[SAC] SAC Status

John Graham johng at telascience.org
Fri Jun 23 05:24:00 EDT 2006


All

We can do SSL in hardware on this box  
http://www.sun.com/products/networking/blades/ssl/

http://ldap.telascience.org:8080/osgeo/acl_users/manage_GRUFSources 
Users source #1 is a LDAPUserFolder
   
John

Howard Butler wrote:

> At 12:21 AM -0400 6/23/06, Frank Warmerdam wrote:
>
>> Could you explain a bit more to me about why LDAP needs to be doing SSL
>> or firewalled to only talk to internal servers?  I have added your items
>> to a SAC TODO list I have started at:
>
>
> It's the same dichotomy between running a webserver or SSL or not. SSL 
> encrypts an otherwise clear text communication.  This includes binding 
> to the LDAP with a username/password.  If the intention was ever to 
> have systems from outside of TelaScience communicate with the LDAP 
> (we'll want this for offsite replication/backup), it could be 
> sniffed.  Maybe the chance is low, but nonetheless we can make it 
> harder :)
>
>>
>> I have tried logging into the plone instance at 
>> http://osgeo.telascience.org/
>> and it does not seem to let me login with my LDAP userid and 
>> password.  It
>> does have an old userid/password that I created within plone.   Howard
>> mentioned in IRC that the plone authentication module seems to be 
>> missing
>> from the plone instance now.
>
>
> Yeah, checking the plone instance at that site shows me that there 
> isn't LDAPUserFolder installed there. John, was it installed on 
> another instance when I was testing/working on it?
>
> Howard





More information about the Sac mailing list