Menu
▾
▴
Re: [Ejbca-develop] Using LDAP as EndEntity DB?
|
From: Juan C. <ju...@re...> - 2012-10-22 17:01:26
|
Thank you! As I could see, all the API (EJB, WS) needs an username and password to do findUser() into the EJBCA's user-table. I need to generate certificates to users that aren´t into the EJBCA's user-table, so I will do a web app to authenticate the user ans then If the user don't exist in the EJBCA's DB, I will create them with the createUser API (using the LDAP's CN as username and a fixed password) and then I could call the generatePKCS10Req to get the cert. This is the only way that I could find to integrate an external LDAP with EJBCA. This is a good approach or there is any other method which could be better? Thank you! 2012/10/22 Tomas Gustavsson <to...@pr...> > > Hi, > > As it says in the doc, > > http://www.ejbca.org/adminguide.html#Framework%20for%20External%20User%20Data%20Sources > . > There is no admin GUI support for using UserDataSources to import data. > > Currently there is no trivial way to avoid duplication between the two > databases. There are plenty of good integration options however to > integrate both back and forward to/from EJBCA. For example when managing > users in your other tool, what is needed din EJBCA will happen > automagically. > > Cheers, > Tomas > > On 10/21/2012 05:58 AM, Juan Caracoche wrote: > > Hi all, > > I have a LDAP directory with several users and I need to setup a CA to > > generate certificates for those persons. > > > > As I can saw, to enroll a browser cert, a username/password is required > > because, in the CertificateData table, there is an association between > > the username and the cert. > > > > I developed a CustomUserDataSource hoping that the EJBCA will ask it for > > the user but I couldn't figure out how to do that because my > > CustomUserDataSource wasn't executed. Additionally, the > > CustomUserDataSource... It should be executed with the search end entity > > form? > > > > I already have a publisher to update de LDAP but I want to know if there > > is any way to integrate an external User DB (LDAP) to generate browser > > certificates. I don't want to have the user duplicated (LDAP and EJBCA's > > UserData table). > > > > I will appreciate your answer... > > > > Thank you > > > > Juan > > > > > > > ------------------------------------------------------------------------------ > > Everyone hates slow websites. So do we. > > Make your web apps faster with AppDynamics > > Download AppDynamics Lite for free today: > > http://p.sf.net/sfu/appdyn_sfd2d_oct > > > > > > > > _______________________________________________ > > Ejbca-develop mailing list > > Ejb...@li... > > https://lists.sourceforge.net/lists/listinfo/ejbca-develop > > > > > > ------------------------------------------------------------------------------ > Everyone hates slow websites. So do we. > Make your web apps faster with AppDynamics > Download AppDynamics Lite for free today: > http://p.sf.net/sfu/appdyn_sfd2d_oct > _______________________________________________ > Ejbca-develop mailing list > Ejb...@li... > https://lists.sourceforge.net/lists/listinfo/ejbca-develop > -- Juan Caracoche | Business Developer jua...@re... Mobile: +54.911.4198.8941 www.redb.ee |
