-DEV&A=1
|
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Looks good. So, the only strong suggestion I have to allow a site to choose the policy for the voms extractor and gridmap file mapping. As I said in a previous mail file, that short circuits any dispute whether or not failure in either plugin should fail the whole authentication. Likely the easiest and most understandable addition is:
http.gridmap [require]
http.secxtrator [require]
So, simply, if "require" is specified then authentication should fail if the respective plugin returns failure. Now, I hate punching the button "request changes" because it makes it sound like something is wrong with your most recent changes. That is not so. However, the addition of the "require" policy would finally bring closure all the loose authentication ends in http. So, please understand.
(BTW the reason it took me so long is that I finally got away from a computer this long holiday weekend - yay).
…ridmap configuration directives Conflicts: src/XrdHttp/XrdHttpProtocol.cc
This is also ready now. |
Thanks Elvin but you are staying up way too late!
…On Wed, 8 Jul 2020, Elvin Sindrilaru wrote:
This is also ready now.
--
You are receiving this because you modified the open/close state.
Reply to this email directly or view it on GitHub:
#1239 (comment)
|
…icate and properly
handle the gridmap-file functionality when accessing through HTTP
Conflicts:
src/XrdHttp/XrdHttpProtocol.cc
src/XrdHttp/XrdHttpProtocol.hh
This PR provides the same functionality as #1238 but is done against stable-4.12.x and doesn't use any Tls object since they don't exist in the R4 version.