next up previous
Next: Authorization Filter Up: Authorization Framework Overview Previous: Authorization Framework Overview

Authorization Manager

The Authorization Manager is a coarse-grained authorization module. It is an authorization engine able to determine whether a grid client is associated with a given attribute (also known as 'role').
It verifies that the subject DN, extracted from the X.509 certificate presented by a client, is associated with a given attribute. Optionally it can perform a translation phase: after establishing that the client indeed is authorized, it translates the associated attribute into a local-ID value, understandable by a specific application.



2004-07-02