On Fri, Mar 20, 2009 at 09:44:07AM -0700, Scott Beardsley wrote:
> Is there any authorization mechanism in libvirt? I've got TLS going so
> that only those with a cert signed by my CA are allowed in, but there
> appears to be no way for me to only allow them access to certain VMs.
> Can I limit fol
On Sun, Mar 22, 2009 at 12:13:26PM -0700, Scott Beardsley wrote:
>
> > SASL is being supported.
> > Check out http://fedoraproject.org/wiki/Features/VirtVNCAuth
>
> Doesn't SASL only provide an authentication (aka authN) layer? I'm
> looking for an authorization (aka authZ) layer. I'm using clien
> SASL is being supported.
> Check out http://fedoraproject.org/wiki/Features/VirtVNCAuth
Doesn't SASL only provide an authentication (aka authN) layer? I'm
looking for an authorization (aka authZ) layer. I'm using client SSL
certs for authN.
> I don't know how users will be mapped to domains or
On Fri, 2009-03-20 at 09:44 -0700, Scott Beardsley wrote:
> Is there any authorization mechanism in libvirt? I've got TLS going so
> that only those with a cert signed by my CA are allowed in, but there
> appears to be no way for me to only allow them access to certain VMs.
> Can I limit folks to s
Is there any authorization mechanism in libvirt? I've got TLS going so
that only those with a cert signed by my CA are allowed in, but there
appears to be no way for me to only allow them access to certain VMs.
Can I limit folks to specific VMs or VNC ports? Ideally I can allow
access only to those