<?xml version="1.0" encoding="UTF-8"?> <authorizationManager recheck="300"> <policy name="Policy_1" default="true"> <repository name="OR_repository" type="or"> <repository name="Repository_1" type="map"> <map name="Regex_map" type="regex" modify="false"> <map name="Table_map" type="table" modify="false"> <param key="/O=EDG/OU=cern.ch/CN=.*" value="NormalAccess" /> <param key="/O=EDG/OU=.*" value="RestrictedAccess" /> <param key="/O=.*" value="NoAccess" /> </map> </map> </repository> <repository name="Repository_2" type="map"> <map name="Gridmapfile_map" type="file" modify="true"> <filename>/etc/grid-security/gridmap</filename> <filetype>gridmap</filetype> <refreshperiod>-1</refreshperiod> </map> </repository> </repository> <translation> <map name="Translation_map" type="db" modify="false"> <dbName dbname="GRIDSecurity" /> <Table table="transl" /> <Driver driver="org.gjt.mm.mysql.Driver" /> <Url url="jdbc:mysql://localhost:3306/GRIDSecurity" /> <userName username="grid_user" /> <passWord passwd="grid_password" /> <refreshInterval interval="300" /> </map> </translation> </policy> </authorizationManager>
This configuration file defines:
One Authorization Manager with a periodic reload of its configuration
every 300 seconds.
The Authorization Manager contains one Policy named `Policy_1', which is
the default Policy.
Policy_1 contains one AttributeRepository named `OR_repository' of type `or'
and one Translation section.
OR_repository contains one AttributeRepository named `Repository_1'
of type `map' and one AttributeRepository named `Repository_2' of type
`map'.
Repository_1 contains one AttributeMap named `Regex_map' of type `regex'
and not modifiable.
Regex_map contains one AttributeMap named `Table_map' of type `table',
not modifiable, that contains three associations.
Repository_2 contains one AttributeMap named `Gridmapfile_map' of type
`file', modifiable, based on a gridmap file located at
`/etc/grid-security/gridmap' and reloaded every time the content of the
file is modified.
The Translation section contains one AttributeMap named `Translation_map'
of type `db', not modifiable, based on the `transl' table of database
`GRIDSecurity', accessible at the url
`jdbc:mysql://localhost:3306/GRIDSecurity' with a
`org.gjt.mm.mysql.Driver' JDBC driver, authenticating with username
`grid_user' and password `grid_password', reloaded every 300 seconds.