Table of Contents
dCache has an open interface to work with different authorization
services. With dCache you get two implementations of this interface:
gPlazma1
and gPlazma2
. Both are described in this chapter.
gPlazma
is an acronym for Grid-aware PLuggable AuthorZation
Management. Both implementations come with various plug-ins that implement
different authorization methods (e.g., Username/Password). gPlazma1
is grown over the last few years and provides with some older authorization
methods gPlazma2
does not. On the other hand: gPlazma2
has a
more modular structure, offers the possibility to add custom plug-ins and
is able to make use of some authorization techniques you cannot use with
gPlazma1
(i.e., centralised banning of users). Also gPlazma2
has an new PAM like configuration system that makes configuration very
easy.
Read the following sections and see which version matches your needs best.
If both do, we recommend to use gPlazma2
. For legacy reasons version
1
is used as default. To set the version set
gplazma.version
property in
/etc/dcache/dcache.conf
to
1
or 2
.
Example:
gplazma.version = 2
The recommended way to specify the version is to set it in dcache.conf
,
but if you prefer you might as well do it in the layout file.
Example:
[gPlazmaDomain] [gPlazmaDomain/gplazma] gplazma.version = 2
Note
If you don’t explicitly set the version to 2
then gPlazma1
will be used.