Commit c918cc9a authored by Michael Davis's avatar Michael Davis
Browse files

[frontend] Allow cta-admin to authenticate using SSS

parent e9246dcf
......@@ -72,9 +72,9 @@ void RequestMessage::process(const cta::xrd::Request &request, cta::xrd::Respons
case Request::kAdmincmd: {
// Validate that the Kerberos user is an authorized CTA Admin user
if(m_protocol != Protocol::KRB5) {
throw cta::exception::UserError("[ERROR] Admin commands must be authenticated using the Kerberos 5 protocol.");
// Check that the user is authorized
if(!(m_protocol == Protocol::KRB5 || m_protocol == Protocol::SSS)) {
throw cta::exception::UserError("[ERROR] Admin commands must be authenticated using Kerberos 5 or SSS");
}
m_scheduler.authorizeAdmin(m_cliIdentity, m_lc);
......
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment