There is no way to forward user x509 proxies via the Xcache. However, you can still provide access control. Simply setup authorization within Xcache like you would do in a standard data server. This works because Xcache does authenticate clients based on the x509 cert, if so enabled. The client's identity can then be used for authorization purposes. That way, unauthorized users will not be able to access prohibited data even though Xcache itself can.

—
Reply to this email directly, view it on GitHub, or unsubscribe.
You are receiving this because you are subscribed to this thread.

[ { "@context": "http://schema.org", "@type": "EmailMessage", "potentialAction": { "@type": "ViewAction", "target": "https://github.com/xrootd/xrootd/issues/1693#issuecomment-1112767042", "url": "https://github.com/xrootd/xrootd/issues/1693#issuecomment-1112767042", "name": "View Issue" }, "description": "View this Issue on GitHub", "publisher": { "@type": "Organization", "name": "GitHub", "url": "https://github.com" } } ]

Use REPLY-ALL to reply to list

To unsubscribe from the XROOTD-DEV list, click the following link:
https://listserv.slac.stanford.edu/cgi-bin/wa?SUBED1=XROOTD-DEV&A=1