Dear, No, I not using the -5.so extension: if exec xrootd xrd.protocol http:1094 /usr/lib64/libXrdHttp.so http.secxtractor libXrdVoms.so #http.cadir /etc/grid-security/certificates/ #http.cert /etc/grid-security/xrd/xrdcert.pem #http.key /etc/grid-security/xrd/xrdkey.pem #TLS config xrd.tls /etc/grid-security/xrd/xrdcert.pem /etc/grid-security/xrd/xrdkey.pem xrd.tlsca certdir /etc/grid-security/certificates xrootd.tls capable all -data http.exthandler xrdtpc libXrdHttpTPC.so http.exthandler xrdmacaroons libXrdMacaroons.so http.desthttps yes http.trace all -debug macaroons.secretkey /etc/xrootd/macaroon-secret #macaroons.onmissing allow macaroons.trace all ofs.authlib libXrdMacaroons.so http.listingdeny yes #http.staticpreload http://static/robots.txt /etc/xrootd/robots.txt #http.header2cgi Authorization authz fi I hope to be maped to group cms (g /cms or /cms/escms) but not as **logsices**: 210601 21:01:19 7828 anon.0:33@login1 sysXrdHttp: Setting host: [::ffff:10.10.150.1] http Protocol 'gsi' http Name 'locsices' http Host '[::ffff:10.10.150.1]' http Vorg 'cms cms' http Role 'NULL NULL' http Grps '/cms /cms/escms' http Caps '' http Pidn '' http Crlen 0 http ueid 0 http uid 0 http gid 0 210601 21:01:19 7828 sysXrdHttp: read 204 of 1048576 bytes 210601 21:01:19 7828 XrootdBridge: locsices.3:33@login1 login as locsices .... 210601 21:01:19 7828 acc_Audit: locsices.3:33@login1 deny gsi locsices@[::ffff:10.10.150.1] create /store/temp/stor.davix.011 .... Regards, I -- You are receiving this because you commented. Reply to this email directly or view it on GitHub: https://github.com/xrootd/xrootd/issues/1460#issuecomment-852371502 ######################################################################## Use REPLY-ALL to reply to list To unsubscribe from the XROOTD-DEV list, click the following link: https://listserv.slac.stanford.edu/cgi-bin/wa?SUBED1=XROOTD-DEV&A=1