 |
 |
Hi @abh3 - Thought a bit more on the idea of `XrdProtocolAnon` over the weekend. The primary problem I see is the lack of compatibility for older clients -- the whole reason I delved into this proposed "anonymous mode" over the weekend was I have a use case where: 1. The network is secure (no MiTM). 2. I want to support users with a variety of old CMSSW versions. I still like the idea of having a separate token authentication protocol - but that's a touch more work (and will require a new client). So, I see two potential routes here: 1. We go forward with this new flag for the existing `XrdSecunix` plugin. 2. We implement a `XrdSecAnon` plugin that advertises itself at the wire protocol level as `unix`. One keeps compatibility with old releases but the local site admin has to very explicitly load it (can't operate in this mode by accident -- although I would guess the `sec.protocol unix anonymous` in the existing patch is pretty explicit...) -- You are receiving this because you are subscribed to this thread. Reply to this email directly or view it on GitHub: https://github.com/xrootd/xrootd/pull/1195#issuecomment-630184343 ######################################################################## Use REPLY-ALL to reply to list To unsubscribe from the XROOTD-DEV list, click the following link: https://listserv.slac.stanford.edu/cgi-bin/wa?SUBED1=XROOTD-DEV&A=1