Main Page | Modules | Data Structures | File List | Data Fields | Globals | Related Pages

voms plugin


lcas_voms.mod -vomsdir <vomsdir> -certdir <certdir> -authfile <authorization file> [-authformat <format of the authorization file>]


This plugin forms the link between the VOMS data found in the user grid credential (X509 certificate) and the lcas system. It will retrieve the VOMS data by using the VOMS API. The VOMS data will be checked against either a (simple) gridmap style file, a GACL-file or an XACML-file in order for the user job to be authorized on the site.


-VOMSDIR <vomsdir>

See -vomsdir

-vomsdir <vomsdir>

This is the directory which contains the certificates of the VOMS servers

-CERTDIR <certdir>

See -certdir

-certdir <certdir>

This is the directory which contains the CA certificates

-authfile <authorization file>

In this file the authorization/access control based on VOMS information is specified. The format of this file is 'simple' (gridmap style), 'gacl' or 'xacml', which can be specified explicitly with the option -authformat or will be derived form the suffix of the authorization file (.gacl and .xacml for 'gacl' and 'xacml' formats, otherwise 'simple').

-authformat <format of the authorization file>

Format of the autorization file, values: gacl/GACL, xacml/XACML or simple.

-gacl_use_voms_dn [yes|no|always]

GACL specific. This option specifies if the voms DN, found in the user certificate, should be included in the user gacl credential. Default is 'yes'. The following arguments are recognized:


If this option is set also user proxies without voms information will be processed. If the user dn of the proxy is present in the gacl or gridmapfile, the user is authorized by this plugin.



See bugzilla for known errors (


lcas_userallow.mod, lcas_userban.mod, lcas_timeslots.mod,
Generated on Fri May 27 18:10:49 2005 for lcas by doxygen 1.3.5