Hello,
We have merged SSO patchset into master.
These kind of deep infra changes are non trivial, we hope we reduced most of the side
effects within the 171 revisions and testing.
Thanks for Ravi Nori for his great effort!
The SSO is based on OAuth2 specification, full description is available[1], it is a stable
supported interface of engine.
In a nut shell, the major change is that login dialog is now handled by a separate non gwt
webapp, this webapp provides authentication and authorization services to other webapps.
The immediate bonus is: no need to re-authenticate to user portal and/or admin portal,
maybe soon we integrate reports.
Performance bonus: if using spnego (kerberos) there is no performance penalty (double
request).
Usability bonus: support many authentication sequences we were unable to provide using the
previous implementation.
Regards,
Alon Bar-Lev.
[1]
http://www.ovirt.org/Features/UniformSSOSupport