APEL/UsingAuth

From EGIWiki
Jump to: navigation, search

The authentication method is very simple. All messages received from the SSM come signed by a DN which is extracted by the SSM. In order for the messages to be accepted, that DN must be in a master file read by the SSM.

The Authentication gets DNs from three sources:

  • GOCDB: all nodes registered as glite-APEL
  • a file containing extra DNs which are allowed
  • a file containing DNs which are banned (this list takes precedence)

Configuration

  • The environment variable AUTH_HOME must be set to the directory containing bin/, conf/ and src/
  • edit $AUTH_HOME/conf/auth.log.cfg to specify the path to the log file.

Running

  • bin/run-auth