You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@cloudstack.apache.org by "madhusudan (JIRA)" <ji...@apache.org> on 2013/02/08 11:17:12 UTC
[jira] [Created] (CLOUDSTACK-1213) Not able to integrate LDAP with
SSL auth in cloudstack
madhusudan created CLOUDSTACK-1213:
--------------------------------------
Summary: Not able to integrate LDAP with SSL auth in cloudstack
Key: CLOUDSTACK-1213
URL: https://issues.apache.org/jira/browse/CLOUDSTACK-1213
Project: CloudStack
Issue Type: Test
Security Level: Public (Anyone can view this level - this is the default.)
Components: API
Affects Versions: 4.0.1
Environment: Ubuntu 12.04 x64
Reporter: madhusudan
Priority: Minor
I have cloudstack 4.0.1-incubating installed and running successfully.
I tried to run api command using username login.
step1
user login
http://hostname:8080/client/api?command=login&username=admin&password=md5hash
output:
{ "loginresponse" : { "timeout" : "1800", "lastname" : "cloud", "registered" : "false", "username" : "admin", "firstname" : "admin", "domainid" : "blablabla", "type" : "1", "userid" : "blablabla", "sessionkey" : "blablalbla", "account" : "admin" } }
few doubts about login
Does userid is same as JsessionID..? if yes then
Do we have to pass the Jsessionid along with the URL or the above would do..?
else
where can I find the Jsessionid..? (as it is not displaying in the above command)
step2:
when i run this
http://hostname:8096/client/api?apikey=blablabla&bindn=%20cn%3DDirectory%20Manager&bindpass=password&command=ldapConfig&hostname=ldapserver&queryfilter=%28%26%28uid%3D%25u%29%29&port=636&searchbase=ou%3Dpeople%2Cdc%3Ddomain%2Cdc%3Dcom&sessionkey=blablabla&ssl=true&truststore=%2Fetc%2Fssl%2FNdomaincert.jks&truststorepass=password&response=json
i get below error
{ "ldapconfigresponse" : {"uuidList":[],"errorcode":431,"cserrorcode":4490,"errortext":"Naming Exception, check you ldap data ! simple bind failed: LDAPserver:636Caused by:sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target"} }
I tried to use the certification file(.crt) without password and gave this error.
{ "ldapconfigresponse" : {"uuidList":[],"errorcode":431,"cserrorcode":4490,"errortext":"If you plan to use SSL then you need to configure the trust store."} }
is providing password necessary..?, or am i missing something..?
do you have any better solution for this..? or at-least can redirect me to the place where I can get help to integrate LDAP with SSL into cloudstack.
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira