Hi, I am trying to use VOMS to authorize a service running in GT4 container. For this I have installed VOMS on my Linux machine and it is running successfully. I have created a VO "test_vo_mysql" and added a user to that VO. I have assigned "VO-Admin" Role to the user. Now I want to authoirize a GT4 service based on the attributes using VOMS.
I created an attribute "ID" and assigned a value 100 for that user. I have followed the below mentioned guide written by Denis to authorize the service and it is working fine. http://www.nikhef.nl/~dennisvd/ws_voms_authz_howto.pdf The above guide authorize based on the ROLE. It specifies the ROLE in the below file: /usr/local/globus-4.0.7/etc/org_vlescience_webservices_deployment/attr-authz The content of the attr-authz is : /test_vo_mysql/Role=VO-Admin and the output of voms-proxy-init --vo test_vo_mysql:/test_vo_mysql/Role=VO-Admin is: . . . timeleft : 0:00:00 === VO test_vo_mysql extension information === VO : test_vo_mysql subject : /O=Grid/OU=GlobusTest/OU= simpleCA-sukeshini.cdacb.ernet.in/OU=cdacb.ernet.in/CN=Arpit Jain issuer : /O=Grid/OU=GlobusTest/OU= simpleCA-sukeshini.cdacb.ernet.in/CN=host/arpitjain.cdacb.ernet.in attribute : /test_vo_mysql attribute : /test_vo_mysql/Role=VO-Admin *attribute : ID = 100 (test_vo_mysql)* timeleft : 0:00:00 My question is whether I can authorize a service based on this attribute "ID" and how? Thanks Arpit
