[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Condor-users] Condor WS BirdBath security questions
- Date: Mon, 21 Aug 2006 10:38:21 -0500
- From: Matthew Farrellee <matt@xxxxxxxxxxx>
- Subject: Re: [Condor-users] Condor WS BirdBath security questions
BirdBath supports SSL mutual-authentication as of Condor 6.8. There
is a tutorial online from Condor Week 2006 that explains how to use
I don't know the specifics of the GridSAM plugin. I believe it
converts job descriptions into ClassAds for submission to Condor and
was written before the SSL authentication support was added to
BirdBath. Though, if you follow the tutorial you may not need to
change anything about the GridSAM plugin to use authentication.
On Aug 21, 2006, at 10:20 AM, Nathan Harmston wrote:
In order to use the Condor WS (BirdBath), it must be configured that
Condor allows anonymous users to submit jobs. This of course to my
departments SysAdmin seems very insecure. The problem occurs during
creation of a cluster for submission of a job and then when u submit a
job, you only need a username (which doesnt map to an allowed user of
the pool?), letsthrashtheharddrive.sh springs to mind.
Is there anyway to work around this and force Condor to authenicate
users through the webservices interface ?
Are there any plans to implement better security functionality in
BirdBath anytime soon?
I ve seen a paper integrating GridSAM and Condor and was wondering if
anyone knew about the security model used in this? Is GridSAM
via the Condor DRM anonymously or can this be setup differently?
PS The paper btw is Condor BirdBath - Web Service Interfaces to