[Users] Is the feature Local Authentication abandoned?

Alon Bar-Lev alonbl at redhat.com
Mon Aug 26 12:52:13 UTC 2013



----- Original Message -----
> From: "Jason Keltz" <jas at cse.yorku.ca>
> To: "Alon Bar-Lev" <alonbl at redhat.com>
> Cc: "users at ovirt.org >> users" <users at ovirt.org>
> Sent: Monday, August 26, 2013 3:49:52 PM
> Subject: Re: [Users] Is the feature Local Authentication abandoned?
> 
> On 08/24/2013 04:44 AM, Alon Bar-Lev wrote:
> >
> > ----- Original Message -----
> >> From: "lofyer" <lofyer at gmail.com>
> >> To: "Alon Bar-Lev" <alonbl at redhat.com>
> >> Cc: users at ovirt.org
> >> Sent: Saturday, August 24, 2013 11:07:10 AM
> >> Subject: Re: [Users] Is the feature Local Authentication abandoned?
> >>
> >> On 2013/8/24 15:56, Alon Bar-Lev wrote:
> >>> ----- Original Message -----
> >>>> From: "lofyer" <lofyer at gmail.com>
> >>>> To: "Alon Bar-Lev" <alonbl at redhat.com>
> >>>> Cc: users at ovirt.org
> >>>> Sent: Saturday, August 24, 2013 10:47:21 AM
> >>>> Subject: Re: [Users] Is the feature Local Authentication abandoned?
> >>>>
> >>>> On 2013/8/24 15:46, Alon Bar-Lev wrote:
> >>>>> ----- Original Message -----
> >>>>>> From: "lofyer" <lofyer at gmail.com>
> >>>>>> To: users at ovirt.org
> >>>>>> Sent: Saturday, August 24, 2013 10:36:12 AM
> >>>>>> Subject: [Users] Is the feature Local Authentication abandoned?
> >>>>>>
> >>>>>> Is the feature Local Authentication abandoned in 3.3?
> >>>>>> If not, what should I do to use it?
> >>>>> Question is unclear.
> >>>>>
> >>>>> What do you call "Local Authentication", after setup can't you login
> >>>>> using
> >>>>> admin user?
> >>>> Sorry for that.
> >>>> I mean, use users in /etc/passwd to login.
> >>>>
> >>> I never knew this is was an option.
> >>>
> >>> Or you mean something new that was planned somewhere?
> >>>
> >>> I am against of using native authentication for applications, as it
> >>> enables
> >>> more privileges that users should have.
> >>>
> >>> The proper way to do that is to use directory services, such as LDAP and
> >>> integrate the nss of system and application to use that directory.
> >>>
> >>> Regards,
> >>> Alon
> >> I saw this
> >> from**http://www.ovirt.org/Features/Local_Authentication%E2%80%8E
> >> So I thought it would be available now..
> >>
> >> It seems that I have to use ldap now.
> >>
> > In future you will be able to write plugin for authentication and
> > authorization to do whatever you like.
> >
> > This is still work in progress as far as I can see[1].
> >
> > Alon
> >
> > [1]
> > http://gerrit.ovirt.org/#/q/status:open+project:ovirt-engine+branch:master+topic:ldap_independence,n,z
> > _______________________________________________
> > Users mailing list
> > Users at ovirt.org
> > http://lists.ovirt.org/mailman/listinfo/users
> 
> While I think this is a great future addition, I really believe that the
> default oVirt installation should include some form of integrated basic
> authentication using the integrated DB!  I was really surprised to see
> this functionality missing.  With the integrated DB, I have no idea why
> the functionality isn't there.  I know - it's all about priorities.

I fully agree with you.
I was also surprised that LDAP was developed before simple database.

> While LDAP is common, still - not everyone uses it!  If I was buying
> RHEV, the lack of the basic built in authentication would have been a
> show stopper for me.  Do I *really* need to use LDAP when I've got a
> total of about 4 people maintaining everything?  In fact, even if I
> *was* using LDAP, the virtualization infrastructure has enough of its
> own complexity that I'd rather separate it from LDAP - one less thing to
> go wrong.   If I was buying RHEV, the lack of basic authentication would
> have been a showstopper for me.
> 
> Jason.
> 
> 



More information about the Users mailing list