[
https://issues.apache.org/jira/browse/KARAF-5418?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16280229#comment-16280229
]
ASF subversion and git services commented on KARAF-5418:
--------------------------------------------------------
Commit fcff64f6e95dbe92582d0e4a8ba9db2125ad1086 in karaf's branch
refs/heads/karaf-4.1.x from [~cipi]
[ https://gitbox.apache.org/repos/asf?p=karaf.git;h=fcff64f ]
[KARAF-5418] Add LDAPPubkeyLoginModule JAAS module
This commit contains two test public/private key pairs that are used to
exercise the LDAPPubkeyLoginModule
> SSH public key authentication from LDAP
> ---------------------------------------
>
> Key: KARAF-5418
> URL: https://issues.apache.org/jira/browse/KARAF-5418
> Project: Karaf
> Issue Type: Improvement
> Components: karaf-security
> Reporter: Ciprian Ciubotariu
> Assignee: Ćukasz Dywicki
> Priority: Minor
> Labels: security
> Fix For: 4.1.4, 4.2.0
>
>
> We have an environment with multiple karaf instances deployed, all
> authenticating SSH connections using the username/password mechanism from a
> LDAP server. Repeatedly logging into these servers requires copy-pasting
> passwords from the keychain, which ... well, can lead to leaks and is also
> annoying after a while. At the same time hosts are is easier with SSH keys,
> which we also store in LDAP.
> I have created a LDAP public-key authentication module to karaf following the
> file-based PubkeyLoginModule, and I want to contribute it to karaf. Github PR
> to follow.
> To use it one has to use the same JAAS module settings as for
> {{LDAPLoginModule}}, but with class {{LDAPPubkeyLoginModule}} and an added
> configuration option {{user.pubkey.attribute}}. Any attribute can be used to
> store the public key(s), such as the {{publicKey}} attribute from
> {{objectClass: extensibleObject}}. You'll find complete examples in tests.
--
This message was sent by Atlassian JIRA
(v6.4.14#64029)
