Re: [one-users] Authentication Front-End
Thanks, but I meant the SSL / TLS protection of messages sent from Sunstone to the Front-End (User useradmin). Right here you can establish an SSL / TLS tunnel? El 21/07/2014, a las 11:00, Carlos Martín Sánchez cmar...@opennebula.org escribió: Hi María, On Sun, Jul 20, 2014 at 7:51 PM, María Noelia Gil marianoelia@um.es wrote: Hello there! I am studying the authentication mechanism in OpenNebula. The authentication based in username/password against the Front-End unused SSL/TLS tunnel or HMAC. Why the information is not protected? Is it possible to configure a SSL / TLS tunnel? Thank you. That should be covered by the Sunstone authentication docs. [1] Regards [1] http://docs.opennebula.org/4.6/administration/sunstone_gui/suns_auth.html -- Carlos Martín, MSc Project Engineer OpenNebula - Flexible Enterprise Cloud Made Simple www.OpenNebula.org | cmar...@opennebula.org | @OpenNebula ___ Users mailing list Users@lists.opennebula.org http://lists.opennebula.org/listinfo.cgi/users-opennebula.org
Re: [one-users] Authentication Front-End
But the 9869 is Sunsone port or Oned port? Oned using 2633, right? Could I configure a proxy for port 2633? El 21/07/2014, a las 15:00, Javier Fontan jfon...@opennebula.org escribió: You can also use a proxy for oned, port 9869. Then you have to tell the clients to use the proxy address. For CLI you set the environment variable ONE_XMLRPC: export ONE_XMLRPC=https://server:port/RPC2 For Sunstone it can be changed in /etc/one/sunstone-server.conf: :one_xmlrpc: https://server:port/RPC2 On Mon, Jul 21, 2014 at 11:34 AM, María Noelia Gil marianoelia@um.es wrote: Thanks, but I meant the SSL / TLS protection of messages sent from Sunstone to the Front-End (User useradmin). Right here you can establish an SSL / TLS tunnel? El 21/07/2014, a las 11:00, Carlos Martín Sánchez cmar...@opennebula.org escribió: Hi María, On Sun, Jul 20, 2014 at 7:51 PM, María Noelia Gil marianoelia@um.es wrote: Hello there! I am studying the authentication mechanism in OpenNebula. The authentication based in username/password against the Front-End unused SSL/TLS tunnel or HMAC. Why the information is not protected? Is it possible to configure a SSL / TLS tunnel? Thank you. That should be covered by the Sunstone authentication docs. [1] Regards [1] http://docs.opennebula.org/4.6/administration/sunstone_gui/suns_auth.html -- Carlos Martín, MSc Project Engineer OpenNebula - Flexible Enterprise Cloud Made Simple www.OpenNebula.org | cmar...@opennebula.org | @OpenNebula ___ Users mailing list Users@lists.opennebula.org http://lists.opennebula.org/listinfo.cgi/users-opennebula.org -- Javier Fontán Muiños Developer OpenNebula - Flexible Enterprise Cloud Made Simple www.OpenNebula.org | @OpenNebula | github.com/jfontan ___ Users mailing list Users@lists.opennebula.org http://lists.opennebula.org/listinfo.cgi/users-opennebula.org
[one-users] Authentication Front-End
Hello there! I am studying the authentication mechanism in OpenNebula. The authentication based in username/password against the Front-End unused SSL/TLS tunnel or HMAC. Why the information is not protected? Is it possible to configure a SSL / TLS tunnel? Thank you. ___ Users mailing list Users@lists.opennebula.org http://lists.opennebula.org/listinfo.cgi/users-opennebula.org
[one-users] x509 Authentication CLI
Hello, I am testing the x509 authentication from CLI. The operation oneuser login ... generates an authentication token encrypted with the private key. What is the content of the token? On the other hand, I have seen that every user has on their template an attribute with name TOKEN_PASSWORD, what is its use? Thank you. ___ Users mailing list Users@lists.opennebula.org http://lists.opennebula.org/listinfo.cgi/users-opennebula.org
[one-users] x509 authentication
Hello, I followed the steps as indicated in http://docs.opennebula.org/4.6/administration/sunstone_gui/suns_auth.html to enable authentication x509. I enter to https://127.0.0.1:8443 and the username and password fields do not show, so I think that the changes in OpenNebula are correct. But how do I enter the client certificate? I added the certificate to my browser, but Lighttp do not ask me about the certificate. What changes have to do in the settings? Thank you. ___ Users mailing list Users@lists.opennebula.org http://lists.opennebula.org/listinfo.cgi/users-opennebula.org