| Summary: | [RFE] re-implement SSO solution based on JRS new SSO interface | ||
|---|---|---|---|
| Product: | [Retired] oVirt | Reporter: | Yaniv Lavi <ylavi> |
| Component: | ovirt-engine-reports | Assignee: | Juan Hernández <juan.hernandez> |
| Status: | CLOSED CURRENTRELEASE | QA Contact: | |
| Severity: | high | Docs Contact: | |
| Priority: | unspecified | ||
| Version: | 3.3 | CC: | acathrow, bazulay, iheim, pstehlik, yeylon |
| Target Milestone: | --- | Keywords: | FutureFeature, Triaged |
| Target Release: | 3.4.0 | ||
| Hardware: | x86_64 | ||
| OS: | Linux | ||
| Whiteboard: | infra | ||
| Fixed In Version: | Doc Type: | Enhancement | |
| Doc Text: | Story Points: | --- | |
| Clone Of: | Environment: | ||
| Last Closed: | 2014-01-09 10:36:28 UTC | Type: | Bug |
| Regression: | --- | Mount Type: | --- |
| Documentation: | --- | CRM: | |
| Verified Versions: | Category: | --- | |
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
| Cloudforms Team: | --- | Target Upstream Version: | |
|
Description
Yaniv Lavi
2013-10-27 16:31:54 UTC
I have been looking at the information about the new authentication interfaces provided by Jasper. What I see there is that they provide mechanism to authenticate users with external systems, like LDAP, or custom systems. But this is something that happens *after* Jasper has asked the user for his credentials, so it isn't usable for SSO purposes. For SSO we need to tell Jasper to not ask for credentials, but to trust the ones already provided by the user to the oVirt portal. In these regards what they provide (according to the documentation) is the "pre auth" filters. That is what we are using in the current SSO solution. So I would say that we don't need to change anything. Thanks Juan. Barak, I'm closing this case, since there isn't seem to be any update needed. Yaniv |