Generic attributes support in VOMS
Generic attributes are name, value couples that can be assigned to VO
users and that end up in the attribute certificate issued by voms.
Voms-Admin (VA) provides the tools and interfaces to assign attributes to
users, groups and roles.
User attributes
VA CLI
VA Web UI
Group attributes
Role attributes
Planned developments
Lifetime management of generic attributes
Attributes get a lifetime at creation time (e.g., this attribute is valid for 10 days). If an attribute is not "refreshed" by an administrator before expiration, the attribute enters the "invalid" state. When this happens, an administrator is notified in order to:
- refresh the attribute in order to make it "valid" again, or
- remove the attribute.
The service can also be configured to automatically remove attributes that have been in the "invalid" state for a configurable amount of time and haven't been renewed/removed by an administrator.
--
AndreaCeccanti - 05 Oct 2006