Skip to content
Snippets Groups Projects
  1. Feb 22, 2022
  2. Oct 25, 2021
  3. Oct 23, 2021
  4. Oct 22, 2021
    • root's avatar
      7fa6a5f2
    • Reiner Hauser's avatar
      First GSSAPI server and client version. · c90b0026
      Reiner Hauser authored
      The 'gssapi' mechanism to acquire a daq token uses an existing
      kerberos ticket to authenticate to a server process, and gets
      a JWT token in return. The 'sub' attribute is the kerberos
      principal name without the realm.
      
      token_meister_gssapi is a supposed to run as a systemd
      service. It expects a keytab entry of the form
      
            atdaqjwt@host.cern.ch
      
      where 'host' is the machines official host name. The
      default port number is 8990 (can be changed in the
      systemd socket file).
      
      On the client side one can override the hardcoded host name
      and port number via two environment variables:
      
          TDAQ_TOKEN_GSSAPI_HOST
          TDAQ_TOKEN_GSSAPI_PORT
      c90b0026
  5. May 02, 2021
  6. Apr 29, 2021
  7. Apr 27, 2021
  8. Apr 11, 2021
  9. Apr 09, 2021
  10. Mar 21, 2021
  11. Mar 09, 2021
  12. Mar 07, 2021
  13. Mar 06, 2021
  14. Mar 05, 2021
  15. Mar 04, 2021
  16. Mar 03, 2021
Loading