 |
 |
Yes, I used the last posting of the config file for my suggestions. BTW you can drop the '1' in ofs.authorize as the mere specification of the directive enables authlib. I am not familiar with the http 2rd party copy implementation when it comes to macaroons vs SciTokens. Presumably, they are interchangeable but it's not clear from the code whether or not they actually are. Other than using the '++' notation there are no differences. Unfortunately, when the macaroons plugin was written it didn't follow normal guidelines and used some internal interfaces which make it hardwired to a particular authorization scheme. Switching to '++' avoids that problem but the old code is still there so it should work without the '++', though I recommend moving to it for R5. How lcmaps interacts with the whole thing is also a mystery since it would be used on the xroot side but not necessarily the http side. Best to get advice from the relevant OSG people. Now, according to your trace, the proper group and vorg mapping is taking place so it should have worked other than the interposition of macaroons which may be mapping in a completely different way. Unfortunately, due to how the plugin was written there is no way to display the final result except via gdb. -- You are receiving this because you commented. Reply to this email directly or view it on GitHub: https://github.com/xrootd/xrootd/issues/1460#issuecomment-852533410 ######################################################################## Use REPLY-ALL to reply to list To unsubscribe from the XROOTD-DEV list, click the following link: https://listserv.slac.stanford.edu/cgi-bin/wa?SUBED1=XROOTD-DEV&A=1