Hi Rolandas, On 7 February 2013 07:28, Rolandas Naujikas <[email protected]> wrote: > We made Opennebula (3.8.3) Self Service portal (OCCI web UI) to work with > LDAP authentication by using this patch: > > sed -i 's/CryptoJS.SHA1(password)/password/' /(location of depends on > installation)/occi/ui/public/js/login.js > > and putting ":auth: occi" to occi-server.conf >
If you set :auth: occi, the authentication method will compare the password provided by the user and the one stored in OpenNebula (OCCICloudAuth.rb) but LDAP will not be used. Instead you have to set ":auth: opennebula" (OpenNebulaCloudAuth.rb) [1] and change the auth driver for that user 'oneuser chauth ..." to use LDAP, or set LDAP as default for new users [2] [1] http://opennebula.org/documentation:rel3.8:sunstone#authentication_methods [2] http://opennebula.org/documentation:rel3.8:ldap#configuration Cheers > That is because OCCI transfers SHA1 hashed password to occi-server and it > could not do LDAP bind with it (exept if your LDAP contains clear text > passwords or SHA1 hash). With this patch clear password is transported to > occi-server and it could do LDAP bind against LDAP users. -- Daniel Molina Project Engineer OpenNebula - The Open Source Solution for Data Center Virtualization www.OpenNebula.org | [email protected] | @OpenNebula _______________________________________________ Users mailing list [email protected] http://lists.opennebula.org/listinfo.cgi/users-opennebula.org
