Print

Print

 

Redirection is another case where using the session token is probably useful - the client doesn't have to keep track as to whether the authz CGI header should be sent or dropped.

Yes that is what I was implying (fallback would have that advantage).

I'm not quite following. There's a subject in the token

ZTN does not check for the user. It only checks issuer and audience. A ZTN token does not require authorization data, only enough to demonstrate it is from a trusted issuer. At least that is how I understood our original discussion.


Reply to this email directly, view it on GitHub, or unsubscribe.
Triage notifications on the go with GitHub Mobile for iOS or Android.
You are receiving this because you commented.Message ID: <xrootd/xrootd/issues/1584/1035138825@github.com>

[ { "@context": "http://schema.org", "@type": "EmailMessage", "potentialAction": { "@type": "ViewAction", "target": "https://github.com/xrootd/xrootd/issues/1584#issuecomment-1035138825", "url": "https://github.com/xrootd/xrootd/issues/1584#issuecomment-1035138825", "name": "View Issue" }, "description": "View this Issue on GitHub", "publisher": { "@type": "Organization", "name": "GitHub", "url": "https://github.com" } } ]

Use REPLY-ALL to reply to list

To unsubscribe from the XROOTD-DEV list, click the following link:
https://listserv.slac.stanford.edu/cgi-bin/wa?SUBED1=XROOTD-DEV&A=1