Uploaded image for project: 'OpenDJ'
  1. OpenDJ
  2. OPENDJ-7355

Provide a "proxied-server" setup profile for servers that sit behind a proxy

    Details

    • Type: New Feature
    • Status: QA Backlog
    • Priority: Major
    • Resolution: Unresolved
    • Affects Version/s: 7.0.0
    • Fix Version/s: 7.0.0
    • Component/s: proxy, setup
    • Labels:
      None

      Description

      The procedure for preparing a server so that it can sit behind a proxy is quite complicated:

      The proxied-server profile should:

      • add a uid=proxy service account supporting mutual TLS and providing sufficient access controls to perform proxied authorization and service discovery
      • add a global ACI allowing the proxy user to proxy as any other user (we could try to restrict the scope a little by passing in a list of base DNs, but this seems over complicated).

        Attachments

          Issue Links

            Activity

              People

              • Assignee:
                matthew Matthew Swift
                Reporter:
                matthew Matthew Swift
                Dev Assignee:
                Matthew Swift
              • Votes:
                0 Vote for this issue
                Watchers:
                0 Start watching this issue

                Dates

                • Created:
                  Updated: