Hi Brian,<br>
<br>
Just realized, your plugin doesn&#39;t know anything about the bridge, right? <br>
If so, I can plop a pointer to an authorization object in the XrdOucEnv <br>
object passed to the protocol plugin. Then you&#39;ll have access to all the <br>
methods using whatever the config was in the ofs. Will that be better for <br>
you?<br>
<br>
Andy<br>
<br>
On Wed, 4 Mar 2020, Brian P Bockelman wrote:<br>
<br>
&gt; This sounds very promising!<br>
&gt;<br>
&gt; (One aside on the manual text for this - I was very confused by this sentence in the manual:<br>
&gt; ```<br>
&gt; ++        The specified plug-in should stack on top of the existing plug-in or default. Once specified, it cannot be overridden by a subsequent directive,<br>
&gt; ```<br>
&gt;<br>
&gt; I read this as saying &quot;this can only be used once&quot;, which somewhat contradicts what you wrote above.  A clarification in the manual would be appreciated.)<br>
&gt;<br>
&gt; The second unpleasant piece in this code is the fact that, within the HTTP handler, we need to have access to the `XrdAccAuthorize` object used by the OFS to generate the appropriate permissions for the Macaroon.<br>
&gt;<br>
&gt; Is there such a way to do that?  This is currently accomplished by directly constructing the object and via a reimplementation of the `ofs.authlib` logic.  There&#39;s not much gain if we significantly clean up this usage only to add more complexity elsewhere.  What you point out only helps the case of making an authorization object for the `ofs` and not recreating it in the plugin.<br>
&gt;<br>
&gt; Thanks!<br>
&gt;<br>
&gt; -- <br>
&gt; You are receiving this because you modified the open/close state.<br>
&gt; Reply to this email directly or view it on GitHub:<br>
&gt; https://github.com/xrootd/xrootd/pull/1147#issuecomment-595025513<br>


<p style="font-size:small;-webkit-text-size-adjust:none;color:#666;">&mdash;<br />You are receiving this because you commented.<br />Reply to this email directly, <a href="https://github.com/xrootd/xrootd/pull/1147?email_source=notifications&amp;email_token=AA7NRDXKZCBBFOURDSQA7S3RF4Y2FA5CNFSM4LB4Q6F2YY3PNVWWK3TUL52HS4DFVREXG43VMVBW63LNMVXHJKTDN5WW2ZLOORPWSZGOEN3X6HQ#issuecomment-595033886">view it on GitHub</a>, or <a href="https://github.com/notifications/unsubscribe-auth/AA7NRDRPWD62MA4WYJ3DYZTRF4Y2FANCNFSM4LB4Q6FQ">unsubscribe</a>.<img src="https://github.com/notifications/beacon/AA7NRDTHKUUUKW6D7NES6F3RF4Y2FA5CNFSM4LB4Q6F2YY3PNVWWK3TUL52HS4DFVREXG43VMVBW63LNMVXHJKTDN5WW2ZLOORPWSZGOEN3X6HQ.gif" height="1" width="1" alt="" /></p>
<!cript type="application/ld+json">[
{
"@context": "http://schema.org",
"@type": "EmailMessage",
"potentialAction": {
"@type": "ViewAction",
"target": "https://github.com/xrootd/xrootd/pull/1147?email_source=notifications\u0026email_token=AA7NRDXKZCBBFOURDSQA7S3RF4Y2FA5CNFSM4LB4Q6F2YY3PNVWWK3TUL52HS4DFVREXG43VMVBW63LNMVXHJKTDN5WW2ZLOORPWSZGOEN3X6HQ#issuecomment-595033886",
"url": "https://github.com/xrootd/xrootd/pull/1147?email_source=notifications\u0026email_token=AA7NRDXKZCBBFOURDSQA7S3RF4Y2FA5CNFSM4LB4Q6F2YY3PNVWWK3TUL52HS4DFVREXG43VMVBW63LNMVXHJKTDN5WW2ZLOORPWSZGOEN3X6HQ#issuecomment-595033886",
"name": "View Pull Request"
},
"description": "View this Pull Request on GitHub",
"publisher": {
"@type": "Organization",
"name": "GitHub",
"url": "https://github.com"
}
}
]</script>
<br>
<hr>
<p align="left">
Use REPLY-ALL to reply to list</p>
<p align="center">To unsubscribe from the XROOTD-DEV list, click the following link:<br>
<a href="https://listserv.slac.stanford.edu/cgi-bin/wa?SUBED1=XROOTD-DEV&A=1" target="_blank">https://listserv.slac.stanford.edu/cgi-bin/wa?SUBED1=XROOTD-DEV&A=1</a>
</p>