Mailing Lists: Apple Mailing Lists
Image of Mac OS face in stamp
 
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Clear Text Auth breaks Podcast Producer

Ahh but there's the kicker.  pcast_post2groupblog uses the Groups Admin User and the Groups Admin User Password which is encrypted to authenticate to the webserver for posting.  The only AD attribute sent in clear text even with ClearTextAuth=Yes is the user short name of the posting user.
I still see this as an issue with the pcast_post2groupblog script using XML RPC Digest auth only.  The entire authentication sub relies on Digest auth and if the web server is looking for basic it breaks.  If someone was able to write a new authentication sub I would say it would work just fine.
I did have to do some digging to make sure there weren't any clear text passwords floating around though.  That part scared me a little.

Mike


On Feb 29, 2008, at 11:16 AM, Don Rainwater wrote:

From what I understand of this, the AD plugin for Directory Services doesn't work with digest authentication, and letting Podcast Producer push jobs around the Xgrid with cleartext passwords is considered too much of a security risk.  For testing purposes, you can get around this by disabling cleartext authentication in the wiki service, running your Podcast Producer job, then re-enabling cleartext authentication. This is fine for seeing if your PcP setup is working, but of course it's not practical for real-world use.


On Feb 29, 2008, at 12:31 PM, rdeemin1 wrote:

I'm hoping someone has an answer to this.
We are using Server 10.5.2 and are bound to Active Directory.
When I enable clear text authentication so our AD users can log into the
wiki and blog, Podcast Producer will no longer work or post. It fails at
writing to the groupblog. I assume it because Podcast Produer uses Kerberos.
If anyone has any suggestions or answers it would be greatly appreciated.
Thanks,
Russ Deeming

--
Don Rainwater, Technology Manager
University of Cincinnati, UCit

_______________________________________________
Do not post admin requests to the list. They will be ignored.
Podcast-producer mailing list      (email@hidden)
Help/Unsubscribe/Update your Subscription:
http://lists.apple.com/mailman/options/podcast-producer/email@hidden

This email sent to email@hidden

Michael Loether
System and Network Manager
Arizona Western College
928-317-6409


 

 _______________________________________________
Do not post admin requests to the list. They will be ignored.
Podcast-producer mailing list      (email@hidden)
Help/Unsubscribe/Update your Subscription:
http://lists.apple.com/mailman/options/podcast-producer/email@hidden

This email sent to email@hidden
References: 
 >Clear Text Auth breaks Podcast Producer (From: rdeemin1 <email@hidden>)
 >Re: Clear Text Auth breaks Podcast Producer (From: Don Rainwater <email@hidden>)



Visit the Apple Store online or at retail locations.
1-800-MY-APPLE

Contact Apple | Terms of Use | Privacy Policy

Copyright © 2007 Apple Inc. All rights reserved.