[Freeipa-users] Free IPA and Google Apps
Simo Sorce
simo at redhat.com
Fri Apr 25 14:18:19 UTC 2014
On Fri, 2014-04-25 at 10:00 -0400, Dmitri Pal wrote:
> On 04/25/2014 09:51 AM, Simo Sorce wrote:
> > On Fri, 2014-04-25 at 09:29 -0400, Dmitri Pal wrote:
> >> On 04/25/2014 08:39 AM, Simo Sorce wrote:
> >>> On Fri, 2014-04-25 at 07:27 -0500, Chris Whittle wrote:
> >>>> Thanks Martin, I found a few notes on FreeIPA and GADS but most were people
> >>>> saying not to do it on principal but nothing saying if it's possible or not.
> >>>>
> >>>> I like the SAML option, including the mysterious ipsilon (Is there anything
> >>>> more than the git repo yet?), but wonder how much control it has.
> >>> At the moment no control at all.
> >>>
> >>>> Does it just allow them to SSO using their LDAP credentials?
> >>> Yes.
> >>>
> >>>> If I disable a user in LDAP does it only recognize that only during login
> >>>> or is it smart enough to kill their Google Apps sessions and make them
> >>>> login again?
> >>> At the moment no, in future, perhaps we can develop a plugin that will
> >>> call a SSO logout to the remote applications the user logged into, but
> >>> this will require the server to be more stateful. This feature is not
> >>> available in the current code.
> >>>
> >>> Simo.
> >>>
> >>>
> >>> _______________________________________________
> >>> Freeipa-users mailing list
> >>> Freeipa-users at redhat.com
> >>> https://www.redhat.com/mailman/listinfo/freeipa-users
> >>
> >> Simo, how much Ipsilon is ready for a POC like this?
> >> I understand it is probably somewhere between alpha and beta quality but
> >> it might be a good exercise to try to set it up for a real use case.
> >> What do you think?
> > It can be tried, but I need to write some documentation on how to set it
> > up first :-)
> >
> > Simo.
> >
> Hint-hint, nudge-nudge :-)
I know, I know.
I got done with lasso and mod_auth_mellon patches, now I can go back to
Ipsilon.
If Jan gives me the go, I will cut a first release and start writing
instruction, file for Fedora packages and all that
Simo.
--
Simo Sorce * Red Hat, Inc * New York
More information about the Freeipa-users
mailing list