Experimental Physics and Industrial Control System
|
Subject: |
Gateways and IOC UAG security: does username to relayed with request? |
From: |
Carl Schumann <[email protected]> |
To: |
[email protected] |
Date: |
Wed, 24 Mar 2010 11:38:01 -0500 |
Hi,
We have an IOC that only permits writes from a subset of users. The IOC
implements this security using UAG security and it works as expected for
applications running on the IOC's subnet. Applications that are not
on that IOC's subnet must access it through a gateway. These off the
subnet applications can not make any settings even for users that are in
the permitted subset. This has also been verified using cainfo.
Does the username of the user running the application make it through
the gateway to the IOC? Our guess is no, because the gateway
permissions are wide-open and writes to other IOC's without UAG security
work fine. How should this kind of issue be handled? I know there
is a -uid command line option but single uid will be correct for all users.
Thanks,
Carl Schumann
- Replies:
- Re: Gateways and IOC UAG security: does username to relayed with request? Martin L. Smith
- Navigate by Date:
- Prev:
Re: edm : TwoDProfileMonitorClass : cropping/resizing image Kate Feng
- Next:
Re: Gateways and IOC UAG security: does username to relayed with request? Martin L. Smith
- Index:
1994
1995
1996
1997
1998
1999
2000
2001
2002
2003
2004
2005
2006
2007
2008
2009
<2010>
2011
2012
2013
2014
2015
2016
2017
2018
2019
2020
2021
2022
2023
2024
- Navigate by Thread:
- Prev:
EPICS Base bugs moved to Launchpad Andrew Johnson
- Next:
Re: Gateways and IOC UAG security: does username to relayed with request? Martin L. Smith
- Index:
1994
1995
1996
1997
1998
1999
2000
2001
2002
2003
2004
2005
2006
2007
2008
2009
<2010>
2011
2012
2013
2014
2015
2016
2017
2018
2019
2020
2021
2022
2023
2024
|
ANJ, 02 Sep 2010 |
·
Home
·
News
·
About
·
Base
·
Modules
·
Extensions
·
Distributions
·
Download
·
·
Search
·
EPICS V4
·
IRMIS
·
Talk
·
Bugs
·
Documents
·
Links
·
Licensing
·
|