[SAC] SAC Status
John Graham
johng at telascience.org
Fri Jun 23 05:24:00 EDT 2006
All
We can do SSL in hardware on this box
http://www.sun.com/products/networking/blades/ssl/
http://ldap.telascience.org:8080/osgeo/acl_users/manage_GRUFSources
Users source #1 is a LDAPUserFolder
John
Howard Butler wrote:
> At 12:21 AM -0400 6/23/06, Frank Warmerdam wrote:
>
>> Could you explain a bit more to me about why LDAP needs to be doing SSL
>> or firewalled to only talk to internal servers? I have added your items
>> to a SAC TODO list I have started at:
>
>
> It's the same dichotomy between running a webserver or SSL or not. SSL
> encrypts an otherwise clear text communication. This includes binding
> to the LDAP with a username/password. If the intention was ever to
> have systems from outside of TelaScience communicate with the LDAP
> (we'll want this for offsite replication/backup), it could be
> sniffed. Maybe the chance is low, but nonetheless we can make it
> harder :)
>
>>
>> I have tried logging into the plone instance at
>> http://osgeo.telascience.org/
>> and it does not seem to let me login with my LDAP userid and
>> password. It
>> does have an old userid/password that I created within plone. Howard
>> mentioned in IRC that the plone authentication module seems to be
>> missing
>> from the plone instance now.
>
>
> Yeah, checking the plone instance at that site shows me that there
> isn't LDAPUserFolder installed there. John, was it installed on
> another instance when I was testing/working on it?
>
> Howard
More information about the Sac
mailing list