[jira] [Created] (CLOUDSTACK-1213) Not able to integrate LDAP with SSL auth in cloudstack

Fri, 08 Feb 2013 02:17:14 -0800 

madhusudan created CLOUDSTACK-1213:
--------------------------------------

             Summary: Not able to integrate LDAP with SSL auth in cloudstack
                 Key: CLOUDSTACK-1213
                 URL: https://issues.apache.org/jira/browse/CLOUDSTACK-1213
             Project: CloudStack
          Issue Type: Test
      Security Level: Public (Anyone can view this level - this is the default.)
          Components: API
    Affects Versions: 4.0.1
         Environment: Ubuntu 12.04 x64
            Reporter: madhusudan
            Priority: Minor


I have cloudstack 4.0.1-incubating installed and  running successfully.
I tried to run api command using username login.


step1
user login
http://hostname:8080/client/api?command=login&username=admin&password=md5hash

output:
{ "loginresponse" : { "timeout" : "1800", "lastname" : "cloud", "registered" : 
"false", "username" : "admin", "firstname" : "admin", "domainid" : "blablabla", 
"type" : "1", "userid" : "blablabla", "sessionkey" : "blablalbla", "account" : 
"admin" } }


few doubts about login
  Does userid is same as JsessionID..?  if yes then
  Do we have to pass the Jsessionid  along with the URL or the above would do..?
  else
  where can I find the Jsessionid..? (as it is not displaying in the above 
command)
  


step2:

when i run this 
http://hostname:8096/client/api?apikey=blablabla&bindn=%20cn%3DDirectory%20Manager&bindpass=password&command=ldapConfig&hostname=ldapserver&queryfilter=%28%26%28uid%3D%25u%29%29&port=636&searchbase=ou%3Dpeople%2Cdc%3Ddomain%2Cdc%3Dcom&sessionkey=blablabla&ssl=true&truststore=%2Fetc%2Fssl%2FNdomaincert.jks&truststorepass=password&response=json

i get below error

{ "ldapconfigresponse" : 
{"uuidList":[],"errorcode":431,"cserrorcode":4490,"errortext":"Naming 
Exception, check you ldap data ! simple bind failed: LDAPserver:636Caused 
by:sun.security.validator.ValidatorException: PKIX path building failed: 
sun.security.provider.certpath.SunCertPathBuilderException: unable to find 
valid certification path to requested target"} }


I tried to use the certification file(.crt) without password and gave this 
error.


{ "ldapconfigresponse" : 
{"uuidList":[],"errorcode":431,"cserrorcode":4490,"errortext":"If you plan to 
use SSL then you need to configure the trust store."} }

is providing password necessary..?, or am i missing something..?
do you have any better solution for this..? or at-least can redirect me to the 
place where I can get help to integrate LDAP with SSL into cloudstack.






--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira

Reply via email to