[gridengine users] Kerberos authentication with GE

Andreas Haupt andreas.haupt at desy.de
Mon Feb 21 14:15:27 UTC 2011

Hi Reuti,

On Mon, 2011-02-21 at 11:06 +0100, Reuti wrote:
> Am 21.02.2011 um 10:18 schrieb Andreas Haupt: 
> > On Sun, 2011-02-20 at 13:17 +0000, Dave Love wrote:
> >> Chris Jewell <chris.jewell at warwick.ac.uk> writes:
> >>> I was wondering if anybody had any info on using Grid Engine with
> >>> Kerberos authentication?
> > 
> > Well, GE actually does not support Kerberos authentication. It provides
> > methods to fetch a ticket on job submission (get_token_cmd when running
> > with AFS support) as well as providing tickets during job execution
> > (set_token_cmd). Nevertheless, there is no authentication process during
> > job submission.
> I wonder about the statements in the man page of SGE:
>    set_token_cmd
>        Note: Deprecated, may be removed in future release.
>        This parameter is only present if your Grid Engine system is licensed to support AFS.
> - Is it available in the open source edition and the man page is outdated?

Yes, it is in the open source version. We're using it since years.

> - What are the plans to remove it? I don't use it, but I before someone tries to get it working, it would be good to know.

We were worried about it as well. That's why I asked Andreas
Schwierskott about it at the last SGE workshop in Regensburg (2009 ...)
and he did not know why this got mentioned in the man page.

As Grid Engine is a real community open source project now, I don't
think the support for this will drop anytime soon - at least that's my
impression ... The man pages should be updated, though.

| Andreas Haupt             | E-Mail: andreas.haupt at desy.de
|  DESY Zeuthen             | WWW:    http://www-zeuthen.desy.de/~ahaupt
|  Platanenallee 6          | Phone:  +49/33762/7-7359
|  D-15738 Zeuthen          | Fax:    +49/33762/7-7216

More information about the users mailing list