Magma Security (uid/pwd)
Udo.Schneider at homeaddress.de
Mon Feb 23 17:14:05 UTC 2009
Miguel Enrique Cobá Martínez schrieb:
Thank for your help.
> I think that Magma doesn't have this functionality (yet). But you could
> work around the problem in the OS layer, that is, you can use a firewall
> that filters IP for you. At least this would let you work until magma
> can filter source IP from clients.
That's what I'm doing right now. However we plan to seperate the seaside
frontends from the magma backend(s). The current idea is to run the
seaside frontends on dynamically allocated amazon EC2 instances - so we
won't know the allowed IP. Maybe I have to patch our iptables script to
include the EC2 instance IP dynamically.
> BTW, the IP can be faked, without your server noticing it. The right way
> to filter clients it is using client certificates.
The word "security" seems to open a whole can of problems :-)
More information about the Magma