Dear all, I am uncertain how to properly configure slurmrestd to just validate JWTs and do not use other mechanisms.
My setup and observations: * I use slurm 20.02: https://download.schedmd.com/slurm/slurm-20.02.0.tar.bz2 * I start it with systemd under root-user as follows: slurmrestd -f /etc/slurm/slurm.conf -u slurmrestd -g users 0.0.0.0:8080 -vvvvvvvv * Env-variable SLURM_JWT is not populated * Slurm.conf contains: * AuthType=auth/munge AuthAltTypes=auth/jwt * Observations: * I can pass invalid tokens via X-SLURM-USER-TOKEN and still get results and no 401 * slumrestd writes at startup: * debug3: init_rest_auth: AUTH_TYPE_LOCAL activated * debug3: init_rest_auth: AUTH_TYPE_USER_PSK activated What might be flawed with my config? How to just use JWT-Tokens for auth and reject request in case of invalid tokens? I have the feeling as if the JWT-Validation is still bypassed. Thanks in advance, Stephen Henkel AG & Co. KGaA Sitz: 40191 Düsseldorf, Deutschland Handelsregister: Amtsgericht Düsseldorf, HRB 4724 Vorsitzende des Aufsichtsrats: Dr. Simone Bagel-Trah Persönlich haftende Gesellschafterin: Henkel Management AG Sitz: 40191 Düsseldorf; Deutschland Handelsregister: Amtsgericht Düsseldorf, HRB 58139 Aufsichtsratsvorsitzende: Dr. Simone Bagel-Trah Vorstand: Carsten Knobel (Vorsitzender), Jan-Dirk Auris, Sylvie Nicol, Bruno Piacenza, Jens-Martin Schwärzler, Marco Swoboda
