The Site Central Authorization Service (SCAS) will make authorization
and mapping decision centrally. It uses HTTPS authentication to
authenticate a client (as regular user or pilot job user) and present
user credentials. The return message will contain a deny of permit
decision, and when permitted Unix UID, primary GID and secondary GIDs
will be returned. The primary client tool is gLExec, but the client is
actually an LCMAPS plugin, so other tools like all the pre-WS GT4
gatekeepers, gridftpd and gsi-opensshd tools can also utilize this
client server interaction.