Web lists-archives.com

Re: Single Sign On for Debian




On Mon, Aug 21, 2017 at 04:35:59PM -0700, Raoul Snyman wrote:
> On 2017-08-21 5:48, Alexander Wirt wrote:
> > > I second that: Using LDAP as a single source of truth. It's also
> > > possible to store SSH keys etc. in LDAP.
> > Then someone has to go ahead and develop a complete usermangement for
> > sso.d.o. As it is we can't work with software that is maybe coming at
> > some
> > point. Therefore we will start with gitlabs own user management,
> > combined
> > with debians ldap.
> > 
> > But if you do take in point the following things:
> > 
> > - user self management (lost password, deletion)
> > - key self management
> > - api for user manipulation
> > - oauth2 frontend (sso as oauth2 provider)
> > - maybe saml frontend (sso as saml provider)
> 
> Has anyone looked at Keycloak? http://www.keycloak.org/

I have and deployed it for others in production. Not an unreasonable
option.

-- 
Luca Filipozzi