When the mapping is successful but the scope authz failed the chained authz plugin is called without the mapping info. I am referring to the following line:
https://github.com/xrootd/xrootd/blob/master/src/XrdSciTokens/XrdSciTokensAccess.cc#L408
How is the chained authz plugin expected to extract the mapping information from a token that it might not be able to decode? It would help if the new username
that is now populating the Entity->eaAPI[request.name]
should also be set for the new_secentity
that is passed to the OnMissing
call.
—
You are receiving this because you are subscribed to this thread.
Reply to this email directly, view it on GitHub, or unsubscribe.
Triage notifications on the go with GitHub Mobile for iOS or Android.
Use REPLY-ALL to reply to list
To unsubscribe from the XROOTD-DEV list, click the following link:
https://listserv.slac.stanford.edu/cgi-bin/wa?SUBED1=XROOTD-DEV&A=1