[SAC] SAC Status
Howard Butler
hobu at hobu.net
Fri Jun 23 00:59:04 EDT 2006
At 12:21 AM -0400 6/23/06, Frank Warmerdam wrote:
>Could you explain a bit more to me about why LDAP needs to be doing SSL
>or firewalled to only talk to internal servers? I have added your items
>to a SAC TODO list I have started at:
It's the same dichotomy between running a webserver or SSL or not.
SSL encrypts an otherwise clear text communication. This includes
binding to the LDAP with a username/password. If the intention was
ever to have systems from outside of TelaScience communicate with the
LDAP (we'll want this for offsite replication/backup), it could be
sniffed. Maybe the chance is low, but nonetheless we can make it
harder :)
>
>I have tried logging into the plone instance at http://osgeo.telascience.org/
>and it does not seem to let me login with my LDAP userid and password. It
>does have an old userid/password that I created within plone. Howard
>mentioned in IRC that the plone authentication module seems to be missing
>from the plone instance now.
Yeah, checking the plone instance at that site shows me that there
isn't LDAPUserFolder installed there. John, was it installed on
another instance when I was testing/working on it?
Howard
More information about the Sac
mailing list