Mailing List Archives Public Access	UW Madison Computer Sciences Department Computer Systems Lab

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[HTCondor-users] separating capabilities in individual idtokens?

Date: Wed, 10 May 2023 15:49:01 +0200
From: Thomas Hartmann <thomas.hartmann@xxxxxxx>
Subject: [HTCondor-users] separating capabilities in individual idtokens?

Hi all,

is it actually possible to separate capabilities into individual idtokens?

E.g., a daemon/node should get READ and WRITE command capabilities.

Instead of generating a r/w token
  > condor_token_create -authz WRITE - -authz READ token rw.idtoken

would it be possible to use two separate tokens, one for read - one forwrite, and drop both into the deamon's tokens.d instead?

Or would the master pick and use the first token it finds for the trustdomain of the collector?


Cheers,
  Thomas

Attachment: smime.p7s
Description: S/MIME Cryptographic Signature

Follow-Ups:
- Re: [HTCondor-users] separating capabilities in individual idtokens?
  - From: Bockelman, Brian

Prev by Date: Re: [HTCondor-users] OOM & HTCondor 10 job submission to ARC-CE on CentOS7
Next by Date: Re: [HTCondor-users] separating capabilities in individual idtokens?
Previous by thread: [HTCondor-users] HPDC Achievement Award & Call for Participation!
Next by thread: Re: [HTCondor-users] separating capabilities in individual idtokens?
Index(es):
- Date
- Thread

Mailing List Archives

Public Access

[HTCondor-users] separating capabilities in individual idtokens?