Software Links
Getting Started
- A Globus Primer
- Globus Is Modular!
- Installing GT
- Quickstart
- Platform Notes
- GT Developer's Guide
- GT User's Guide
- Migrating Guides
Reference
- Best Practices
- Coding Guidelines
- API docs
- GT Commands
- Public Interfaces
- Resource Properties
- Samples
- Glossary
Manuals
Common Runtime
Security
Data Mgt
WS MDS
Execution Mgt
Table of Contents
During host authorization, the toolkit treats host names of the form "hostname-
ANYTHING.edu" as equivalent to "hostname.edu". This means that if a service was setup to do host authorization and hence accept the certificate "hostname.edu", it would also accept certificates with DNs "hostname-ANYTHING.edu".The feature is in place to allow a multi-homed host folowing a "hostname-interface" naming convention, to have a single host certificate. For example, host "grid.test.edu" would also accept likes of "grid-1.test.edu" or "grid-foo.test.edu".
![[Note]](/docbook-images/note.gif)
Note The string
ANYTHINGmatches only the name of the host and not domain components. This means that "hostname.edu" will not match "hostname-foo.sub.edu", but will match "host-foo.edu".Note If a host was set up to accept "hostname-1.edu", it will not accept any of "hostname-
ANYTHING.edu" but will accept "hostname.edu". That is, only one of the names being compared may contain the hyphen character in the host name.A bug has been opened to see if this feature needs to be modfiied.
In GT 4.2.1, it is possible to disable this behavior, by setting the enviornment variable
GLOBUS_GSSAPI_NAME_COMPATIBILITYtoSTRICT_RFC2818.