incubator-cloudstack-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Javier Ayllon (JIRA)" <j...@apache.org>
Subject [jira] [Comment Edited] (CLOUDSTACK-1069) Document workaround for: CS and LDAP user validation can't happen simultaneously
Date Tue, 26 Feb 2013 10:44:12 GMT

    [ https://issues.apache.org/jira/browse/CLOUDSTACK-1069?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13586998#comment-13586998
] 

Javier Ayllon edited comment on CLOUDSTACK-1069 at 2/26/13 10:42 AM:
---------------------------------------------------------------------

Tried the propossed solution with cloud-server-4.0.0-0.140.el6.4.0.x86_64 and  
<adapter name="MD5" class="com.cloud.server.auth.PlainTextUserAuthenticator"/>
gave as result the log message 
Unable to find class: com.cloud.server.auth.com.cloud.server.auth.PlainTextUserAuthenticator
So left it again as 
<adapter name="MD5" class="com.cloud.server.auth.MD5UserAuthenticator"/> 

Just changed this line 
var md5HashedLogin = false; 
and worked with Active Directory integration.



                
      was (Author: javier.ayllon):
    Tried the propossed solution and  
<adapter name="MD5" class="com.cloud.server.auth.PlainTextUserAuthenticator"/>
gave as result the log message 
Unable to find class: com.cloud.server.auth.com.cloud.server.auth.PlainTextUserAuthenticator
So left it again as 
<adapter name="MD5" class="com.cloud.server.auth.MD5UserAuthenticator"/> 

Just changed this line 
var md5HashedLogin = false; 
and worked with Active Directory integration.




                  
> Document workaround for: CS and LDAP user validation can't happen simultaneously
> --------------------------------------------------------------------------------
>
>                 Key: CLOUDSTACK-1069
>                 URL: https://issues.apache.org/jira/browse/CLOUDSTACK-1069
>             Project: CloudStack
>          Issue Type: Bug
>      Security Level: Public(Anyone can view this level - this is the default.) 
>          Components: Doc
>    Affects Versions: 4.0.0
>            Reporter: Jessica Tomechak
>            Assignee: Hugo Trippaers
>            Priority: Minor
>
> Add the following to the section on LDAP Authentication in the Admin Guide:
> LDAP User Authentication
> Limitation
> CloudStack and LDAP user authentication can't happen simultaneously because the CloudStack
user password is MD5 hashed and the LDAP server expects the password in plain text. To workaround:

> 1. Disable password hashing:
> a. Open the sharedFunctions.js file located at /usr/share/cloud/management/webapps/client/
> scripts.
> b. Set the following variables to false:
> var md5HashedLogin = false;
> 2. Open /etc/cloud/management/components.xml file.
> 3. Change the following:
> <adapter name="MD5" class="com.cloud.server.auth.MD5UserAuthenticator"/>
> to
> <adapter name="MD5" class="com.cloud.server.auth.PlainTextUserAuthenticator"/>
> 4. Restart the Cloud Management service.
> service cloud-management restart
> Now, the users can successfully log in by using either the LDAP credentials or the CloudStack
credentials.

--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira

Mime
View raw message