Added X.509 authentication and grid-mapfile caching. (!5) · Merge requests · IGWN Computing and Software / GWDataFind / GWDataFind Server

The source project of this merge request has been removed.

Duncan Meacher requested to merge (removed):x509_auth into master Jul 02, 2020

Added a modularised version of the X.509 proxy certificate authorisation shown in merge request 4 with a place holder for SciTokens, which will be added later. The authorisation includes logging of the users X.509 cert subject and issuer information.

I have also implemented caching of the grid-mapfile, which uses similar methods to how the disk ache data is managed.

This has been tested with multiple X.509 proxies (cluster issued proxies, impersonation proxies that are generated on my laptop and then used to 'gsissh' into a cluster, and then UWM issued proxies), which produced the expected results.

This code is now ready to be reviewed and tested on a larger scale. @warren-anderson, @scott-koranda, it would be great if you could review this as well please.

Admin message

Added X.509 authentication and grid-mapfile caching.

Merge request reports