On Thu, Feb 9, 2012 at 3:29 AM, Adam Young <ayo...@redhat.com> wrote: > I've made some strides in the KSL LDAP implementation. I've set up a > github clone with the code pushed: > > > https://github.com/admiyo/keystone/tree/ldap > > The code is ugly, as I'm in "Just get it working" mode. Cleanup will > happend prior to any attempt to merge with the Redux branch. I've attempted > to keep the same set of unit tests running as are used for the SQL backend. > The one delta is Metadata, as I am not sure how (or even if) we want to > reflect that in LDAP. I've made those three unit tests no-ops for LDAP. > > There are still more API calls to implement, (Tenant_Modify for example) and > then I'll test out against a live Open LDAP instance. > > The one change I've made from the old config is that fields like URL no > longer have ldap_ in front of them, so the config will look something like > > [ldap] > url = ldap://localhost > user = cn=Admin > password = password > backend_entities = ['Tenant', 'User', 'UserRoleAssociation', 'Role'] > suffix ='cn=example,cn=com' > > > > Feedback requested. >
Looking through the code, it appears that using ldaps:// may work for LDAPS support, but is LDAP w/ TLS going to be supported as well? Have you tested LDAPS support? - Ryan _______________________________________________ Mailing list: https://launchpad.net/~openstack Post to : openstack@lists.launchpad.net Unsubscribe : https://launchpad.net/~openstack More help : https://help.launchpad.net/ListHelp