Difference between revisions of "APEL/UsingAuth"
< APEL
Jump to navigation
Jump to search
(Created page with 'The authentication method is very simple. All messages received from the SSM come signed by a DN which is extracted by the SSM. In order for the messages to be accepted, that D…') |
|||
Line 9: | Line 9: | ||
* The environment variable AUTH_HOME must be set to the directory containing bin/, conf/ and src/ | * The environment variable AUTH_HOME must be set to the directory containing bin/, conf/ and src/ | ||
* edit $AUTH_HOME/conf/auth.log.cfg to specify the path to the log file. | * edit $AUTH_HOME/conf/auth.log.cfg to specify the path to the log file. | ||
== Running == | |||
* bin/run-auth |
Revision as of 17:05, 14 April 2011
The authentication method is very simple. All messages received from the SSM come signed by a DN which is extracted by the SSM. In order for the messages to be accepted, that DN must be in a master file read by the SSM.
The Authentication gets DNs from three sources:
- GOCDB: all nodes registered as glite-APEL
- a file containing extra DNs which are allowed
- a file containing DNs which are banned (this list takes precedence)
Configuration
- The environment variable AUTH_HOME must be set to the directory containing bin/, conf/ and src/
- edit $AUTH_HOME/conf/auth.log.cfg to specify the path to the log file.
Running
- bin/run-auth