Ok, so that is indeed like I thought it would work and is indeed the most clean and consistent solution. -- Fons Andreas Joachim Peters wrote: > Hi Fons, > don't worry, > I already have this plugin, the only difference is, that upto now I got > open(filename,opaque ...) > stat(url) > ....(url) > while in future, i will get > open(filename,opaque ...) > stat(filename,opaque ...) > > if all agree to this. For me this looks like a very clean implementation. > > The plugin is loaded, since it is configured in the xrootd.cnf file to be > used instead of the XrdOfs library. > > I just want to remark, that the plugin will be able to handle files for > different VO's, if other want to use it, since you will be able to pass > also > VO=CMS > as opaque information and the plugin will then use the CMS keys to check > the file authorization. > > There will be no need anymore to run different xrootd for each experiment. > Every VO just has to produce his private/public keypair. > > Cheers Andreas. > > > >>Hi Andy, >> >> this sound indeed most flexible. In practice how will this work out in the >>called function? Will Andreas have to provide a plugin that handles the opaque >>data for, e.g. stat, open, etc.? How, when will this plugin be loaded? Tagged >>on the opaque data? >> >>-- Fons >> >> >>Andrew Hanushevsky wrote: >> >>>Hi Andreas, >>> >>>OK, so it would appear that we will need to extract out the information >>>after the "?" and pass that as a separate parameter. I do that, instead of >>>passing the complete url, so as to not re-implement searching for the >>>opaque information in every function. The called function, hoewver, is >>>responsible for making sense of the opaque information. >>> >>>That does mean changing most file system calls to include the opaque >>>parameter. That also solves the olbd issue in a unified way. >>> >>>Do we all agree to go that route? >>> >>>Andy >>> >>>On Tue, 26 Apr 2005, Andreas Joachim Peters wrote: >>> >>> >>> >>>>As it is, it is absolutely fine for me. I would prefer, that the complete >>>>URL is always passed to any function and the function has to extract the >>>>part >>>>it needs. But as it is, it works perfectly for us. >>>> >>>>I use the following syntax: >>>> >>>> root://server.domain:port/<lfn>?&authz=<authorization block> >>>> >>>>Because even for a stat command it can be useful, that you can specify >>>>some environment variable like the stagepool the file is on. >>>> >>>>Cheers Andreas. >>>> >>>> >> >> > -- Org: CERN, European Laboratory for Particle Physics. Mail: 1211 Geneve 23, Switzerland E-Mail: [log in to unmask] Phone: +41 22 7679248 WWW: http://www.rademakers.org/fons/ Fax: +41 22 7679480