 |
 |
:) @alrossi - Well I'm really happy I brought it up then! I think it comes down to whether-or-not the client should be changed to append the token to the CGI for all requests. This seems ... well, complex to be honest. The CGI should be inserted at all call points if and only if the user didn't override the authz setting and ZTN module was used for authentication - and the logic would need to be duplicated for token discovery (or a new API between the client and the ZTN module added). I can talk myself into saying @alrossi was right the first time and this should be used as a session token and allow the client to override it if desired. -- Reply to this email directly or view it on GitHub: https://github.com/xrootd/xrootd/issues/1584#issuecomment-1035122753 You are receiving this because you commented. Message ID: <[log in to unmask]> ######################################################################## Use REPLY-ALL to reply to list To unsubscribe from the XROOTD-DEV list, click the following link: https://listserv.slac.stanford.edu/cgi-bin/wa?SUBED1=XROOTD-DEV&A=1