The Yast module has now been updated to write Proxy User Credentials to

miCASA via the CASAcli to avoid having those credentials in the clear as part of the information present in the iaRealms.xml file.
2007-05-10 16:48:46 +00:00 · 2007-05-10 16:48:46 +00:00 · ad9e7958b5
commit ad9e7958b5
parent 9c139d4a2b
2 changed files with 14 additions and 1 deletions
--- a/CASA-auth-token/yast2-casa-ats/src/CasaAts.ycp
+++ b/CASA-auth-token/yast2-casa-ats/src/CasaAts.ycp
@ -588,6 +588,19 @@ global boolean Write() {
 			exit = ret["exit"]:-1;
 			if (exit != 0)
 				y2error("Failed to set realm " + realmId);
+
+			// Set the Proxy User Credentials in miCASA
+			cmd = sformat("KEYVALUE=\"%1\" sudo -u casaatsd CASAcli --set -n %2 -k CN", proxy_username, realmId);
+			ret = (map) SCR::Execute(.target.bash_output, cmd);
+			exit = ret["exit"]:-1;
+			if (exit != 0)
+				y2error("Failed to set Proxy Username in miCASA for realm " + realmId);
+
+			cmd = sformat("KEYVALUE=\"%1\" sudo -u casaatsd CASAcli --set -n %2 -k Password", proxy_password, realmId);
+			ret = (map) SCR::Execute(.target.bash_output, cmd);
+			exit = ret["exit"]:-1;
+			if (exit != 0)
+				y2error("Failed to set Proxy Password in miCASA for realm " + realmId);
 		});

 		// Adjust firewall as needed
--- a/CASA-auth-token/yast2-casa-ats/src/dialogs.ycp
+++ b/CASA-auth-token/yast2-casa-ats/src/dialogs.ycp
@ -288,7 +288,7 @@ define term LDAPUrlEditDialog(integer id, term currVal) {

 					// Report warning if not using SSL
 					if (scheme == "ldap")
-						Report::Error(_("Not using LDAPS is a security risk"));
+						Report::Warning(_("Not using LDAPS is a security risk"));
 					break;
 				}
 			}