[Users] Is the feature Local Authentication abandoned?

Jason Keltz jas at cse.yorku.ca
Mon Aug 26 12:49:52 UTC 2013 

On 08/24/2013 04:44 AM, Alon Bar-Lev wrote:
>
> ----- Original Message -----
>> From: "lofyer" <lofyer at gmail.com>
>> To: "Alon Bar-Lev" <alonbl at redhat.com>
>> Cc: users at ovirt.org
>> Sent: Saturday, August 24, 2013 11:07:10 AM
>> Subject: Re: [Users] Is the feature Local Authentication abandoned?
>>
>> On 2013/8/24 15:56, Alon Bar-Lev wrote:
>>> ----- Original Message -----
>>>> From: "lofyer" <lofyer at gmail.com>
>>>> To: "Alon Bar-Lev" <alonbl at redhat.com>
>>>> Cc: users at ovirt.org
>>>> Sent: Saturday, August 24, 2013 10:47:21 AM
>>>> Subject: Re: [Users] Is the feature Local Authentication abandoned?
>>>>
>>>> On 2013/8/24 15:46, Alon Bar-Lev wrote:
>>>>> ----- Original Message -----
>>>>>> From: "lofyer" <lofyer at gmail.com>
>>>>>> To: users at ovirt.org
>>>>>> Sent: Saturday, August 24, 2013 10:36:12 AM
>>>>>> Subject: [Users] Is the feature Local Authentication abandoned?
>>>>>>
>>>>>> Is the feature Local Authentication abandoned in 3.3?
>>>>>> If not, what should I do to use it?
>>>>> Question is unclear.
>>>>>
>>>>> What do you call "Local Authentication", after setup can't you login
>>>>> using
>>>>> admin user?
>>>> Sorry for that.
>>>> I mean, use users in /etc/passwd to login.
>>>>
>>> I never knew this is was an option.
>>>
>>> Or you mean something new that was planned somewhere?
>>>
>>> I am against of using native authentication for applications, as it enables
>>> more privileges that users should have.
>>>
>>> The proper way to do that is to use directory services, such as LDAP and
>>> integrate the nss of system and application to use that directory.
>>>
>>> Regards,
>>> Alon
>> I saw this from**http://www.ovirt.org/Features/Local_Authentication%E2%80%8E
>> So I thought it would be available now..
>>
>> It seems that I have to use ldap now.
>>
> In future you will be able to write plugin for authentication and authorization to do whatever you like.
>
> This is still work in progress as far as I can see[1].
>
> Alon
>
> [1] http://gerrit.ovirt.org/#/q/status:open+project:ovirt-engine+branch:master+topic:ldap_independence,n,z
> _______________________________________________
> Users mailing list
> Users at ovirt.org
> http://lists.ovirt.org/mailman/listinfo/users

While I think this is a great future addition, I really believe that the 
default oVirt installation should include some form of integrated basic 
authentication using the integrated DB!  I was really surprised to see 
this functionality missing.  With the integrated DB, I have no idea why 
the functionality isn't there.  I know - it's all about priorities.  
While LDAP is common, still - not everyone uses it!  If I was buying 
RHEV, the lack of the basic built in authentication would have been a 
show stopper for me.  Do I *really* need to use LDAP when I've got a 
total of about 4 people maintaining everything?  In fact, even if I 
*was* using LDAP, the virtualization infrastructure has enough of its 
own complexity that I'd rather separate it from LDAP - one less thing to 
go wrong.   If I was buying RHEV, the lack of basic authentication would 
have been a showstopper for me.

Jason.

More information about the Users mailing list