Dear;
I think i put the complet conf file ar the begining of the thread (https://github.com/xrootd/xrootd/files/6516114/xrootd-clustered.log)..xrootd server is working fine, and auth works too (using v5.1.1-1 in other 8 servers), this issue is only for http config and Third-Party-Copy

1.- ofs authorized is set to 1:
ofs.authorize 1
acc.authdb /etc/xrootd/Authfile
acc.audit deny grant

2.- I have been following this wiki (we are a CMS site), but this is only for v4 not v5 and use lcmaps instead of voms pluging:
https://twiki.cern.ch/twiki/bin/view/CMSPublic/XRootDoverHTTP
(This is working for me fine against the Authfile
sec.protocol /usr/lib64 gsi -dlgpxy:1 -exppxy:creds -ca:1 -crl:3 -gridmap:/dev/null -cert:/etc/grid-security/xrd/xrdcert.pem -key:/etc/grid-security/xrd/xrdkey.pem -certdir:/etc/grid-security/certificates -vomsfun:/usr/lib64/libXrdVoms.so -vomsfunparms:certfmt=raw|vos=ops,dteam,cms|grps=/cms /escms/,/cms,/escms,/cms/GGUSExpert,/cms/TEAM,/cms/ALARM,/ops,/dteam|dbg

  1. "locsices" or any other user should be fine if the http Grps '/cms /cms/escms' o http Vorg 'cms cms' was taken to match the authfile like xrootd is doing...or maybe i am wrong and http auth model is other?

regards, I


You are receiving this because you commented.
Reply to this email directly, view it on GitHub, or unsubscribe.

[ { "@context": "http://schema.org", "@type": "EmailMessage", "potentialAction": { "@type": "ViewAction", "target": "https://github.com/xrootd/xrootd/issues/1460#issuecomment-852396614", "url": "https://github.com/xrootd/xrootd/issues/1460#issuecomment-852396614", "name": "View Issue" }, "description": "View this Issue on GitHub", "publisher": { "@type": "Organization", "name": "GitHub", "url": "https://github.com" } } ]

Use REPLY-ALL to reply to list

To unsubscribe from the XROOTD-DEV list, click the following link:
https://listserv.slac.stanford.edu/cgi-bin/wa?SUBED1=XROOTD-DEV&A=1