Bugzilla will be upgraded to version 5.0 on a still to be determined date in the near future. The original upgrade date has been delayed.
First Last Prev Next    This bug is not in your last search results.
Bug 1131443 - [RFE] Support SAML for authenticating users on the RHEV User Portal
[RFE] Support SAML for authenticating users on the RHEV User Portal
Status: CLOSED CURRENTRELEASE
Product: Red Hat Enterprise Virtualization Manager
Classification: Red Hat
Component: RFEs (Show other bugs)
unspecified
All Linux
medium Severity medium
: ---
: 3.5.0
Assigned To: Scott Herold
Ondra Machacek
infra
: FutureFeature
Depends On:
Blocks:
  Show dependency treegraph
 
Reported: 2014-08-19 06:17 EDT by Tim Speetjens
Modified: 2017-02-07 08:39 EST (History)
12 users (show)

See Also:
Fixed In Version:
Doc Type: Enhancement
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2015-04-27 02:06:49 EDT
Type: Bug
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: Infra
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---
sherold: Triaged+

Attachments (Terms of Use)
Add an attachment (proposed patch, testcase, etc.)


External Trackers
Tracker ID Priority Status Summary Last Updated
Red Hat Knowledge Base (Solution) 1552933 None None None Never

  None (edit)
Description Tim Speetjens 2014-08-19 06:17:09 EDT 
Description of problem:

Support SAML authentication systems, for password-less login into user portal
Comment 10 Barak 2014-08-26 07:19:10 EDT 
is it a duplicate of Bug 1092744
Comment 11 Alon Bar-Lev 2014-08-26 13:01:06 EDT 
(In reply to Barak from comment #10)
> is it a duplicate of Bug 1092744

not exactly, integrate with SAML can be done in 3.5 based on aaa extensions. whether we will integrate out of the box with SAML in 3.6 or later is a different question.
Comment 16 Itamar Heim 2014-09-21 06:20:23 EDT 
Alon - can we give instructions how to test this with 3.5 for SAML for SSO to portals, not sso to VMs?
Tim - can customer check this during 3.5 beta cycle?
Comment 17 Alon Bar-Lev 2014-09-21 06:27:30 EDT 
(In reply to Itamar Heim from comment #16)
> Alon - can we give instructions how to test this with 3.5 for SAML for SSO
> to portals, not sso to VMs?
> Tim - can customer check this during 3.5 beta cycle?

Never tried it.
But if configuration of mod_auth_saml[1] is intact and provide authenticated user within REMOTE_USER, then it should not be different from mod_auth_kerb[2] configuration.

If the mod_auth_saml is insufficient an authn extension can be implemented to support that, this requires development work vs the integration above.

I will be happy to work with anyone establish saml environment and working mod_auth_saml configuration to integrate it with ovirt-engine.

[1] http://www.zxid.org/html/mod_auth_saml.html
[2] http://gerrit.ovirt.org/gitweb?p=ovirt-engine-extension-aaa-ldap.git;a=blob;f=README;hb=HEAD#l129
Comment 18 Alon Bar-Lev 2014-12-17 07:34:07 EST 
this can be done in 3.5 per comment#17, suggest to close as NEXT_RELEASE.
Note You need to log in before you can comment on or make changes to this bug.
First Last Prev Next    This bug is not in your last search results.