Mailing List Archives Public Access	UW Madison Computer Sciences Department Computer Systems Lab

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [HTCondor-users] dirty AFS hook stuff?

Date: Mon, 11 Nov 2013 12:17:29 -0600
From: Zachary Miller <zmiller@xxxxxxxxxxx>
Subject: Re: [HTCondor-users] dirty AFS hook stuff?

On Mon, Nov 11, 2013 at 01:10:01PM -0500, Rich Pieri wrote:
> If I interpret the security section of the Condor manual correctly then
> this isn't true at all. What Condor calls authentication is not
> verification of a user's identity. It is verification of a user's
> permissions to use the pool's resources.

To clarify, there are two distinct steps:  Authentication and Authorization.

Condor does authenticate users identities, using a variety of mechanims
including Kerberos, GSI, SSL, and others.  These are specified in the
*_AUTHENTICATION_METHODS config entries.

Once the identity is established, authorization based on that identity is
done.  These are specified in the ALLOW_* (and DENY_*) config entries.

Cheers,
-zach

References:
- [HTCondor-users] dirty AFS hook stuff?
  - From: Pek Daniel
- Re: [HTCondor-users] dirty AFS hook stuff?
  - From: Rich Pieri
- Re: [HTCondor-users] dirty AFS hook stuff?
  - From: Pek Daniel
- Re: [HTCondor-users] dirty AFS hook stuff?
  - From: Brian Bockelman
- Re: [HTCondor-users] dirty AFS hook stuff?
  - From: Rich Pieri
- Re: [HTCondor-users] dirty AFS hook stuff?
  - From: Zachary Miller
- Re: [HTCondor-users] dirty AFS hook stuff?
  - From: Rich Pieri

Prev by Date: Re: [HTCondor-users] accounting groups
Next by Date: Re: [HTCondor-users] dirty AFS hook stuff?
Previous by thread: Re: [HTCondor-users] dirty AFS hook stuff?
Next by thread: Re: [HTCondor-users] dirty AFS hook stuff?
Index(es):
- Date
- Thread

Mailing List Archives

Public Access

Re: [HTCondor-users] dirty AFS hook stuff?