[SAC] SAC Status

Howard Butler hobu at hobu.net
Fri Jun 23 00:59:04 EDT 2006


At 12:21 AM -0400 6/23/06, Frank Warmerdam wrote:
>Could you explain a bit more to me about why LDAP needs to be doing SSL
>or firewalled to only talk to internal servers?  I have added your items
>to a SAC TODO list I have started at:

It's the same dichotomy between running a webserver or SSL or not. 
SSL encrypts an otherwise clear text communication.  This includes 
binding to the LDAP with a username/password.  If the intention was 
ever to have systems from outside of TelaScience communicate with the 
LDAP (we'll want this for offsite replication/backup), it could be 
sniffed.  Maybe the chance is low, but nonetheless we can make it 
harder :)

>
>I have tried logging into the plone instance at http://osgeo.telascience.org/
>and it does not seem to let me login with my LDAP userid and password.  It
>does have an old userid/password that I created within plone.   Howard
>mentioned in IRC that the plone authentication module seems to be missing
>from the plone instance now.

Yeah, checking the plone instance at that site shows me that there 
isn't LDAPUserFolder installed there. John, was it installed on 
another instance when I was testing/working on it?

Howard




More information about the Sac mailing list