Trying to use libXrdVoms as http.secxtractor fails immediately for a plain certificate with the following message:
200702 11:01:14 28457 ?:381@esdss000 sysXrdHttp: Subject name is : '/DC=ch/DC=cern/OU=Organic Units/OU=Users/CN=esindril/CN=706330/CN=Elvin Alin Sindrilaru'
200702 11:01:14 28457 ?:381@esdss000 sysXrdHttp: Mapping name: /DC=ch/DC=cern/OU=Organic Units/OU=Users/CN=esindril/CN=706330/CN=Elvin Alin Sindrilaru --> eosarchi
200702 11:01:14 28457 XrdVomsFun: retrieval FAILED: VOMS extension not found!
200702 11:01:14 28457 ?:381@esdss000 sysXrdHttp: Certificate data extraction failed: /DC=ch/DC=cern/OU=Organic Units/OU=Users/CN=esindril/CN=706330/CN=Elvin Alin Sindrilaru Failed. err: -1
200702 11:01:14 28457 sysXrdHttp: Cleanup
200702 11:01:14 28457 sysXrdHttp: Reset
200702 11:01:14 28457 sysXrdHttp: XrdHttpReq request ended.
The behavior of the "old" http.secxtractor located below[1] is to return 0 also in case VOMS extraction failed since the HTTP code[2] fails an otherwise legitimate request.
[1] https://gitlab.cern.ch/lcgdm/xrdhttpvoms/-/blob/develop/XrdHttpVoms.cc#L219
[2] https://github.com/xrootd/xrootd/blob/master/src/XrdHttp/XrdHttpProtocol.cc#L437
I understand that the libXrdHttpVoms is not supported anymore but there should be a consistent behavior no matter the extractor used and moreover this is failing a request that should go through.
—
You are receiving this because you are subscribed to this thread.
Reply to this email directly, view it on GitHub, or unsubscribe.
Use REPLY-ALL to reply to list
To unsubscribe from the XROOTD-DEV list, click the following link:
https://listserv.slac.stanford.edu/cgi-bin/wa?SUBED1=XROOTD-DEV&A=1