[Swift-devel] Re: latest Falkon code is in SVN!
Ben Clifford
benc at hawaga.org.uk
Wed Sep 5 12:51:35 CDT 2007
On Fri, 31 Aug 2007, Ioan Raicu wrote:
> Right, bu default, all the scripts are without security. To enable security,
> one would have to modify 3 scripts (the service script -- remove -nosec
> option, the worker script -- replace http with https, and the client script --
> replace http with https), and update the etc/client-security-config.xml on the
> worker and client accordingly with the relevant security parameters. It is
> pretty straight forward, but I haven't got the chance to document it yet.
I made this change:
--- worker/etc/client-security-config.xml (revision 1191)
+++ worker/etc/client-security-config.xml (working copy)
@@ -1,8 +1,8 @@
<?xml version="1.0" encoding="UTF-8"?>
<!-- worker side -->
<securityConfig xmlns="http://www.globus.org">
-<!-- <authz value="self"/> -->
- <authz value="none"/>
+ <authz value="self"/>
+<!-- <authz value="none"/> -->
<!--<GSITransport>
<integrity/>
<privacy/>
but I get subject name errors when I run the worker, thusly:
Caused by: org.globus.common.ChainedIOException: Authentication failed
[Caused by: Operation unauthorized (Mechanism level: Authorization failed.
Expected "/CN=host/localhost" target but received
"/DC=org/DC=doegrids/OU=People/CN=Benjamin Clifford 418168")]
I'm expecting everything to be using my subject name and there to be no
host subject names anywhere.
I can give more details about the other changes I've made if it would be
useful.
--
More information about the Swift-devel
mailing list