search

opensciencegrid / xrootd-lcmaps

Integration between Xrootd and LCMAPS.
Apache License 2.0
4 stars 11 forks source link

Copy the authz key into the monitoring info. #22

Closed bbockelm closed 5 years ago

bbockelm commented 5 years ago

Some GSI modes map the DN hash to the XrdSecEntity.name structure, meaning that our monitoring no longer receives the actual DN - a significant decrease in capabilities.

This causes the LCMAPS plugin to always copy the authz key (a concatenation of the DN and VOMs attributes) into the moninfo; the monitoring system can fallback to utilizing this info when the DN hash is reported as the name.

With this, the decoded monitoring packet from the server has the following information (for both xrootd and HTTP protocols):

dn='6fb7593d.0',
info='/DC=ch/DC=cern/OU=Organic Units/OU=Users/CN=bbockelm/CN=659869/CN=Brian Paul Bockelman::dteam:/dteam,::'

Without this, the monitoring packet has (for the xrootd protocol):

dn='6fb7593d.0',
info='6fb7593d.0'

For the HTTP protocol, the info attribute was always left blank.

bbockelm commented 5 years ago

Works well on the test server and RPM builds out OK.