[one-users] OCCI server (self-service portal) and LDAP authentification

Rolandas Naujikas rolandas.naujikas at mif.vu.lt
Tue Apr 24 07:30:10 PDT 2012


On 2012-04-24 17:12, Daniel Molina wrote:
> Hi Rolandas,
> 
> On 23 April 2012 11:44, Rolandas Naujikas <rolandas.naujikas at mif.vu.lt> wrote:
>> Hi,
>>
>> In opennebula 3.4.0 we can specify opennebula auth method in
>> occi-server.conf (that is not really well documented in
>> http://opennebula.org/documentation:rel3.4:occicg), but it doesn't work,
>> because password is hashed with SHA1, before sending to OCCI server. If
>> we comment out line
>>
>> password = Crypto.SHA1(password);
>>
>> in one/ruby/cloud/occi/ui/public/js/login.js, then we can connect to
>> self-service portal with the user from LDAP.
>>
>> Could OCCI really work with plain authentication (like LDAP or others)
>> or specification doesn't allow that ?
>>
>> The same question also valid about access to EC2 service. There we
>> should probably create separate EC2CloudAuth module (we could not use
>> OpenNebulaCloudAuth) to work with LDAP or other auth method.
> 
> Olivier created a new ticket in the dev site regarding this issue,
> there you can find some comments/suggestions I've just made.
> http://dev.opennebula.org/issues/1251

I think, at least for Self-Service portal it would be good to make LDAP
auth method work. (At least with my change it works, but breaks others
methods). Self-Service portal is attractive for end users.

OCCI clients could work also, but that requires changes at protocol level.

I agree that EC2 auth method is fixed already and there are no way to
use external auth method.

> Cheers
> 
>>
>> Regards, Rolandas Naujikas
>> _______________________________________________
>> Users mailing list
>> Users at lists.opennebula.org
>> http://lists.opennebula.org/listinfo.cgi/users-opennebula.org
> 




More information about the Users mailing list