Hi Olivier,
> - Do you know how the gatekeeper decides whether to use
> /etc/grid-security/grid-mapfile or /opt/edg/etc/lcmaps/gridmapfile ?
>
it uses the information in the VOMS proxy. if you for example create a
proxy with
voms-proxy-init -voms gridpp
and then you examine the proxy with voms-proxy-info -all you'll get at
the end the VOMS attribute extensions the user - me in this case - wanted.
=== VO gridpp extension information ===
VO : gridpp
subject : /C=UK/O=eScience/OU=Manchester/L=HEP/CN=alessandra forti
issuer :
[log in to unmask]
attribute : /gridpp/Role=NULL/Capability=NULL
timeleft : 12:00:00
If the CE can't match the attribute extensions it falls back on the
gridmapfile if it can't find anything there it obviously refuses access.
cheers
alessandra
--
*******************************************
* Dr Alessandra Forti *
* University of Manchester *
* Technical Coordinator - NorthGrid Tier2 *
* http://www.hep.man.ac.uk/u/aforti *
*******************************************
|