Mailing List Archives Authenticated access	UW Madison Computer Sciences Department Computer Systems Lab

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [HTCondor-users] Using authentication

Date: Thu, 20 Jun 2013 09:05:20 -0500
From: Zachary Miller <zmiller@xxxxxxxxxxx>
Subject: Re: [HTCondor-users] Using authentication

> Searching the local and general config files did not give me a clear idea of
> where the authentication methods were being set.   From the web documentation I
> tried to setup simple PASSWORD authentication. 

PASSWORD authentication is great for authenticating daemon-to-daemon
communication, but it can't (well, shouldn't) be used for authenticating
users and job submissions.

In your config:

> SEC_DEFAULT_AUTHENTICATION_METHODS = PASSWORD

...you are using PASSWORD for all communication.  My suggestion would be to
also add FS to the list for authenticating users:

	SEC_DEFAULT_AUTHENTICATION_METHODS = FS, PASSWORD
	SEC_PASSWORD_FILE = /etc/condor/pool
	SEC_DAEMON_AUTHENTICATION_METHODS = PASSWORD
	ALLOW_DAEMON = condor_pool@$(UID_DOMAIN)/*.my.domain, \
				   condor@$(UID_DOMAIN)/$(IP_ADDRESS)
	ALLOW_NEGOTIATOR = condor_pool@$(UID_DOMAIN)/oracle1.my.domain
	ALLOW_ADVERTISE_STARTD = condor_pool@$(UID_DOMAIN)/*.my.domain


Let me know if you are still having trouble with that configuration.


Cheers,
-zach

Follow-Ups:
- Re: [HTCondor-users] Using authentication
  - From: Hugh Jennings

References:
- [HTCondor-users] Using authentication
  - From: Hugh Jennings

Prev by Date: [HTCondor-users] Using authentication
Next by Date: [HTCondor-users] IEEE Cloud Engineering 2014
Previous by thread: [HTCondor-users] Using authentication
Next by thread: Re: [HTCondor-users] Using authentication
Index(es):
- Date
- Thread

Mailing List Archives

Authenticated access

Re: [HTCondor-users] Using authentication