[Users] Adding Authentication mechanism to oVirt

Thierry Kauffmann thierry.kauffmann at univ-montp2.fr
Sun Dec 9 17:09:47 UTC 2012


Hi,

Ovirt presently supports only GSSAPI and SIMPLE authentication against
an LDAP server. The latter is far to weak to be used in a production
environment. The first is only offered as an external authentication
mechanism in many LDAP servers.

I suggest adding DIGEST-MD5 support to oVirt which is a secured way of
authenticating to an LDAP server and which is a required authentication
mechanism in LDAPv3 specification. (see
http://www.ietf.org/rfc/rfc2829.txt paragraph 4.2).

This would make it possible to access every LDAP servers securely
without the need to implement the GSSAPI mechanism.

I also actively suggest to add support for the OpenLDAP Directory
server. It is a widely used LDAP server (and the one we use at our
University by the way...).

Are there developers wishing to implement such support (DIGEST-MD5 and
OpenLDAP) ?

Or please tell me what I should do to start implementing it ?

Cheers,

Thierry


-- 
signature-TK Thierry Kauffmann
Chef du Service Informatique // Faculté des Sciences // Université de
Montpellier 2

SIF - Service Informatique de la Faculté des Sciences
<http://sif.info-ufr.univ-montp2.fr/> 	UM2 - Université de Montpellier 2
<http://www.univ-montp2.fr/> 	Service informatique de la Faculté des
Sciences (SIF)
Université de Montpellier 2
CC437 // Place Eugène Bataillon // 34095 Montpellier Cedex 5

Tél : 04 67 14 31 58
email : thierry.kauffmann at univ-montp2.fr
<mailto:thierry.kauffmann at univ-montp2.fr>
web : http://sif.info-ufr.univ-montp2.fr/ 
http://www.fdsweb.univ-montp2.fr/


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.ovirt.org/pipermail/users/attachments/20121209/c4b44056/attachment-0001.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: sif.png
Type: image/png
Size: 11755 bytes
Desc: not available
URL: <http://lists.ovirt.org/pipermail/users/attachments/20121209/c4b44056/attachment-0002.png>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: um2.png
Type: image/png
Size: 29129 bytes
Desc: not available
URL: <http://lists.ovirt.org/pipermail/users/attachments/20121209/c4b44056/attachment-0003.png>


More information about the Users mailing list