[ovirt-users] Can not configure with simple LDAP.
Alon Bar-Lev
alonbl at redhat.com
Sun Sep 21 07:19:11 UTC 2014
Hi,
You need to create authz extension as well (authz-company).
The configuration you provided is establishing authentication only (authn) which refer to authz-company but you did not add it.
The terms are:
1. authn - who the user is.
2. authz - what user is permitted.
3. profile - combination of the two.
-----------------------------
# vi /etc/ovirt-engine/extensions.d/authz-company.properties
ovirt.engine.extension.name = authz-company
ovirt.engine.extension.bindings.method = jbossmodule
ovirt.engine.extension.binding.jbossmodule.module = org.ovirt.engine-extensions.aaa.ldap
ovirt.engine.extension.binding.jbossmodule.class = org.ovirt.engineextensions.aaa.ldap.AuthnExtension
ovirt.engine.extension.provides = org.ovirt.engine.api.extensions.aaa.Authz
config.profile.file.1 = /etc/ovirt-engine/aaa/rxc05271.properties
--------------------------------------------------
Regards,
Alon
More information about the Users
mailing list