[katello-devel] Design of SSO
Marek Hulan
mhulan at redhat.com
Mon Mar 4 17:12:26 UTC 2013
On Monday 04 of March 2013 11:57:48 Bryan Kearney wrote:
> On 03/04/2013 10:22 AM, Marek Hulan wrote:
> > Ok, this is not how it currently works so should I take it as a part of
> > SSO US or we'll solve it in future? Currently Katello asks DB xor LDAP
> > based on configuration. If we agree that SSO (new app) will use Katello
> > to authenticate, this will be the way how login will work when US is
> > finished.
>
> I assumed that SSO would be a stand alone thing which both Katello and
> FOreman can use. If we require LDAP only for that, then I would actually
> be fine with it.
It will but the plan was to use Katello also for it's auth backend. Copying
LDAP authentication from Katello to SSO is possible but would mean code
duplication (it must stay also in Katello because of fallback). So why not to
use Katello which already knows how to deal with DB/LDAP and is already
authoritative user DB. Using Foremen without Katello probably does not require
SSO (or is there use case for other systems that would benefit from using this
SSO and won't use Katello?)
--
Marek
More information about the katello-devel
mailing list