[one-users] What happens to JAVA OCA if I turn on certificate based authentication ?

Gian Uberto Lauri saint at eng.it
Tue Nov 15 07:25:41 PST 2011 

Sorry for re-sending this message, but I  need a reply soon. On Nov 28
I should have something working.

>>>>> "Cc" == Gian Uberto Lauri <saint at eng.it> writes:

Cc> On 11/11/11 19:05, Carlos Martín Sánchez wrote:
>> Hi,
>> 
>> It should read the token generated by 'oneuser login' and keep
>> working as usual.

Cc> Sorry, I do not get you. The Client class in Java OCA wants an
Cc> user name and a secret in version 2 and also in version 3 if I am
Cc> not wrong.

Cc> So, how does authentication work when I use that such a Client
Cc> instance to contact OpenNebula from within a Java program ?

Cc> The Java Program shells out oneuser? And with which credentials?

Cc> Or may I have both base authentication and, say LDAP? It seems I
Cc> can't have both base and X509 based authentication if I got well
Cc> the docs from release 3.

Cc> I am asking these questions because I am working on an OCCI front
Cc> end that accepts OVF messages and uses OCA to contact OpenNebula,
Cc> acting as a sort of translator OVF->Template.

Cc> Now we are building the authentication part. The OCCI front end
Cc> uses certificates based authentication when receiving an user
Cc> request, and then it must authenticate itself in OpenNebula with
Cc> an identity matching that of the user that did the original
Cc> request.

Cc> Cutting out any other access to OpenNebula rather than this OCCI
Cc> front-end could solve the problem easily, but if I want to let
Cc> some users access to the cloud through Sunstone the original
Cc> solution does not work well...

Best regards.

--
ing. Gian Uberto Lauri
Ricercatore / Reasearcher
Laboratorio Ricerca e Sviluppo / Research & Development Lab.
Area Calcolo Distribuito / Distributed Computation Area

GianUberto.Lauri at eng.it

Engineering Ingegneria Informatica spa
Corso Stati Uniti 23/C, 35127 Padova (PD) 

Tel. +39-049.8283.571         | main(){printf(&unix["\021%six\012\0"], 
Fax  +39-049.8283.569		  |    (unix)["have"]+"fun"-0x60);}   
Skype: gian.uberto.lauri	  |          David Korn, AT&T Bell Labs             
http://www.eng.it 			  |          ioccc best One Liner, 1987

More information about the Users mailing list