1113937 – [RFE][AAA] Single sign-on into web applications

Bug 1113937 - [RFE][AAA] Single sign-on into web applications

Summary: [RFE][AAA] Single sign-on into web applications

Keywords:
Status:	CLOSED ERRATA
Alias:	None
Product:	Red Hat Enterprise Virtualization Manager
Classification:	Red Hat
Component:	RFEs
Sub Component:
Version:	unspecified
Hardware:	Unspecified
OS:	Unspecified
Priority:	unspecified
Severity:	unspecified
Target Milestone:	---
Target Release:	3.5.0
Assignee:	Alon Bar-Lev
QA Contact:	Ondra Machacek
Docs Contact:
URL:
Whiteboard:	infra
Duplicates (2):	1125224 1170209 (view as bug list)
Depends On:	570191 884653 1112404 1125224 1161734
Blocks:	oVirt-AAA-rewrite 1121762 rhev3.5beta 1156165
TreeView+	depends on / blocked

Reported:	2014-06-27 09:38 UTC by Alon Bar-Lev
Modified:	2019-12-16 04:30 UTC (History)
CC List:	17 users (show)
Fixed In Version:	vt2.2
Doc Type:	Technology Preview
Doc Text:	With this update, the engine can now integrate with Apache authentication, for example mod_auth_kerb, to accept users already authenticated by Apache and enable single sign-on to the User and Administration Portals. Note that this feature conflicts with the password delegation feature in 3.4 (also known as the single sign-on to virtual machine feature) as the engine does not have access to user passwords anymore, the password cannot be delegated to virtual machines. Also note that when this feature is used, the sign out button in the User Portal and Administration Portal will not work. The user will remain logged in even after clicking the sign out button. To sign out, the user needs to sign out from the single sign-on provider. For more information on configuring this feature, see the ovirt-engine-extension-aaa-ldap package documentation[1]. [1] http://gerrit.ovirt.org/gitweb?p=ovirt-engine-extension-aaa-ldap.git;a=blob;f=README;hb=HEAD#l141
Clone Of:
Environment:
Last Closed:	2015-02-11 18:04:19 UTC
oVirt Team:	Infra
Target Upstream Version:
Embargoed:

Attachments	(Terms of Use)

Links
System	ID	Private	Priority	Status	Summary	Last Updated
Red Hat Product Errata	RHSA-2015:0158	0	normal	SHIPPED_LIVE	Important: Red Hat Enterprise Virtualization Manager 3.5.0	2015-02-11 22:38:50 UTC

Description Alon Bar-Lev 2014-06-27 09:38:19 UTC

This will be released as technology preview for rhevm-3.5.0.

Documentation[1].
Known UX issues: bug#1112404.
Packages required:
 - ovirt-engine-extension-aaa-misc(bug#1113648)
 - ovirt-engine-extension-aaa-ldap(bug#1110765)

Component is RFEs as it relates to entire product: backend, frontend, extensions.

[1] http://gerrit.ovirt.org/gitweb?p=ovirt-engine-extension-aaa-ldap.git;a=blob;f=README;hb=HEAD#l103

Comment 1 Alon Bar-Lev 2014-06-27 12:48:52 UTC

Core limitation: SSO into virtual machine will not work, as password is unknown to engine.

Comment 2 Alon Bar-Lev 2014-08-22 06:26:37 UTC

*** Bug 1125224 has been marked as a duplicate of this bug. ***

Comment 4 Alon Bar-Lev 2014-12-04 13:54:16 UTC

*** Bug 1170209 has been marked as a duplicate of this bug. ***

Comment 6 errata-xmlrpc 2015-02-11 18:04:19 UTC

Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://rhn.redhat.com/errata/RHSA-2015-0158.html

Note You need to log in before you can comment on or make changes to this bug.