On 04/04/13 7:23 PM, "Rohit Yadav" <bhais...@apache.org> wrote:
>On Thu, Apr 4, 2013 at 4:50 PM, Donal Lafferty ><donal.laffe...@citrix.com>wrote: > >> I noticed that the CloudStack UI allows VM control to accounts that >>don't >> have an API key set defined. >> >> How does its authentication mechanism work? E.g. >> >> >> 1. How are API calls authenticated and authorized if >>they >> are not signed with API keys? >> > >On integration port, defined in the global settings, 8096 generally there >is no authentication done, user is admin has max. power. > > >> >> 2. Does this work equally well when LDAP is to >> authenticate username / password? >> > Yes, LDAP authenticator is just another authenticator in the chain. -abhi >
