Next: Authorization Filter
Up: Authorization Framework Overview
Previous: Authorization Framework Overview
The Authorization Manager is a coarse-grained authorization module.
It is an authorization engine able to determine whether a grid client is
associated with a given attribute (also known as 'role').
It verifies that the subject DN, extracted from the X.509 certificate
presented by a client, is associated with a given attribute.
Optionally it can perform a translation phase: after establishing that the
client indeed is authorized, it translates the associated attribute into a
local-ID value, understandable by a specific application.
2004-07-02