On Sep 5, 2007, at 3:45 PM, Richard Wellner, Jr. wrote:
If we're talking about infrastructure options, gaards is another
interesting
option. We used it at Harvard to help implement their Crimson Grid
and it's
core to caBig as well.
http://dev.globus.org/wiki/Incubator/GAARDS
Gridshib (http://gridshib.globus.org/) would also be worth a look.
It does SAML attribute callouts.
But those are both grid-mapfile replacements, rather than grid-
mapfile management. There are also some tools to allow you to use a
dynamic pool of accounts, rather than requiring pre-existing
accounts. There's some documentation on that at http://
dev.globus.org/wiki/Incubator/Dynamic_Accounts/Documentation
It can re-use the anonymous pool of accounts used by gLite. Patches
for that are available from the VDT repository at http://
vdt.cs.wisc.edu/patches/1.7.1/. It's the 11__gss_assist_gridmap patch.
In short, there's a lot of work being done on authz beyond what a
grid-mapfile gets you.
Charles
