Next: VOMS configuration
Up: Authorization Manager configuration file
Previous: Authorization Manager configuration file
The first template, gridmpapConfig.xml.template, configures the
Authorization Manager to use the gridmap file as the default
information-source for the authorization of client requests.
It contains two policies:
- gridmapPolicy: it is the default policy used to authorize incoming
requests. The client DN is searched among the entries of
the gridmap file. If there is a positive match the client is
authorized and is given a role corresponding to the local account
associated to the DN in the gridmap file.
The pathname of the gridmap file is specified in the <filename>
parameter: substitute
@GRIDMAP.FILE.LOCATION@ with the name of this file.
The frequency (in seconds) of reload of the gridmap file is specified in the
<refreshperiod> parameter; default value is `-1'.
- adminPolicy: it is the policy used to authorize requests
addressed to the Administration GUI. A static table is used to store
the DNs of the administrators.
Substitute the parameter @ADMINISTRATOR.DN@ with the DN of the administrator.
Replicate the entry
<param key="@ADMINISTRATOR.DN@" value="Administrator" /> with the
DN of each subject who is administrator of the Authorization Manager.
Next: VOMS configuration
Up: Authorization Manager configuration file
Previous: Authorization Manager configuration file
2004-05-05