Re: [gt-user] GT Dynamic Accounts / mapping attributes to pool accounts

Wed, 09 Jul 2008 08:17:40 -0700

This is what GUMS does. There is no need for common accounts unless they are useful to you for some other reason. We use GUMS mapping to individualized accounts, as well as allowing overrides based on VOMS AC attributes (and, as you say, hope to fold SAML-based ones ino the mix in the future).
The Teragrid folks I have talked to all seem impressed with the capabilities of GUMS, so even if they have a portal-based alternative, GUMS is still a good thing to look over: 

https://www.racf.bnl.gov/Facility/GUMS/1.2/index.html

Alan

On Jul 9, 2008, at 9:12 AM, Benjamin Henne wrote:


Hi globus users,


in conjunction with attribute-based authorization we think about an  
1:n mapping of attributes (primary VOMS attributes, maybe SAML in  
future) to local user accounts. The current VOMS and GridShib authz  
can only do a 1:1 mapping of an attribute to a local account. We  
want to have the possibility to map a group of users with the same  
attributes to different local (pool) accounts instead of sharing one  
account with multiple users.



I know about the Dynamic Accounts incubator project which currently  
would be the only way to realize what we want to do. Some days ago I  
asked about the current state of the DA Service on the da-user list.  
Dynamic Accounts currently is Hibernated, the current technical  
preview 6 is considered as being stable and there is no active  
development on its codebase. Additionally there is no plan to port  
Dynamic Accounts to GT4.2.



Mike D'Arcy wrote at da-user that a portal project of TeraGrid uses  
Dynamic Accounts. Are there any other projects using it? Are there  
any other projects that would be interested in "waking" this  
Hibernated incubator project (and porting it to GT4.2)?


Regards,
Benjamin


--
M.Sc. Benjamin Henne, Research Associate
Regionales Rechenzentrum fuer Niedersachsen (RRZN)
Gottfried Wilhelm Leibniz Universitaet Hannover
Contact: http://www.rrzn.uni-hannover.de/henne.html


Alan Sill, Ph.D
TIGRE Senior Scientist, High Performance Computing Center
Adjunct Professor of Physics
TTU

====================================================================
:  Alan Sill, Texas Tech University  Office: Admin 233, MS 4-1167  :
:  e-mail: [EMAIL PROTECTED]   ph. 806-742-4350  fax 806-742-4358  :
====================================================================
























					Reply via email to