The SST has been configured to use the grid-map file for user credential verification. Here is an excerpt from the log that demonstrates an unauthorized user attempting to access the SST.
Log File:
Jan 13, 2009 3:20:18 PM org.globus.wsrf.impl.security.authorization.GridMapAuthorization isPermitted
WARNING: Gridmap authorization failed: peer "/O=Messed/OU=updomain.net/OU=Some Organization/OU=updomain.net/CN=Bubba Gump" not in gridmap file.
Jan 13, 2009 3:20:18 PM org.globus.wsrf.impl.security.authorization.ServiceAuthorizationChain authorize
WARNING: "/O=Messed/OU=updomain.net/OU=Some Organization/OU=updomain.net/CN=Bubba Gump" is not authorized to use operation: {http://transfer.blahdomain.com/TransferService}storeFile on this service
We are currently researching a method for doing this via the Globus / Tomcat configuration files. This configuration is currently built into the SST gar file.
Thursday, January 15, 2009
Subscribe to:
Post Comments (Atom)
Posts
No comments:
Post a Comment