Hi all, is it actually possible to separate capabilities into individual idtokens? E.g., a daemon/node should get READ and WRITE command capabilities. Instead of generating a r/w token > condor_token_create -authz WRITE - -authz READ token rw.idtokenwould it be possible to use two separate tokens, one for read - one for write, and drop both into the deamon's tokens.d instead?
Or would the master pick and use the first token it finds for the trust domain of the collector?
Cheers, Thomas
Attachment:
smime.p7s
Description: S/MIME Cryptographic Signature