Hi Dimitris,
On Wed, 10 Sep 2008, Dimitris Zilaskos wrote:
> In your top group ACL, do you have
>
> Any Authenticated User
> Dummy Certificate Authority
> listed?
Yes, right now with read permission for all categories. Previosly with
read for 'Container' & 'Membership'. No difference, clients seem to have
insufficient rights to list members...
>
> Hernath Szabolcs wrote:
>> Dear List,
>>
>> we have upgraded a VOMS server from gLite 3.0 -> 3.1, using the 'upgrade'
>> procedure of the gLite VOMS Server Installation & Configuration Guide
>> (section 3). Voms runs fine and signs proxies all right, but voms-admin
>> has issues.
>>
>> Although the default ACL has been set as per the guide ("Container rights:
>> Read permission" and "Membership rights: Read permission" for the top
>> group, see section 3.7), stil only VO Admins can get a memberlist, and as
>> a consequence, relevant grid-mapfile sections cannot be generated.
>>
>> gLite security trustmanager acknowledges the authenticated entities, but
>> clients get an internal server error:
>>
>> org.glite.security.voms.admin.common.VOMSAuthorizationException:
>> Insufficient privileges to perform "ListMemberNamesOperation"
>>
>> Even extending the ACL with read permission to all rights did not help.
>> Any help is appreciated. Thankyou,
>> Regards
>>
>> Szabolcs Hernath
>>
>
>
> --
> =============================================================================
> Dimitris Zilaskos
> GridAUTH Operations Centre @ Aristotle University of Thessaloniki , Greece
> Tel: +302310998988 Fax: +302310994309
> http://www.grid.auth.gr
> =============================================================================
>
>
|