Hi all,
I hate to bother you with this, but I need to test dCache/xrootd
TPC interaction and I can't seem to get the xrootd server set up
correctly to accept the token that is issued to me by cilogon.
I have attached a description of the problem.
Also, I tried to revert to using demo tokens from the
demo.scitokens.org generator. xrootd rejects it:
220325 11:11:24 3012 scitokens_Validate: Failed to deserialize SciToken: token verification failed: Unknown profile version in token: scitoken:2.0
The demo token looks like this:
{
"ver": "scitoken:2.0",
"iss": "https://demo.scitokens.org",
"sub": "arossi",
"scope": "storage.create:/data/xrootdfs compute.create
compute.read compute.cancel compute.modify
storage.read:/data/xrootdfs",
"exp": 1648226355,
"iat": 1648225755,
"nbf": 1648225755,
"jti": "dc985830-fd90-49ae-a8fb-d08da5ec4c26"
}
I cannot eliminate the "ver" attribute (the generator keeps
including it). What does xrootd need to see as "ver" ?
(This problem is less important that trying to understand why
the cilogon token doesn't get me the needed permissions the way
I configured the server.)
Thank you for your help, and apologies for the bother.
Al
________________________________________________
Albert L. Rossi
Senior Software Developer
Scientific Computing Division, Scientific Data Services, Distributed Data Development
FCC 229A
Mail Station 369 (FCC 2W)
Fermi National Accelerator Laboratory
Batavia, IL 60510
(630) 840-3023
Albert L. Rossi
Senior Software Developer
Scientific Computing Division, Scientific Data Services, Distributed Data Development
FCC 229A
Mail Station 369 (FCC 2W)
Fermi National Accelerator Laboratory
Batavia, IL 60510
(630) 840-3023
Use REPLY-ALL to reply to list
To unsubscribe from the XROOTD-L list, click the
following link:
https://listserv.slac.stanford.edu/cgi-bin/wa?SUBED1=XROOTD-L&A=1