Context Navigation

← Previous Ticket
Next Ticket →

Warning: Can't synchronize with repository "(default)" (/home/git/ome.git does not appear to be a Git repository.). Look in the Trac log for more information.

Notice: In order to edit this ticket you need to be either: a Product Owner, The owner or the reporter of the ticket, or, in case of a Task not yet assigned, a team_member"

Requirement #1936 (new)

Opened 14 years ago

Last modified 8 years ago

Secure Login and Ldap improvements

Reported by:	jamoore	Owned by:	jamoore
Priority:	minor	Milestone:	FacilityManagers
Component:	General	Keywords:	n.a.
Cc:	jburel, atarkowska	Business Value:	300
Total Story Points:	n.a.	Roif:	n.a.
Mandatory Story Points:	n.a.

Description (last modified by jburel)

For logging in to OMERO over hostile networks (especially when using a site-wide password, e.g. from LDAP) it must be guaranteed that no passwords are sent in the clear. Note: This does not yet include certificate-based login (#1747)

Usage

Login screen
By default, only choose server
Click on "advanced settings"
Option one: choose regular (4063) and SSL (4064) ports for server
Option two: Enter manual connection string: "Ice.Default.Router:OMERO.Glacier2/router -p 10000 -h foo:OMERO.Glacier2/router -p 10101 -h ..."

LDAP

LDAP improvements

System administrators should be able to easily and flexibly configure integration with LDAP systems. The current LDAP plugin is limited in how it maps LDAP values and groups to the OMERO ObjectModel.

Usage

The simplest usage might should be:

omero.ldap.plugin=posix
 # or
omero.ldap.plugin=ads

After that, new properties should be added which allow mapping from LDAP to OMERO:

omero.ldap.plugin=group_templates
omero.ldap.group_templates=name=cn;members=(memberOf...)

Insight links for Login

OMERO.insight: See insight#1213

Add "advanced configuration" panel to clients for setting ports and similar. (3 days)

References

References:

→ User Story (#4826): LDAP: 4.3 improvements → User Story (#8344): LDAP-based group support → User Story (#1382): Improve LDAP support → User Story (#1133): ILdap needs to manage groups → User Story (#1747): Configure OMERO for certificate authentication → User Story (#838): Configure OMERO for SSL transport and document use ( Keywords: jboss )

Change History (5)

comment:1 Changed 14 years ago by jmoore

Description modified (diff)

comment:2 Changed 14 years ago by jmoore

Description modified (diff)
Summary changed from Secure Login to Secure Login and Ldap improvements

comment:3 Changed 14 years ago by jburel

Cc jburel atarkowska added

comment:4 Changed 14 years ago by jburel

Description modified (diff)

comment:5 Changed 8 years ago by jburel

Component set to General
Milestone changed from Unscheduled to FacilityManagers
Priority set to minor

Note: See TracTickets for help on using tickets. You may also have a look at Agilo extensions to the ticket.

Download in other formats: