Hi, The serveradmin users allows more secure communications, and advanced authentication scenarios, like browser certificates [1]. But if you are building a simple user interface, you might want to keep things simple and use the 'username:password' session token for your xmlrpc requests.
Regards [1] http://opennebula.org/documentation:rel3.8:sunstone#x509_auth -- Carlos Martín, MSc Project Engineer OpenNebula - The Open-source Solution for Data Center Virtualization www.OpenNebula.org | [email protected] | @OpenNebula<http://twitter.com/opennebula><[email protected]> On Fri, Mar 22, 2013 at 5:46 PM, Nicolas Bélan <[email protected]>wrote: > Hello, > > well, i would like to display to user their vm, networks, images and so > on, according to the role and access of each user. > so i am trying to use as much as possible openNebula rbac and rpc to > retrieve only right informations. > the step after is to deploy vm as user, not as oneadmin or serveradmin, > but directly as "user" > > the service i am building is a very simplified user interface. the step > after for the user is to have access to self service, but to begin, i would > like to hide some concepts to make easier cloud access. > > best regards, > nicolas > Le 22 mars 2013 à 17:25, Tino Vazquez <[email protected]> a écrit : > > > Hi Nicolas, > > > > serveradmin is used by Sunstone and related interface services. Did > > you try it out with other users (ie, oneadmin)? > > > > Depending on what type of service you are building, you may be > > interested indeed in serveradmin. Could you elaborate a bit more on > > that? > > > > Regards > > -- > > Constantino Vázquez Blanco, PhD, MSc > > Project Engineer > > OpenNebula - The Open-Source Solution for Data Center Virtualization > > www.OpenNebula.org | @tinova79 | @OpenNebula > > > > > > On Fri, Mar 22, 2013 at 4:16 PM, Nicolas Bélan <[email protected]> > wrote: > >> Hello the list, > >> > >> I am trying (unsuccessfully) to call RPM methods. > >> > >> The problem is that I can not make my user authenticated by code (while > >> it is ok with http://localhost:4567/ui) > >> I am using version 3.8.3. > >> > >> I am trying to user serveradmin:<user>:<password> with it does not work > >> as written in the documentation. > >> Deeply investigating, I found, in > >> /usr/lib/one/ruby/server_cipher_auth.rb that the third part is a token, > >> but i am not ruby compliant.... > >> It seems, If i understand, that: > >> a string is built with: "serveradmin:username:time()+expire" > >> the serveradmin password is used to create a key. > >> This key is then used to cipher (salted ?) the previous string. > >> The result is then appended like that: > >> "serveradmin:username:cipher(key,serveradmin:username:time()+expire)" > >> and sent as the first parameter of the rpc call. > >> Am i completely wrong ? > >> For example: > >> > serveradmin:user_example:PWyaJz96iwdYldYoPHXWZYkBMbuvKIEXiTVb0WuAHURYuQ2Dzmhnzjm0JDNCMchB > >> > >> Using perl, I failed to authenticate user .... > >> using tcpdump, it seems that the third part is quite constant during a > >> certain laps of time ... > >> So, I may be wrong with my time() expire part .... > >> Can you help me writing this part of code ? Perl or PHP are welcome ;) > >> > >> Thank you for you help > >> > >> Best regards, > >> Nicolas. > >> > >> > >> > >> > >> > >> > >> _______________________________________________ > >> Users mailing list > >> [email protected] > >> http://lists.opennebula.org/listinfo.cgi/users-opennebula.org > >> > _______________________________________________ > Users mailing list > [email protected] > http://lists.opennebula.org/listinfo.cgi/users-opennebula.org >
_______________________________________________ Users mailing list [email protected] http://lists.opennebula.org/listinfo.cgi/users-opennebula.org
