בתאריך 17 ביוני 2016 10:09, "Marc Dequènes (Duck)" <email@example.com> כתב:
> I don't think allowing only external auth like Google OAuth2 would be
> nice at all.
I respectfully disagree.
As long as we allow more then one provider, and also allow for some free ones like Fedora its not bad at all IMO. And it has the nice benofit of not having to secure any user credential database on our infra.
We've been using that approach on oVirt Gerrit forever, and are looking at ways to expand it to other parts of the infra.
Long term we would probaly like all authentication done against prividers via some sort of an sso layer, while authorization will be based on group assignments in Gerrit.
We have a ticket about this somewhere...
(Appologies for last blank message)