You are viewing a plain text version of this content. The canonical link for it is here.
Posted to issues@cloudstack.apache.org by "Rohit Yadav (JIRA)" <ji...@apache.org> on 2015/05/11 17:16:01 UTC
[jira] [Closed] (CLOUDSTACK-1213) Not able to integrate LDAP with
SSL auth in cloudstack
[ https://issues.apache.org/jira/browse/CLOUDSTACK-1213?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Rohit Yadav closed CLOUDSTACK-1213.
-----------------------------------
Resolution: Invalid
This a SSL issue, make sure you're using correct SSL configs.
> Not able to integrate LDAP with SSL auth in cloudstack
> ------------------------------------------------------
>
> Key: CLOUDSTACK-1213
> URL: https://issues.apache.org/jira/browse/CLOUDSTACK-1213
> Project: CloudStack
> Issue Type: Task
> Components: API
> Affects Versions: 4.0.1
> Environment: Ubuntu 12.04 x64
> Reporter: madhusudan
> Priority: Minor
> Labels: LDAP, integration
>
> I have cloudstack 4.0.1-incubating installed and running successfully.
> I tried to run api command using username login.
> step1
> user login
> http://hostname:8080/client/api?command=login&username=admin&password=md5hash
> output:
> { "loginresponse" : { "timeout" : "1800", "lastname" : "cloud", "registered" : "false", "username" : "admin", "firstname" : "admin", "domainid" : "blablabla", "type" : "1", "userid" : "blablabla", "sessionkey" : "blablalbla", "account" : "admin" } }
> few doubts about login
> Does userid is same as JsessionID..? if yes then
> Do we have to pass the Jsessionid along with the URL or the above would do..?
> else
> where can I find the Jsessionid..? (as it is not displaying in the above command)
>
> step2:
> when i run this
> http://hostname:8096/client/api?apikey=blablabla&bindn=%20cn%3DDirectory%20Manager&bindpass=password&command=ldapConfig&hostname=ldapserver&queryfilter=%28%26%28uid%3D%25u%29%29&port=636&searchbase=ou%3Dpeople%2Cdc%3Ddomain%2Cdc%3Dcom&sessionkey=blablabla&ssl=true&truststore=%2Fetc%2Fssl%2FNdomaincert.jks&truststorepass=password&response=json
> i get below error
> { "ldapconfigresponse" : {"uuidList":[],"errorcode":431,"cserrorcode":4490,"errortext":"Naming Exception, check you ldap data ! simple bind failed: LDAPserver:636Caused by:sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target"} }
> I tried to use the certification file(.crt) without password and gave this error.
> { "ldapconfigresponse" : {"uuidList":[],"errorcode":431,"cserrorcode":4490,"errortext":"If you plan to use SSL then you need to configure the trust store."} }
> is providing password necessary..?, or am i missing something..?
> do you have any better solution for this..? or at-least can redirect me to the place where I can get help to integrate LDAP with SSL into cloudstack.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)