Well, the short answer is yes, it is possible but then you have a server where anyone can actually come in wihout authentication because I can easily setup a client that bypasses GSI. What your banking on that if some does bypass strong authentication you will *always* catch it because they wouldn't have the correct authorization token. We haven't certified that this is the case so in effect you're allowing anonymous logins. Yes, I am not a proponent of that scheme for obvious security implications. Tha said, you can do that by adding some useless authentication scheme in addition to GSI (e.g. unix authentication). In this case, define GSI first, then unix second. If gsi fails, the client will try unix which always succeeds. Andy On Mon, 4 May 2020, Derek Weitzel wrote: > Ah, I think I used the wrong words. My goal is to have a server that will use GSI or Tokens to retrieve data. Is there a way for a xrootd server to accept a non-gsi authentication (no authentication), then use tokens for authorization? While at the same time, also allowing connections with GSI authentication and authorization? > > -- > You are receiving this because you commented. > Reply to this email directly or view it on GitHub: > https://github.com/xrootd/xrootd/issues/1188#issuecomment-623746730 -- You are receiving this because you commented. Reply to this email directly or view it on GitHub: https://github.com/xrootd/xrootd/issues/1188#issuecomment-623754133 ######################################################################## Use REPLY-ALL to reply to list To unsubscribe from the XROOTD-DEV list, click the following link: https://listserv.slac.stanford.edu/cgi-bin/wa?SUBED1=XROOTD-DEV&A=1