#48707 sso token mech implementation
Opened 4 years ago by firstyear. Modified 7 months ago

This is tracking a method for token authentication for 389-ds. This is required so that we can correctly use cookie authentication from a stateless front end application.

The current plan is heavily simplified and far more realistic in terms of what can be achieved and how. This can be found at:

http://www.port389.org/docs/389ds/design/token-auth.html

Original Ticket:

For the rest admin to have a seamless user experience we need a way to authenticate users with some kind of SSO mech when krb5 is not present.

After an investigation, we decided the best approach was to develop our own based on cryptographically sealed tokens such as fernet.

This ticket will track:

  • Development of the standard / process for these tokens
  • Development of the LDAP components of how to manage these tokens.
  • Proof of concept development.

Comment by William:

We want this for the new admin console, so it has to be inline with when the team expects us to have the new python / rest admin console done. If that is 1.3.6, than that's okay, but I'm going to get some ground work done for it now regardless

1.3.6 or Rest389 1.0? Setting milestone to 1.3.6 for now.

commit 6ea27bf
Writing objects: 100% (8/8), 12.46 KiB | 0 bytes/s, done.
Total 8 (delta 1), reused 2 (delta 0)
To ssh://git.fedorahosted.org/git/389/ds.git
cf11fae..6ea27bf master -> master

Metadata Update from @firstyear:
- Issue assigned to firstyear
- Issue set to the milestone: 1.3.6 backlog

3 years ago

Metadata Update from @firstyear:
- Issue close_status updated to: None

3 years ago

Metadata Update from @mreynolds:
- Custom field reviewstatus adjusted to ack

3 years ago

commit 6fa30ec
To ssh://git@pagure.io/389-ds-base.git
f9351cf..6fa30ec master -> master

Metadata Update from @mreynolds:
- Issue set to the milestone: 1.4 backlog (was: 1.3.6 backlog)

3 years ago

Metadata Update from @firstyear:
- Issue close_status updated to: fixed
- Issue status updated to: Closed (was: Open)

7 months ago

This commit is crashing the server when you delete any entry under cn=config

Metadata Update from @mreynolds:
- Issue status updated to: Open (was: Closed)

7 months ago

This commit is crashing the server when you delete any entry under cn=config

See https://pagure.io/389-ds-base/issue/50853

This commit is crashing the server when you delete any entry under cn=config

See https://pagure.io/389-ds-base/issue/50853

This is now fixed...

Login to comment on this ticket.

Metadata