If you connect to any sites with the blogs.princeton.edu domain via a secure (SSL) connection (ex. https://blogs.princeton.edu), you should see a lock icon in either the bottom status bar or the top title bar of your browser. If you click on that icon, you can now view the Thawte-verified certificate information for this site.
What this means is that we are now ready, upon request, to create LDAP password-protected blogs, requiring users to connect via a secure connection (
https://). This way LDAP passwords won’t be sent over the network “in the clear” for users who visit those secured blogs, and those visitors will not have to click through any ominous “this is not a trusted site” dialogs.
One caveat is that on-campus users who try to use the shortcut https://blogs/ to connect to https://blogs.princeton.edu/ will see a warning dialog that states that you have attempted to connect to blogs; however, the security certificate presented belongs to blogs.princeton.edu.
Clarification: The LDAP integration is only for password-protecting an individual weblog’s pages and/or associated files. It is done at the Apache server level and uses an “.htaccess” file that we can create upon request. Unfortunately, we do not yet have any way to use LDAP to manage netIDs and passwords for author log-ins to the Movable Type admin interface.