We should add some detailed documentation about how iRODS works as a distributed system; specifically, how server-to-server redirects work for updating the catalog and moving data while connected to various servers of differing roles within or between iRODS zones.
I ran into some trouble with the pam_interactive plugin which could have been avoided (or at least easily solved) had I known that server-to-server connections are reused within any given agent. You can read about that story here: https://github.com/irods/irods_auth_plugin_pam_interactive/issues/47
It may be useful for others to know this information - and in more detail - as one develops iRODS features, debugs issues in a deployment, or plans out a system and writes policy. So, we should put it in the proper documentation so it's easier to learn about it.
We should add some detailed documentation about how iRODS works as a distributed system; specifically, how server-to-server redirects work for updating the catalog and moving data while connected to various servers of differing roles within or between iRODS zones.
I ran into some trouble with the
pam_interactiveplugin which could have been avoided (or at least easily solved) had I known that server-to-server connections are reused within any given agent. You can read about that story here: https://github.com/irods/irods_auth_plugin_pam_interactive/issues/47This comment gives some insight into how things are working under the hood: https://github.com/irods/irods/blob/bc2a9bf0d8d3587d1aad8bf6a9b3db650e0d6944/plugins/api/src/switch_user.cpp#L281-L284
It may be useful for others to know this information - and in more detail - as one develops iRODS features, debugs issues in a deployment, or plans out a system and writes policy. So, we should put it in the proper documentation so it's easier to learn about it.