[OTDev] OpenSSO now secure
Micha Rautenberg mr at mrautenberg.deThu Jun 10 10:40:41 CEST 2010
- Previous message: [OTDev] OpenSSO now secure
- Next message: [OTDev] OpenSSO now secure
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Hi Andy,
thanks, it works fine with ruby
the ruby-code:
resource=RestClient::Resource.new("https://opensso.in-silico.ch/opensso/identity/authenticate?uri=service=openldap")
resource.post(:username=>user,:password=>pw)
throws an error or returns a token-string
best, micha
Andreas Maunz schrieb:
> Hi all,
>
> connections to the OpenSSO service at opensso.in-silico.ch can now be
> made secure by using SSL.
> Submit your user credentials safely and obtain a token:
>
> ****************************************************************
> am at z21:~/aa$ curl -v -k -i -d "username=amaunz&password=secret"
> https://opensso.in-silico.ch/opensso/identity/authenticate?uri=service=openldap
>
> * About to connect() to opensso.in-silico.ch port 443 (#0)
> * Trying 178.63.18.76... connected
> * Connected to opensso.in-silico.ch (178.63.18.76) port 443 (#0)
> * successfully set certificate verify locations:
> * CAfile: none
> CApath: /etc/ssl/certs
> * SSLv3, TLS handshake, Client hello (1):
> * SSLv3, TLS handshake, Server hello (2):
> * SSLv3, TLS handshake, CERT (11):
> * SSLv3, TLS handshake, Server finished (14):
> * SSLv3, TLS handshake, Client key exchange (16):
> * SSLv3, TLS change cipher, Client hello (1):
> * SSLv3, TLS handshake, Finished (20):
> * SSLv3, TLS change cipher, Client hello (1):
> * SSLv3, TLS handshake, Finished (20):
> * SSL connection using AES256-SHA
> * Server certificate:
> * subject: C=CH; ST=Some-State; L=Basel; O=in silico toxicology;
> CN=Christoph Helma; emailAddress=helma at in-silico.ch
> * start date: 2010-06-09 16:38:59 GMT
> * expire date: 2020-06-06 16:38:59 GMT
> * common name: Christoph Helma (does not match
> 'opensso.in-silico.ch')
> * issuer: C=CH; ST=Some-State; L=Basel; O=in silico toxicology;
> CN=Christoph Helma; emailAddress=helma at in-silico.ch
> * SSL certificate verify result: self signed certificate (18),
> continuing anyway.
>> POST /opensso/identity/authenticate?uri=service=openldap HTTP/1.1
>> User-Agent: curl/7.19.7 (i486-pc-linux-gnu) libcurl/7.19.7
>> OpenSSL/0.9.8k zlib/1.2.3.3 libidn/1.15
>> Host: opensso.in-silico.ch
>> Accept: */*
>> Content-Length: 32
>> Content-Type: application/x-www-form-urlencoded
>>
> < HTTP/1.1 200 OK
> HTTP/1.1 200 OK
> < Server: nginx/0.6.32
> Server: nginx/0.6.32
> < Date: Thu, 10 Jun 2010 08:12:27 GMT
> Date: Thu, 10 Jun 2010 08:12:27 GMT
> < Content-Type: text/plain;charset=UTF-8
> Content-Type: text/plain;charset=UTF-8
> < Connection: keep-alive
> Connection: keep-alive
> < Content-Length: 72
> Content-Length: 72
>
> <
> token.id=AQIC5wM2LY4SfcyyY3V7C7qD1FD2ZoktJHsYKEKE8g+wXys=@AAJTSQACMDE=#
> * Connection #0 to host opensso.in-silico.ch left intact
> * Closing connection #0
> * SSLv3, TLS alert, Client hello (1):
> ****************************************************************
>
> As you can see, a special switch (-k) is still required to allow
> connections using the self-signed certificate from Christoph. We might
> improve on this by using a free certificate from startssl.com, which
> clients trust.
>
> Moreover, connections without SSL still work as usual.
>
> Greetings
> Andreas
>
- Previous message: [OTDev] OpenSSO now secure
- Next message: [OTDev] OpenSSO now secure
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
More information about the Development mailing list