die 28/08/09, ad 00h21, Zachary Miller <zmiller@xxxxxxxxxxx> dixit : > > However something surprises me. Your configuration seems to mean that > > the AUTH_SSL_CLIENT_CERTFILE is "^/DC=org/DC=doegrids/OU=People/CN=Zach > > Miller 139787$" which would mean you can have only one user per host. > > Is it right? > > the mapping is "one ssl credential" translates to "one local uid". > > so if you are using a host certificate, then yes, everyone who submits using > that credential will end up as the same user. > > i'd suggest getting separate credentials for each user. if you are using > the host credential for submitting, is it currently readable by everyone? well, I have to find how to do that then, I mean defining a credential for each user. All I found is how to define a credential for a host (with AUTH_SSL_CLIENT_CERTFILE). Currently only one user can read it. > > By the way, I use COG library to submit jobs to our Globus grid from > > Windows. It includes an X509 proxy. Why can't we have the same with > > Condor? > > i'm afraid i'm not familiar with COG, but hopefully others are. feel free to > chime in! > > does it have one credential per submitter, or one for the entire service? if > it's one per service, how are the individual users authenticated? One credential per user, it is GSI. Olivier.
Description: Digital signature