Content-type: text/html
Man page of libXrdSecgsiVOMS
libXrdSecgsiVOMS
Section: User Commands (1)
Updated: 25 March 2013
Index
Return to Main Contents
NAME
libXrdSecgsiVOMS - XRootD plug-in to extract VOMS attributes
SYNOPSIS
sec.protparm gsi -vomsfun:libXrdSecgsiVOMS.so
sec.protparm gsi -vomsfunparms:options
DESCRIPTION
The libXrdSecgsiVOMS plug-in provides an implementation of the
int XrdSecgsiVOMSFun(XrdSecEntity &ent)
int XrdSecgsiVOMSInit(const char *cfg)
functions making use of the official VOMS API libraries to validate and extract the VOMS attributes from a VOMS proxy.
OPTIONS
The following options are available:
certfmt={raw,pem,x509}
-
Certificate format: 'raw' to be used with XrdCrypto tools; 'pem' PEM base64 format (as in cert files);
grpopt=opt
-
What to do with the group names; defined as opt = sel * 10 + which, with 'sel' either 0 (consider all those present)
or 1 (select among those specified by the 'grps' option; see below), and 'which' either 0 (take the first one),
1 (take the last) or 2 (take all, comma separeted).
grps=grp1[,grp2,...]
-
Group(s) for which the information is extracted; if specified the grpopt 'sel' is set to 1 regardless of the setting; see NOTES below.
vos=vo1[,vo2,...]
-
VOs to be considered; the first match is taken; see NOTES below.
dbg
-
Force verbose mode.
Multiple options can be specified separated by '|'.
NOTES
Specifying 'grps' or 'vos' options forces a failure if the requested group and/or VO is not found. In this regard, this plug-in may
act as a sort of authorization filter. Note that most refined authorization based on VOMS information may be achieved using
the libXrdSecgsiAuthzVO plug-in distributed with XRootD.
EXAMPLES
The following example shows how configure the plugin to select VO=cms, select the first group, use the PEM format for the proxy
and switch on debugging; it shows also how to specify multiple options, either on the same line or on multiple lines.
-
sec.protparm gsi -vomsfun:libXrdSecgsiVOMS.so
sec.protparm gsi -vomsfunparms:grpopt=0|vos=cms|certfmt=pem
sec.protparm gsi -vomsfunparms:dbg
FILES
The plug-in files are
libXrdSecgsiVOMS.so
libXrdSecgsiVOMS.so.1
libXrdSecgsiVOMS.so.1.0.0
and are typically available under /usr/lib or /usr/lib64.
ENVIRONMENT
The environment X509_VOMS_DIR must be set to a valid directory; this is typically /etc/grid-security/vomsdir.
DIAGNOSTICS
The libXrdSecgsiVOMS plug-in requires libvomsapi.so and the openssl libraries. In case of load failuer it may be
useful to check with ldd if all the required dependencies are correctly resolved.
LICENSE
LGPL; see http://www.gnu.org/licenses/.
AUTHOR AND SUPPORT
The libXrdSecgsiVOMS plug-in has been implemented by Gerardo Ganis (Gerardo.Ganis@cern.ch).
Any request for support should addressed via the project main web site
https://github.com/gganis/vomsxrd
or via the XRootD support site
https://github.com/xrootd/xrootd
Index
- NAME
-
- SYNOPSIS
-
- DESCRIPTION
-
- OPTIONS
-
- NOTES
-
- EXAMPLES
-
- FILES
-
- ENVIRONMENT
-
- DIAGNOSTICS
-
- LICENSE
-
- AUTHOR AND SUPPORT
-
This document was created by
man2html,
using the manual pages.
Time: 14:22:47 GMT, April 05, 2013