[katello-devel] Signo improvements discussion

Marek Hulan mhulan at redhat.com
Mon May 6 11:59:38 UTC 2013 

Hi all,

I received some feedback (the biggest from Garik) about Signo application. 
Although it seems to work by technical side it would be nice add some other 
features. Here is the list to discuss:

# Application information

We could display information about from which application user is coming to 
Signo, so he knows what is he logging in to. Note that user might get false 
idea that he is logging just into Katello however logging into Signo means 
also logging in into Foreman. Garik suggested displaying name, version, 
favicon and logo from that application you are coming from so it would look 
like as Katello login page (for Katello). What do others think? This would 
also mean for every external application to be supported in Signo (to display 
its graphics to avoid remote linking https problems etc.). I would find useful 
just to display name of the application that you came from. Also we should 
keep in mind security and possibility of forging this information.

# Logout page

Logout in Katello shows logout page that informs you about successful logout 
and displaying you a link to login again. Garik suggested to remove this page 
so user does not have to click link in order to login again. It would mean to 
go to Signo login page again with no notification of logout. I don't think 
users are logging out and in too often so I would leave that link there even 
when logout page itself has small information value. Comments? FYI on Foreman 
side there is no logout page so user is redirected to casual login page. He 
may login to foreman to enter any other foreman url. That's more or less 3rd 
possible way.

# Katello - configurable login page

We now force users to use Signo if it's set in katello.yml and fallback to 
plain login form only if OpenID auth fails. However user may want to decide 
which way he wants to use. Either SSO via Signo or plain login form. This 
could work and be configurable until we extract user logic from Katello to 
Signo. Again do we want to allow users to decide or "we know better"? :-)

If you have any other ideas what could make users confused or what to improve, 
please reply.

-- 
Marek

More information about the katello-devel mailing list