Bug 1120016
| Summary: | RFE: FAS-only authentication | ||||||
|---|---|---|---|---|---|---|---|
| Product: | [Retired] Zanata | Reporter: | Michelle Kim <mkim> | ||||
| Component: | Authentication-Fedora | Assignee: | Carlos Munoz <camunoz> | ||||
| Status: | CLOSED CURRENTRELEASE | QA Contact: | Ding-Yi Chen <dchen> | ||||
| Severity: | medium | Docs Contact: | |||||
| Priority: | unspecified | ||||||
| Version: | unspecified | CC: | camunoz, dchen, sflaniga, zanata-bugs | ||||
| Target Milestone: | --- | ||||||
| Target Release: | 3.4 | ||||||
| Hardware: | Unspecified | ||||||
| OS: | Unspecified | ||||||
| URL: | https://github.com/zanata/zanata-server/pull/536 | ||||||
| Whiteboard: | |||||||
| Fixed In Version: | 3.4.3-SNAPSHOT (git-jenkins-zanata-server-github-pull-requests-1814) | Doc Type: | Bug Fix | ||||
| Doc Text: | Story Points: | 3 | |||||
| Clone Of: | Environment: | ||||||
| Last Closed: | 2014-10-23 04:11:14 UTC | Type: | Bug | ||||
| Regression: | --- | Mount Type: | --- | ||||
| Documentation: | --- | CRM: | |||||
| Verified Versions: | Category: | --- | |||||
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |||||
| Cloudforms Team: | --- | Target Upstream Version: | |||||
| Embargoed: | |||||||
| Bug Depends On: | |||||||
| Bug Blocks: | 1120032 | ||||||
| Attachments: |
|
||||||
|
Description
Michelle Kim
2014-07-16 05:10:25 UTC
To test this, the standalone.xml security configuration for Open Id should look like this (for fedora auth):
<security-domain name="zanata.openid">
<authentication>
<login-module code="org.zanata.security.OpenIdLoginModule" flag="required">
<module-option name="providerURL" value="http://id.fedoraproject.org/"/>
</login-module>
</authentication>
</security-domain>
The provider URL parameter may be changed to any url that accepts open id requests.
Other QA notes: Please check that the other authentication mechanisms (including multi open-id) have not been broken.
See also:
https://github.com/zanata/zanata-server/pull/535
New pull request: https://github.com/zanata/zanata-server/pull/536 Created attachment 922776 [details] Small login Button Tested with Zanata 3.4.3-SNAPSHOT (git-jenkins-zanata-server-github-pull-requests-1803) The login button is small and does not have any button text, otherwise login is no problem. Relative setting in my standalone.xml: <subsystem xmlns="urn:jboss:domain:naming:1.4"> <bindings> <simple name="java:global/zanata/files/document-storage-directory" value="/var/lib/zanata/documents"/> <simple name="java:global/zanata/security/auth-policy-names-INACTIVATED/internal" value="zanata.internal"/> <simple name="java:global/zanata/security/auth-policy-names/openid" value="zanata.openid"/> <simple name="java:global/zanata/security/auth-policy-names-INACTIVATED/jaas" value="zanata.jbosssso"/> <simple name="java:global/zanata/security/admin-users" value="admin"/> <simple name="java:global/zanata/email/default-from-address" value="no-reply"/> </bindings> <remote-naming/> </subsystem> ... <security-domain name="zanata.openid"> <authentication> <login-module code="org.zanata.security.OpenIdLoginModule" flag="required"> <module-option name="providerURL" value="http://id.fedoraproject.org/"/> </login-module> </authentication> </security-domain> <security-domain name="zanata.internal"> <authentication> <login-module code="org.jboss.seam.security.jaas.SeamLoginModule" flag="required"/> </authentication> </security-domain> Fix missing label. Please retest. Tested with Zanata 3.4.3-SNAPSHOT (git-jenkins-zanata-server-github-pull-requests-1807), The button text is correct now. However, I forget to mention that after filling FAS credentials: it does not auto redirect back to Zanata dashboard, you need to manually type the Zanata URL to make it go to the dashboard. There was a missing redirection case for when open id was successfully authenticating a user. See the see also bugs for related bugs that may be closed with this fix. Please retest. VERIFIED with Zanata 3.4.3-SNAPSHOT (git-jenkins-zanata-server-github-pull-requests-1814) |