[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Condor-users] SSL + windows

> However something surprises me. Your configuration seems to mean that
> the AUTH_SSL_CLIENT_CERTFILE is "^/DC=org/DC=doegrids/OU=People/CN=Zach
> Miller 139787$" which would mean you can have only one user per host.
> Is it right?

the mapping is "one ssl credential" translates to "one local uid".

so if you are using a host certificate, then yes, everyone who submits using
that credential will end up as the same user.

i'd suggest getting separate credentials for each user.  if you are using
the host credential for submitting, is it currently readable by everyone?

> By the way, I use COG library to submit jobs to our Globus grid from
> Windows. It includes an X509 proxy. Why can't we have the same with
> Condor? 

i'm afraid i'm not familiar with COG, but hopefully others are.  feel free to
chime in!

does it have one credential per submitter, or one for the entire service?  if
it's one per service, how are the individual users authenticated?