[Users] Adding Authentication mechanism to oVirt
Thierry Kauffmann
thierry.kauffmann at univ-montp2.fr
Sun Dec 9 17:09:47 UTC 2012
Hi,
Ovirt presently supports only GSSAPI and SIMPLE authentication against
an LDAP server. The latter is far to weak to be used in a production
environment. The first is only offered as an external authentication
mechanism in many LDAP servers.
I suggest adding DIGEST-MD5 support to oVirt which is a secured way of
authenticating to an LDAP server and which is a required authentication
mechanism in LDAPv3 specification. (see
http://www.ietf.org/rfc/rfc2829.txt paragraph 4.2).
This would make it possible to access every LDAP servers securely
without the need to implement the GSSAPI mechanism.
I also actively suggest to add support for the OpenLDAP Directory
server. It is a widely used LDAP server (and the one we use at our
University by the way...).
Are there developers wishing to implement such support (DIGEST-MD5 and
OpenLDAP) ?
Or please tell me what I should do to start implementing it ?
Cheers,
Thierry
--
signature-TK Thierry Kauffmann
Chef du Service Informatique // Faculté des Sciences // Université de
Montpellier 2
SIF - Service Informatique de la Faculté des Sciences
<http://sif.info-ufr.univ-montp2.fr/> UM2 - Université de Montpellier 2
<http://www.univ-montp2.fr/> Service informatique de la Faculté des
Sciences (SIF)
Université de Montpellier 2
CC437 // Place Eugène Bataillon // 34095 Montpellier Cedex 5
Tél : 04 67 14 31 58
email : thierry.kauffmann at univ-montp2.fr
<mailto:thierry.kauffmann at univ-montp2.fr>
web : http://sif.info-ufr.univ-montp2.fr/
http://www.fdsweb.univ-montp2.fr/
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.ovirt.org/pipermail/users/attachments/20121209/c4b44056/attachment-0001.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: sif.png
Type: image/png
Size: 11755 bytes
Desc: not available
URL: <http://lists.ovirt.org/pipermail/users/attachments/20121209/c4b44056/attachment-0002.png>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: um2.png
Type: image/png
Size: 29129 bytes
Desc: not available
URL: <http://lists.ovirt.org/pipermail/users/attachments/20121209/c4b44056/attachment-0003.png>
More information about the Users
mailing list