Mailing List Archives Authenticated access	UW Madison Computer Sciences Department Computer Systems Lab

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Condor-users] server authorization in condor-g

Date: Mon, 27 Oct 2008 15:43:21 -0500
From: Martin Feller <feller@xxxxxxxxxxx>
Subject: [Condor-users] server authorization in condor-g

Hi,

I just tried to submit jobs using condor-g (v7.1.3) to a GT server
(4.1.1) that runs with a user proxy, and not with "real" host
credentials. I'm getting the following exception in the Gridmanager log:

...
10/27 15:02:06 [22571] GAHP[22573] (stderr) ->  faultCode: {http://schemas.xmlsoap.org/soap/envelope/}Server.userException
10/27 15:02:06 [22571] GAHP[22573] (stderr) ->  faultSubcode:

10/27 15:02:06 [22571] GAHP[22573] (stderr) -> faultString: org.globus.common.ChainedIOException: Authentication failed [Caused by: Operation unauthorized(Mechanism level: Authorization failed. Expected "/CN=host/<HOST_NAME>" target but received "/DC=org/DC=.../OU=.../CN=...")]

...

I didn't find anything in the documentation about this, but a glance
at the Gahp code from (v1.7.0) seems to indicate that only
HostAuthorization can be used, but i might be wrong, and it might have
changed in the meantime.

Is there a way to e.g. specify a DN in the condor-g job description so
that IdentityAuthorization instead of HostAuthorization is used in all
calls to a server?

Thanks, Martin

Prev by Date: Re: [Condor-users] How to make condor suspend jobs partially
Next by Date: Re: [Condor-users] Basic installation
Previous by thread: [Condor-users] Job log permissions when running Condor as user "condor"
Next by thread: [Condor-users] problem facing with execute the command ./condor_install
Index(es):
- Date
- Thread

Mailing List Archives

Authenticated access

[Condor-users] server authorization in condor-g