Re: [one-users] Authentication Front-End
Hi María, On Sun, Jul 20, 2014 at 7:51 PM, María Noelia Gil marianoelia@um.es wrote: Hello there! I am studying the authentication mechanism in OpenNebula. The authentication based in username/password against the Front-End unused SSL/TLS tunnel or HMAC. Why the information is not protected? Is it possible to configure a SSL / TLS tunnel? Thank you. That should be covered by the Sunstone authentication docs. [1] Regards [1] http://docs.opennebula.org/4.6/administration/sunstone_gui/suns_auth.html -- Carlos Martín, MSc Project Engineer OpenNebula - Flexible Enterprise Cloud Made Simple www.OpenNebula.org http://www.opennebula.org/ | cmar...@opennebula.org | @OpenNebula http://twitter.com/opennebula cmar...@opennebula.org ___ Users mailing list Users@lists.opennebula.org http://lists.opennebula.org/listinfo.cgi/users-opennebula.org
Re: [one-users] Authentication Front-End
Thanks, but I meant the SSL / TLS protection of messages sent from Sunstone to the Front-End (User useradmin). Right here you can establish an SSL / TLS tunnel? El 21/07/2014, a las 11:00, Carlos Martín Sánchez cmar...@opennebula.org escribió: Hi María, On Sun, Jul 20, 2014 at 7:51 PM, María Noelia Gil marianoelia@um.es wrote: Hello there! I am studying the authentication mechanism in OpenNebula. The authentication based in username/password against the Front-End unused SSL/TLS tunnel or HMAC. Why the information is not protected? Is it possible to configure a SSL / TLS tunnel? Thank you. That should be covered by the Sunstone authentication docs. [1] Regards [1] http://docs.opennebula.org/4.6/administration/sunstone_gui/suns_auth.html -- Carlos Martín, MSc Project Engineer OpenNebula - Flexible Enterprise Cloud Made Simple www.OpenNebula.org | cmar...@opennebula.org | @OpenNebula ___ Users mailing list Users@lists.opennebula.org http://lists.opennebula.org/listinfo.cgi/users-opennebula.org
Re: [one-users] Authentication Front-End
But the 9869 is Sunsone port or Oned port? Oned using 2633, right? Could I configure a proxy for port 2633? El 21/07/2014, a las 15:00, Javier Fontan jfon...@opennebula.org escribió: You can also use a proxy for oned, port 9869. Then you have to tell the clients to use the proxy address. For CLI you set the environment variable ONE_XMLRPC: export ONE_XMLRPC=https://server:port/RPC2 For Sunstone it can be changed in /etc/one/sunstone-server.conf: :one_xmlrpc: https://server:port/RPC2 On Mon, Jul 21, 2014 at 11:34 AM, María Noelia Gil marianoelia@um.es wrote: Thanks, but I meant the SSL / TLS protection of messages sent from Sunstone to the Front-End (User useradmin). Right here you can establish an SSL / TLS tunnel? El 21/07/2014, a las 11:00, Carlos Martín Sánchez cmar...@opennebula.org escribió: Hi María, On Sun, Jul 20, 2014 at 7:51 PM, María Noelia Gil marianoelia@um.es wrote: Hello there! I am studying the authentication mechanism in OpenNebula. The authentication based in username/password against the Front-End unused SSL/TLS tunnel or HMAC. Why the information is not protected? Is it possible to configure a SSL / TLS tunnel? Thank you. That should be covered by the Sunstone authentication docs. [1] Regards [1] http://docs.opennebula.org/4.6/administration/sunstone_gui/suns_auth.html -- Carlos Martín, MSc Project Engineer OpenNebula - Flexible Enterprise Cloud Made Simple www.OpenNebula.org | cmar...@opennebula.org | @OpenNebula ___ Users mailing list Users@lists.opennebula.org http://lists.opennebula.org/listinfo.cgi/users-opennebula.org -- Javier Fontán Muiños Developer OpenNebula - Flexible Enterprise Cloud Made Simple www.OpenNebula.org | @OpenNebula | github.com/jfontan ___ Users mailing list Users@lists.opennebula.org http://lists.opennebula.org/listinfo.cgi/users-opennebula.org
Re: [one-users] Authentication Front-End
You are totally right. I messed it up. The port to proxy is 2633 from oned. On Mon, Jul 21, 2014 at 3:07 PM, María Noelia Gil marianoelia@um.es wrote: But the 9869 is Sunsone port or Oned port? Oned using 2633, right? Could I configure a proxy for port 2633? El 21/07/2014, a las 15:00, Javier Fontan jfon...@opennebula.org escribió: You can also use a proxy for oned, port 9869. Then you have to tell the clients to use the proxy address. For CLI you set the environment variable ONE_XMLRPC: export ONE_XMLRPC=https://server:port/RPC2 For Sunstone it can be changed in /etc/one/sunstone-server.conf: :one_xmlrpc: https://server:port/RPC2 On Mon, Jul 21, 2014 at 11:34 AM, María Noelia Gil marianoelia@um.es wrote: Thanks, but I meant the SSL / TLS protection of messages sent from Sunstone to the Front-End (User useradmin). Right here you can establish an SSL / TLS tunnel? El 21/07/2014, a las 11:00, Carlos Martín Sánchez cmar...@opennebula.org escribió: Hi María, On Sun, Jul 20, 2014 at 7:51 PM, María Noelia Gil marianoelia@um.es wrote: Hello there! I am studying the authentication mechanism in OpenNebula. The authentication based in username/password against the Front-End unused SSL/TLS tunnel or HMAC. Why the information is not protected? Is it possible to configure a SSL / TLS tunnel? Thank you. That should be covered by the Sunstone authentication docs. [1] Regards [1] http://docs.opennebula.org/4.6/administration/sunstone_gui/suns_auth.html -- Carlos Martín, MSc Project Engineer OpenNebula - Flexible Enterprise Cloud Made Simple www.OpenNebula.org | cmar...@opennebula.org | @OpenNebula ___ Users mailing list Users@lists.opennebula.org http://lists.opennebula.org/listinfo.cgi/users-opennebula.org -- Javier Fontán Muiños Developer OpenNebula - Flexible Enterprise Cloud Made Simple www.OpenNebula.org | @OpenNebula | github.com/jfontan -- Javier Fontán Muiños Developer OpenNebula - Flexible Enterprise Cloud Made Simple www.OpenNebula.org | @OpenNebula | github.com/jfontan ___ Users mailing list Users@lists.opennebula.org http://lists.opennebula.org/listinfo.cgi/users-opennebula.org
