Sorry, Rachana, I wasn't very clear. I mean that any PIP/PDP initialization caused by the authz chain configured in the global security descriptor occurs *after* the PIP/PDP initialization caused by the authz chain configured in the service security descriptor. Does that make sense?
Thanks, Tom On 9/5/07, Rachana Ananthakrishnan <[EMAIL PROTECTED]> wrote: > What do you mean by "load" ? When it is read in and parsed ? The container > security descriptor should be processed upon container start up in the case > of secure container. The service descriptor is loaded when the service is > first initialized. That happens when the service is first accessed unless > the property to activate on start up is set to true. > > If your question is which property is used, the service level authz (or any > property) will override the container level property. > > Rachana > > > -----Original Message----- > > From: [EMAIL PROTECTED] > > [mailto:[EMAIL PROTECTED] On Behalf Of Tom Scavo > > Sent: Wednesday, September 05, 2007 9:22 AM > > To: [email protected] > > Subject: [gt-user] load order of security descriptors > > > > Hi, > > > > I'm running Java WS Core 4.0.5 on Windows. I've configured a > > security descriptor with an authz chain at the container level > > (globus-wsrf-core) but the container-level descriptor loads > > *after* a custom service-level descriptor > > (gridshib-gt-echo-0_6_0). Is this expected? Should the > > container-level descriptor (if present) load > > *before* any service-level descriptors? > > > > Thanks, > > Tom > > > > > >
