[Openca-Users] LDAP login configuration

Wed, 05 Nov 2008 06:49:46 -0800 

hi all,

I have a problem when trying to authenticate with OpenCA and ldap

I set the file 'etc/access_control/pub.xml' with the following parameters


<openca>
    <access_control>
        <channel>
            <type>mod_ssl</type>
            <protocol>ssl</protocol>
            <source>.*</source>
            <asymmetric_cipher>.*</asymmetric_cipher>
            <asymmetric_keylength>0</asymmetric_keylength>
            <symmetric_cipher>.*</symmetric_cipher>
            <symmetric_keylength>128</symmetric_keylength>
        </channel>
        <login>
            <type>passwd</type>
            <database>ldap</database>

              <ldapdata>
                <host>127.0.0.1</host>
                <port>389</port>
                <base>DC=com,DC=ve</base>
                <binddn>CN=Administrador,CN=Users,DC=com,DC=ve</binddn>
                <bindpw>1234567890</bindpw>
                <usetls>no</usetls>
                <searchattr>sAMAccountName</searchattr>
                <ldapauthmeth>bind</ldapauthmeth>
                <ldapdefaultauthmeth>bind</ldapdefaultauthmeth>
               </ldapdata>

             <passwd>
                <roleattribute>memberOf</roleattribute>
                <rolemapping>

<roleattributevalue>cn=PKI-Operadores,cn=Users,dc=com,dc=ve</roleattributevalue>
                  <role>PKI-Operadores</role>
                </rolemapping>
              </passwd>

        </login>
        <acl_config>
            <acl>yes</acl>

<list>/usr/local/openca-ra/build0.9.2.5/openca/etc/rbac/acl.xml</list>

<command_dir>/usr/local/openca-ra/build0.9.2.5/openca/etc/rbac/cmds</command_dir>
            <module_id>32</module_id>
            <map_role>no</map_role>
            <map_operation>yes</map_operation>
        </acl_config>
    </access_control>

<token_config_file>/usr/local/openca-ra/build0.9.2.5/openca/etc/token.xml</token_config_file>
</openca>



but when I try to authenticate it performs against the database, i need set
another file


Thanks,

Rubenson Barrios
Investigacion y Desarrollo Tecnologico

-------------------------------------------------------------------------
This SF.Net email is sponsored by the Moblin Your Move Developer's challenge
Build the coolest Linux based applications with Moblin SDK & win great prizes
Grand prize is a trip for two to an Open Source event anywhere in the world
http://moblin-contest.org/redirect.php?banner_id=100&url=/
_______________________________________________
Openca-Users mailing list
Openca-Users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/openca-users

Reply via email to