Print

Print

It's possible but we would need to add that feature and it's not even clear where to put it in as the DN is not readily available outside of the particular security stack being used

Why not have a trace level that dumps the contents of the XrdSecEntity at the beginning of the security session? Looking quickly at the GSI plugin, it seems that you can ask it to drop the DN into the moninfo field.

This would also cover the other security plugins as well.

default EU GDPR does not allow displaying such information without additional privacy protections that we aren't able to implement

I'm not entirely sure this is entirely true - GDPR is more of a framework on what you need to do manage PII rather than a set of yes/no. However, I can see several reasons why this would be off by default in many setups (some sites will simply object to the volume of data!).

 Note this may help with various site traceability requirements as well.


Reply to this email directly, view it on GitHub, or unsubscribe.
You are receiving this because you are subscribed to this thread.Message ID: <xrootd/xrootd/issues/1738/1188490709@github.com>

[ { "@context": "http://schema.org", "@type": "EmailMessage", "potentialAction": { "@type": "ViewAction", "target": "https://github.com/xrootd/xrootd/issues/1738#issuecomment-1188490709", "url": "https://github.com/xrootd/xrootd/issues/1738#issuecomment-1188490709", "name": "View Issue" }, "description": "View this Issue on GitHub", "publisher": { "@type": "Organization", "name": "GitHub", "url": "https://github.com" } } ]

Use REPLY-ALL to reply to list

To unsubscribe from the XROOTD-DEV list, click the following link:
https://listserv.slac.stanford.edu/cgi-bin/wa?SUBED1=XROOTD-DEV&A=1