Mailing List Archives

Authenticated access

 		[Computer Systems Lab]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Condor-users] Error with SSL authentication and submitting jobs


Thanks Dan. I was placing NTSSPI after SSL and this was not working. When I reversed these everything worked.

Thank you for the help,
Mike

- - - - - - - - - - - - - - - - - - - - - - - - - -
Michael O'Donnell
ADP Software Specialist, ASRC Management Services
USGS Fort Collins Science Center
2150 Centre Ave., Bldg C
Fort Collins, CO 80526

Phone: 970.226.9407
Fax: 970.226.9230
Email: odonnellm@xxxxxxxx


From: Dan Bradley <dan@xxxxxxxxxxxx>
To: Condor-Users Mail List <condor-users@xxxxxxxxxxx>
Date: 04/26/2010 08:20 AM
Subject: Re: [Condor-users] Error with SSL authentication and submitting jobs
Sent by: condor-users-bounces@xxxxxxxxxxx





Under Linux, it is often convenient to authenticate users with the FS
authentication method.  One way to achieve that is to put FS before SSL
in the authentication methods list.  Under windows, NTSSPI may be used
in a similar way.

--Dan

Michael O'Donnell wrote:
> I have set up a small pool of computers with Condor for testing before
> scaling up. We are using SSL to authenticate client machines.
> Therefore, we generated SSL keys for each machine, specified these in
> the local config file, and specified the the mapping of these keys in
> the mapfile. All of this is working and all log files show
> authentication. I can see all clients and the central manager and
> everything looks good.
>
> When I try to submit a job I get the following error:
> Failed to set Owner="my username"
>
> We are specifying that SSL is required in the global config. I have a
> single machine that is allowed to submit jobs and the rest of the
> clients are allowed to execute jobs. It appears that the user also has
> to be authenticated, but I do not see a mechanism to set both users
> and client keys with the available config variables/arguments.
>
> I am wondering how I allow a user to submit jobs while using ssl for
> client machines.
> Can someone explain to me how I might approach this.
>
> Thanks,
> mike
> ------------------------------------------------------------------------
>
> _______________________________________________
> Condor-users mailing list
> To unsubscribe, send a message to condor-users-request@xxxxxxxxxxx with a
> subject: Unsubscribe
> You can also unsubscribe by visiting
> https://lists.cs.wisc.edu/mailman/listinfo/condor-users
>
> The archives can be found at:
> https://lists.cs.wisc.edu/archive/condor-users/
>  
_______________________________________________
Condor-users mailing list
To unsubscribe, send a message to condor-users-request@xxxxxxxxxxx with a
subject: Unsubscribe
You can also unsubscribe by visiting
https://lists.cs.wisc.edu/mailman/listinfo/condor-users

The archives can be found at:
https://lists.cs.wisc.edu/archive/condor-users/