Alexei Chetroi wrote:
On Fri, Feb 06, 2004 at 01:27:30PM +0100, Michael Bell wrote:
From: Michael Bell <[EMAIL PROTECTED]> Subject: Re: [Openca-Users] Question about SSL authentication Date: Fri, 06 Feb 2004 13:27:30 +0100
Nuno Miguel Neves wrote:
I already saw the example for trying to authenticate users using their certificates.
However, instead of using the common name, I would like to use the role
[snip]
0.9.2
-----
Please read the docs. Here is only a short description:
0. go to OPENCADIR/etc/access_control/your_interface.xml
1. activate x509 based login
2. activate map_role
3. activate map_operation (or you have to configure the access permission for every single role)
4. edit OPENCADIR/etc/rbac/acl.xml (add/remove permissions like you need)
Does it mean, that for using RBAC for CA node, I should access CA www interface via https protocol?
You would not be presented a certificate otherwise, so you should use https AND request a user certificate for authentication.
If I am wrong, please correct me.
Alexei Chetroi
-------------------------------------------------------
The SF.Net email is sponsored by EclipseCon 2004
Premiere Conference on Open Tools Development and Integration
See the breadth of Eclipse activity. February 3-5 in Anaheim, CA.
http://www.eclipsecon.org/osdn
_______________________________________________
Openca-Users mailing list
[EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/openca-users
--
[EMAIL PROTECTED] Dept. Informatica, Fac. Ciencias,
|\ | |\ | Tel: +351 21 7500528 Univ. Lisboa, Bloco C5, Campo Grande
| \|uno | \|eves Fax: +351 21 7500084 1700 Lisboa, Portugal
------------------------------------------------------- The SF.Net email is sponsored by EclipseCon 2004 Premiere Conference on Open Tools Development and Integration See the breadth of Eclipse activity. February 3-5 in Anaheim, CA. http://www.eclipsecon.org/osdn _______________________________________________ Openca-Users mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/openca-users
