Dear Globus Users, I just installed a brandnew Globus Toolkit 4.2.1 and I wonder, if I can use some PEPs and PIPs to decide the following:
Working with Grid user certificates and a server certificate I want to map all user certificates to a certain Unix user (from the grid-mapfile), that are either signed by the above mentioned server certificate, or maybe have instead some additional SAML attributes in the user certificate. We are using a CreateReadUpdateDelete service in the TextGrid project to write to the Grid, and want to allow this service to write to the Grid only if users address that service, that are owning a Grid certificate (because our resource providers want to know exactly, who accesses the Grid). So we want to write as the service Grid user (to access the services' directory), if the user's certificate is signed by the services' certificate and to write as the user (to access the user's home directory), if not. Has someone experience with those issues or does someone know, how to configure the PEPs and PIPs? I couldn't find much information concerning those issues. Thank you for any help. All the best. Stefan. -- ----------------------------------------------------------------------- Stefan E. Funk DAASI International GmbH Phone DAASI : +49 7071 407109-6 Europaplatz 3 Phone SUB : +49 551 39-7700/12170 D-72072 Tübingen Email : [email protected] Germany Web : http://www.daasi.de Directory Applications for Advanced Security and Information Management -----------------------------------------------------------------------
