Fermilab Computing Division

CS Document 2260-v1

Site Authorization Service at Fermilab

Document #:
CS-doc-2260-v1
Document type:
Presentation
Submitted by:
Selitha Raja
Updated by:
Selitha Raja
Document Created:
27 Jun 2007, 13:02
Contents Revised:
27 Jun 2007, 13:02
Metadata Revised:
27 Jun 2007, 13:02
Viewable by:
  • Public document
Modifiable by:

Quick Links:
Latest Version

Abstract:
A major policy requirement at Fermilab is that users of our computing resources must be registered and current. Rather than implement this through maintenance of separate gridmapfiles for each Grid Resource, FNAL has implemented a Site Authorization Service (SAZ). This structure parallels our current site authentication structure where sitewide access decisions are controlled centrally (by issuing KRB5 TGT's) and resource access decisions are controlled locally (though /etc/passwd entries). This service is similar in concept to the LCAS projects within EDG. Recent discussions between Globus, EDG, FNAL, and GGF Authentication WG (proposed) chair has lead to a proposal for a standard site authorization callout. Current status and compatability information will be presented.
Files in Document:
Associated with Events:
CHEP2003 held on 24 Mar 2003 in La Jolla, California
DocDB Home ]  [ Search ] [ Authors ] [ Events ] [ Topics ]

DocDB Version 8.8.9, contact Document Database Administrators