Web lists-archives.com

Re: Single Sign On for Debian




On Mon, 21 Aug 2017, Georg Faerber wrote:

> On 17-08-21 11:18:05, Enrico Zini wrote:
> > On Sun, Aug 20, 2017 at 04:28:05PM +0000, Luca Filipozzi wrote:
> > 
> > > As expressed during the DC17 DSA and Cloud BoFs, I'm in favour of two
> > > related but orthogonal things:
> > > 1 collapsing user management into a single user store (LDAP)**
> > 
> > I really, really like the idea of having all the accounts in a single
> > LDAP, regardless of the SSO system used.
> > 
> > +1 to that!
> 
> I second that: Using LDAP as a single source of truth. It's also
> possible to store SSH keys etc. in LDAP.
Then someone has to go ahead and develop a complete usermangement for
sso.d.o. As it is we can't work with software that is maybe coming at some
point. Therefore we will start with gitlabs own user management, combined
with debians ldap.

But if you do take in point the following things:

- user self management (lost password, deletion)
- key self management
- api for user manipulation
- oauth2 frontend (sso as oauth2 provider)
- maybe saml frontend (sso as saml provider)

Alex

Attachment: signature.asc
Description: PGP signature