 |
 |
Hi Elvin,
You are dealing with some pretty nasty code. I agree that the stacking mechanism in Macaroons is pretty ad hoc and we are trying to standardize how plugins are stacked. There seems to be precious little information on how macaroons fits into the whole authorization scheme. The idea of simply stacking the default authorization is bad and it's even worse by using the linking trick (I know you tried to correct that but the code got even more obscure). You are correct that there was no change to Macaroons but the whole stacking phenomena should follow the convention:
ofs.authlib ++
See: https://xrootd.slac.stanford.edu/doc/dev50/ofs_config.htm#_Toc8244755
It's not clear to me where the initial load goes and what is the directive being used to load this plugin. But how it manages stacking is pretty bad (as I said) and I don't want it to get even worse by plastering it over with patches.
The other issue is that we normally do back-ports not forward ports. The pull request should have been against git head not a stable release, especially when it's in a release cycle. It also puts us in the position of dropping it unless we port forwards.
So, what directive controls this Macaroons plugin? How does it relate to XrdAccAuthorize? It really seem pretty hacky the way it is now (which has nothing to do with your patches).
—
You are receiving this because you are subscribed to this thread.
Reply to this email directly, view it on GitHub, or unsubscribe.
Use REPLY-ALL to reply to list
To unsubscribe from the XROOTD-DEV list, click the following link:
https://listserv.slac.stanford.edu/cgi-bin/wa?SUBED1=XROOTD-DEV&A=1