You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@cloudstack.apache.org by Erdősi Péter <fa...@niif.hu> on 2013/10/21 19:27:05 UTC
ACS 4.2 shibboleth
Dear,
Does anyone know about working shibboleth authentication in ACS (4.2)?
Thanks,
Peter
Re: ACS 4.2 shibboleth
Posted by Erdősi Péter <fa...@niif.hu>.
Hi,
I'll need to auth by shibboleth cause impossible to connect all ldap
servers in eduid alliance.
So yes, some kind of plugin would be very welcome :)
Regards,
Fazy
2013.10.22. 11:20 keltezéssel, Sebastien Goasguen írta:
> On Oct 21, 2013, at 2:02 PM, Ian Duffy <ia...@ianduffy.ie> wrote:
>
>> Hi,
>>
>> As far as I'm aware there is no shibboleth authentication.
>>
> A shibboleth plugin would be very welcome :)
>
>> However, you can hook directly up to LDAP.
>>
>>
>> On 21 October 2013 18:27, Erdősi Péter <fa...@niif.hu> wrote:
>>
>>> Dear,
>>>
>>> Does anyone know about working shibboleth authentication in ACS (4.2)?
>>>
>>> Thanks,
>>> Peter
>>>
>>>
Re: ACS 4.2 shibboleth
Posted by Sebastien Goasguen <ru...@gmail.com>.
On Oct 21, 2013, at 2:02 PM, Ian Duffy <ia...@ianduffy.ie> wrote:
> Hi,
>
> As far as I'm aware there is no shibboleth authentication.
>
A shibboleth plugin would be very welcome :)
> However, you can hook directly up to LDAP.
>
>
> On 21 October 2013 18:27, Erdősi Péter <fa...@niif.hu> wrote:
>
>> Dear,
>>
>> Does anyone know about working shibboleth authentication in ACS (4.2)?
>>
>> Thanks,
>> Peter
>>
>>
Re: ACS 4.2 shibboleth
Posted by Ian Duffy <ia...@ianduffy.ie>.
Hi,
As far as I'm aware there is no shibboleth authentication.
However, you can hook directly up to LDAP.
On 21 October 2013 18:27, Erdősi Péter <fa...@niif.hu> wrote:
> Dear,
>
> Does anyone know about working shibboleth authentication in ACS (4.2)?
>
> Thanks,
> Peter
>
>
Re: ACS 4.2 shibboleth
Posted by Ian Duffy <ia...@ianduffy.ie>.
Hi Peter,
>From my knowledge your second idea should be doable with as a "quick n
dirty" solution.
As you are already aware when a user hits command?login with successful
credentials a session key is returned, this session key is stored within a
cookie and passed with every command.
Along with this a JSESSIONID is generated.
Assuming you can capture this data(SessionKey and JSESSIONID) and create a
cookie valid for your management servers domain prior to the user accessing
the UI they will be greeted with the dashboard instead of the login page.
Hope this is of use,
Ian
On 28 October 2013 13:11, Erdősi Péter <fa...@niif.hu> wrote:
> Dear,
>
> I thinking about a "quick n' dirty" ~SSO solution.
> First idea is, to make user capable to reach a page after auth, which can
> create new user trought api.
> This concept looks workable, but it's really dirty :)
>
> Another idea is, to make users capable to login via url request.
> If i open this url, I can see loginresponse, and my session key:
> client/api?command=login&**username=admin&password=**
> PASSW0RD&domain=%2F&response=**json
>
> Are there any way, to use this info (session key practically) to jump the
> login page?
>
> Thanks:
> Peter
>
>
>
> 2013.10.21. 19:27 keltezéssel, Erdősi Péter írta:
>
> Dear,
>>
>> Does anyone know about working shibboleth authentication in ACS (4.2)?
>>
>> Thanks,
>> Peter
>>
>>
>
Re: ACS 4.2 shibboleth
Posted by Erdősi Péter <fa...@niif.hu>.
Dear,
I thinking about a "quick n' dirty" ~SSO solution.
First idea is, to make user capable to reach a page after auth, which
can create new user trought api.
This concept looks workable, but it's really dirty :)
Another idea is, to make users capable to login via url request.
If i open this url, I can see loginresponse, and my session key:
client/api?command=login&username=admin&password=PASSW0RD&domain=%2F&response=json
Are there any way, to use this info (session key practically) to jump
the login page?
Thanks:
Peter
2013.10.21. 19:27 keltezéssel, Erdősi Péter írta:
> Dear,
>
> Does anyone know about working shibboleth authentication in ACS (4.2)?
>
> Thanks,
> Peter
>