Bug 1817215

Summary: Admin must be able to provide all the client ids involved inside Satellite settings.
Product: Red Hat Satellite Reporter: Rahul Bajaj <rabajaj>
Component: AuthenticationAssignee: Rahul Bajaj <rabajaj>
Status: CLOSED ERRATA QA Contact: Omkar Khatavkar <okhatavk>
Severity: high Docs Contact:
Priority: unspecified    
Version: 6.7.0CC: apatel, egolov, mhulan, okhatavk, rabajaj, tbrisker
Target Milestone: 6.8.0Keywords: Triaged
Target Release: Unused   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: foreman-2.1.0-0 Doc Type: If docs needed, set a value
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2020-10-27 13:01:14 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Description Rahul Bajaj 2020-03-25 20:01:55 UTC 
Description of problem:
Admin needs to change the setting oidc_audience value each time a user uses different client id.

Version-Release number of selected component (if applicable):


Steps to Reproduce:
1. Create 2 clients on RHSSO, one for hammer and other for Satellite
2. Try to login from both the platforms

Actual results:
Admin is being able to provide just one audiance right now.

Expected results:
Admin must be able to provide all the client ids involved inside Satellite settings.
Comment 3 Bryan Kearney 2020-03-25 22:03:00 UTC 
Upstream bug assigned to rabajaj
Comment 4 Bryan Kearney 2020-03-25 22:03:02 UTC 
Upstream bug assigned to rabajaj
Comment 5 Bryan Kearney 2020-03-30 20:03:02 UTC 
Moving this bug to POST for triage into Satellite 6 since the upstream issue https://projects.theforeman.org/issues/29386 has been resolved.
Comment 7 Omkar Khatavkar 2020-05-27 11:28:09 UTC 
'oidc_audience' settings now contain the list, after applying both audiences specific to UI and Hammer, I was able to login using the hammer (two factors) mentioned steps are here https://access.redhat.com/documentation/en-us/red_hat_satellite/6.7/html/administering_red_hat_satellite/chap-red_hat_satellite-administering_red_hat_satellite-configuring_external_authentication#integrating-satellite-with-red-hat-single-sign-on-for-external-authentication. Verified with Satellite 6.8 Snap1.
Comment 10 errata-xmlrpc 2020-10-27 13:01:14 UTC 
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory (Important: Satellite 6.8 release), and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://access.redhat.com/errata/RHSA-2020:4366