When a user claims a job belongs a project, License Scheduler checks if this user belongs to this project, since projects assign fairshare priority, and preemption is based on ownership. When users submit jobs to license projects they do not belong to, the request is refused, or the job gets put in a "default" bucket with a low number of shares or no shares at all.
Administrators can control who can run what project. By default, such authentication is not enabled for compatibility with the previous versions of License Scheduler.
When enabled, user authentication has the following behavior:
If the user belongs to the project, allow the license request
If the user does not belong to the project or the project does not match any projects in the configuration, reject the request
If a default project is configured in the LS user authentication configuration file ls.users, change the project to default and allow the license request
If the project equals default, no authentication is needed, allow the request