Requirement #1936 (new)
Secure Login and Ldap improvements
|Reported by:||jamoore||Owned by:||jamoore|
|Cc:||jburel, atarkowska||Business Value:||300|
|Total Story Points:||n.a.||Roif:||n.a.|
|Mandatory Story Points:||n.a.|
Description (last modified by jburel)
For logging in to OMERO over hostile networks (especially when using a site-wide password, e.g. from LDAP) it must be guaranteed that no passwords are sent in the clear. Note: This does not yet include certificate-based login (#1747)
- Login screen
- By default, only choose server
- Click on "advanced settings"
- Option one: choose regular (4063) and SSL (4064) ports for server
- Option two: Enter manual connection string: "Ice.Default.Router:OMERO.Glacier2/router -p 10000 -h foo:OMERO.Glacier2/router -p 10101 -h ..."
System administrators should be able to easily and flexibly configure integration with LDAP systems. The current LDAP plugin is limited in how it maps LDAP values and groups to the OMERO ObjectModel.
The simplest usage might should be:
omero.ldap.plugin=posix # or omero.ldap.plugin=ads
After that, new properties should be added which allow mapping from LDAP to OMERO:
Insight links for Login
OMERO.insight: See insight#1213
- Add "advanced configuration" panel to clients for setting ports and similar. (3 days)
Change History (5)
comment:2 Changed 10 years ago by jmoore
- Description modified (diff)
- Summary changed from Secure Login to Secure Login and Ldap improvements