[SAC] SAC Status
Arnulf Christl
arnulf.christl at ccgis.de
Fri Jun 23 04:18:56 EDT 2006
Howard Butler wrote:
> At 12:21 AM -0400 6/23/06, Frank Warmerdam wrote:
>> Could you explain a bit more to me about why LDAP needs to be doing SSL
>> or firewalled to only talk to internal servers? I have added your items
>> to a SAC TODO list I have started at:
>
> It's the same dichotomy between running a webserver or SSL or not. SSL
> encrypts an otherwise clear text communication. This includes binding
> to the LDAP with a username/password. If the intention was ever to have
> systems from outside of TelaScience communicate with the LDAP (we'll
> want this for offsite replication/backup), it could be sniffed. Maybe
> the chance is low, but nonetheless we can make it harder :)
>
>>
>> I have tried logging into the plone instance at
>> http://osgeo.telascience.org/
>> and it does not seem to let me login with my LDAP userid and
>> password. It
>> does have an old userid/password that I created within plone. Howard
>> mentioned in IRC that the plone authentication module seems to be missing
>> from the plone instance now.
>
> Yeah, checking the plone instance at that site shows me that there isn't
> LDAPUserFolder installed there. John, was it installed on another
> instance when I was testing/working on it?
>
> Howard
fwiw - i could log in fine just now.
More information about the Sac
mailing list