[Freeipa-devel] [PATCH] 1106 IPA REST smart proxy
Petr Viktorin
pviktori at redhat.com
Fri Feb 28 09:47:15 UTC 2014
On 02/27/2014 10:18 PM, Rob Crittenden wrote:
> Rob Crittenden wrote:
[...]
>> Ok, so try to summarize this long-running thread, I'll rename the
>> subpackage to freeipa-server-foreman-smartproxy to make it clearer what
>> it is/does. Right now it requires manual configuration so having the
>> package installed should have no negative impacts (other than
>> potentially pulling in additional dependencies).
>>
>> I'll leave it in smartproxy for now, it's just cleaner and better
>> integrates with ipatests IMHO.
>>
>> Foreman supports SSL client auth which is great, by cherrypy does not
>> yet. There is a pull request to add this,
>> https://bitbucket.org/cherrypy/cherrypy/pull-request/15/added-support-for-client-certificate/activity
>>
>> . Foreman otherwise supports no other authentication method, so we're
>> blocked with this. The certs for this would initially come out of
>> Foreman/puppet.
>>
>> I'll submit a new patch with an updated spec but I think otherwise I've
>> addressed the isuses Petr has raised. This thread has taken a lot of
>> turns so it is very possible I missed something though :-)
>
> Updated patch based on feedback from Foreman team. I added a new URI,
> /features, which Foreman uses to determine what capabilities a proxy has.
>
> rob
My review is blocked because 389-ds doesn't install on Rawhide due to
https://fedorahosted.org/389/ticket/47700
Noriko, do you know of a Rawhide build that includes your fix?
--
Petr³
More information about the Freeipa-devel
mailing list