Thanks - updated documentation. Comma-separated values are required. Rachana
> -----Original Message----- > From: [EMAIL PROTECTED] > [mailto:[EMAIL PROTECTED] On Behalf Of Tom Scavo > Sent: Friday, November 07, 2008 3:45 PM > To: GT User > Subject: Re: [gt-user] questions re security descriptors > > 11. Trusted Certificates > > The text says the values are comma-separated but the example shows > space-separated values. > > On Fri, Nov 7, 2008 at 4:35 PM, Tom Scavo <[EMAIL PROTECTED]> wrote: > > Some questions about the Java WS A&A Security Descriptor Framework > > documented here: > > > > > http://www.globus.org/toolkit/docs/4.2/4.2.1/security/wsaajava > /descriptor/ > > > > 4. Administrator Authorization Chain > > > > "The decision returned by this chain overrides subsequent > > authorization decisions. That is, if the administrator's > authorization > > chain returns a deny, the rest of the configured authorization (at > > container/service/resource) is not evaluated and the operation is > > denied. If the administrator's chain returns the permit, the rest of > > the configuration is evaluated to see if the operation is allowed." > > > > The above combining algorithm doesn't sound like any combining > > algorithm I know. If the Administrator Authorization Chain > "overrides > > subsequent authorization decisions," why doesn't permit override the > > rest of the configured authorization (at > container/service/resource)? > > > > Does the <adminAuthz> element take a combiningAlg attribute? > > > > 5. Authorization > > > > What are possible values of the combiningAlg attribute? > > > > Are other elements besides <param:nameValueParam> supported > out of the > > box? For example, are multi-valued parameters supported? > > > > Thanks, > > Tom > >
