[ngw] restrict who subscribes to calendar

Matt Weisberg matt at weisberg.net
Mon Feb 9 21:28:21 UTC 2015


For it to work with NAM, you have to use non-redirected authentication 
on the MAG.  You don't need identity injection, there is no where to 
inject an identity, so that won't do any good.  The whole point of using 
NAM in the first place is to protect GWCAL because it cannot do 
authentication.

This works, I've set it up for a few customers and it solves the 
security problem without relying on "security by obscurity".

However, there really should be an auth mechanism in the calendar 
publisher, no real excuse there.


Matt

> PG <mailto:petim123 at gmail.com>
> February 9, 2015 at 11:55 AM
> Sry I lost a few days in replying.
> I'm seeing 2 problems.
> 1) I can subscribe to my own calendar from a couple different resource
> accounts but subscribing to resource account calendars, either from my
> account or other resources accounts, mostly doesn't connect (General
> Failure) or doesn't update.
> 2) I'm required to run access to calendar through our Novell Access
> Manager. Unfortunately I don't have any knowledge of or control over NAM.
> Our admin tried to setup identity injection for the gwcal page but that
> didn't work; I kept getting "too many redirect" messages and "unable to
> authenticate" messages. Since then he changed NAM to be secure
> name/password security and that shows me the list of calendars. But when I
> subscribe, I'm getting mixed result on updating.
>
> My requirement is for a VIP's calendar to be accessible so his staff can
> see his calendar on their mobile devices. But no one else can be allowed
> to see his calendar.
> I can send the Subscribe invitation so your idea may be the best for the
> "security" of it. Now if I can just figure out why is the connecting and
> updating not consistent, then our VIP will be less unhappy.
>
> Thanks David and others for your suggestions
> Peter
>
> _______________________________________________
> ngw mailing list
> ngw at ngwlist.com
> http://ngwlist.com/mailman/listinfo/ngw
> Joseph Marton <mailto:jmmarton at gmail.com>
> February 5, 2015 at 4:06 PM
> That's what I've recommended to those who wanted it a bit more secure.
>
> Joe
>
> On Thu, Feb 5, 2015 at 1:57 PM, David Gerisch <DGerisch at co.tulare.ca.us>
> _______________________________________________
> ngw mailing list
> ngw at ngwlist.com
> http://ngwlist.com/mailman/listinfo/ngw
> David Gerisch <mailto:DGerisch at co.tulare.ca.us>
> February 5, 2015 at 2:57 PM
> I've heard another tack, which is essentially security through 
> obscurity. If you turn off the Browse List, then the Calendar 
> Publishing host does not show people the available calendars - you 
> have to find and disseminate the amazingly long and random URL 
> manually to only those people who should have access.
>
> David Gerisch
>
> Hello
> I hope this isn't one of those answers that is staring me right in the
> face, if so I apologize.
>
> I have a VIP that wants to have a limited number of staff to view his
> calendar on their mobile devices. But only these few staff, no one else
> should have any access to the calendar.
>
> Is it possible to limit who can view and subscribe to published calendars?
> Does anyone else have this issue and how do you get security?
>
> Thank you
> Peter
> _______________________________________________
> ngw mailing list
> ngw at ngwlist.com
> http://ngwlist.com/mailman/listinfo/ngw
>
> _______________________________________________
> ngw mailing list
> ngw at ngwlist.com
> http://ngwlist.com/mailman/listinfo/ngw

-- 

Matt Weisberg
Weisberg Consulting, Inc.
matt at weisberg.net
www.weisberg.net
ofc. 248.685.1970
cell 248.705.1950
fax 248.769.5963<http://www.getpostbox.com>


More information about the ngw mailing list