[OTDev] OpenSSO now secure
Micha Rautenberg mr at mrautenberg.deThu Jun 10 10:40:41 CEST 2010
- Previous message: [OTDev] OpenSSO now secure
- Next message: [OTDev] OpenSSO now secure
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Hi Andy, thanks, it works fine with ruby the ruby-code: resource=RestClient::Resource.new("https://opensso.in-silico.ch/opensso/identity/authenticate?uri=service=openldap") resource.post(:username=>user,:password=>pw) throws an error or returns a token-string best, micha Andreas Maunz schrieb: > Hi all, > > connections to the OpenSSO service at opensso.in-silico.ch can now be > made secure by using SSL. > Submit your user credentials safely and obtain a token: > > **************************************************************** > am at z21:~/aa$ curl -v -k -i -d "username=amaunz&password=secret" > https://opensso.in-silico.ch/opensso/identity/authenticate?uri=service=openldap > > * About to connect() to opensso.in-silico.ch port 443 (#0) > * Trying 178.63.18.76... connected > * Connected to opensso.in-silico.ch (178.63.18.76) port 443 (#0) > * successfully set certificate verify locations: > * CAfile: none > CApath: /etc/ssl/certs > * SSLv3, TLS handshake, Client hello (1): > * SSLv3, TLS handshake, Server hello (2): > * SSLv3, TLS handshake, CERT (11): > * SSLv3, TLS handshake, Server finished (14): > * SSLv3, TLS handshake, Client key exchange (16): > * SSLv3, TLS change cipher, Client hello (1): > * SSLv3, TLS handshake, Finished (20): > * SSLv3, TLS change cipher, Client hello (1): > * SSLv3, TLS handshake, Finished (20): > * SSL connection using AES256-SHA > * Server certificate: > * subject: C=CH; ST=Some-State; L=Basel; O=in silico toxicology; > CN=Christoph Helma; emailAddress=helma at in-silico.ch > * start date: 2010-06-09 16:38:59 GMT > * expire date: 2020-06-06 16:38:59 GMT > * common name: Christoph Helma (does not match > 'opensso.in-silico.ch') > * issuer: C=CH; ST=Some-State; L=Basel; O=in silico toxicology; > CN=Christoph Helma; emailAddress=helma at in-silico.ch > * SSL certificate verify result: self signed certificate (18), > continuing anyway. >> POST /opensso/identity/authenticate?uri=service=openldap HTTP/1.1 >> User-Agent: curl/7.19.7 (i486-pc-linux-gnu) libcurl/7.19.7 >> OpenSSL/0.9.8k zlib/1.2.3.3 libidn/1.15 >> Host: opensso.in-silico.ch >> Accept: */* >> Content-Length: 32 >> Content-Type: application/x-www-form-urlencoded >> > < HTTP/1.1 200 OK > HTTP/1.1 200 OK > < Server: nginx/0.6.32 > Server: nginx/0.6.32 > < Date: Thu, 10 Jun 2010 08:12:27 GMT > Date: Thu, 10 Jun 2010 08:12:27 GMT > < Content-Type: text/plain;charset=UTF-8 > Content-Type: text/plain;charset=UTF-8 > < Connection: keep-alive > Connection: keep-alive > < Content-Length: 72 > Content-Length: 72 > > < > token.id=AQIC5wM2LY4SfcyyY3V7C7qD1FD2ZoktJHsYKEKE8g+wXys=@AAJTSQACMDE=# > * Connection #0 to host opensso.in-silico.ch left intact > * Closing connection #0 > * SSLv3, TLS alert, Client hello (1): > **************************************************************** > > As you can see, a special switch (-k) is still required to allow > connections using the self-signed certificate from Christoph. We might > improve on this by using a free certificate from startssl.com, which > clients trust. > > Moreover, connections without SSL still work as usual. > > Greetings > Andreas >
- Previous message: [OTDev] OpenSSO now secure
- Next message: [OTDev] OpenSSO now secure
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
More information about the Development mailing list