[ovirt-devel] [ATN] [master] SSO patchset were merged
Barak Korren
bkorren at redhat.com
Wed Nov 25 07:35:06 UTC 2015
Its great that we can now support OAuth2! I can see us using that in
oVirt infra...
Does this somehow enable integration with Keycloak [1] or Ipsilon [2] ?
[1]: http://keycloak.jboss.org/
[2]: https://fedorahosted.org/ipsilon/
On 24 November 2015 at 23:39, Alon Bar-Lev <alonbl at redhat.com> wrote:
> Hello,
>
> We have merged SSO patchset into master.
> These kind of deep infra changes are non trivial, we hope we reduced most of the side effects within the 171 revisions and testing.
> Thanks for Ravi Nori for his great effort!
>
> The SSO is based on OAuth2 specification, full description is available[1], it is a stable supported interface of engine.
>
> In a nut shell, the major change is that login dialog is now handled by a separate non gwt webapp, this webapp provides authentication and authorization services to other webapps.
>
> The immediate bonus is: no need to re-authenticate to user portal and/or admin portal, maybe soon we integrate reports.
> Performance bonus: if using spnego (kerberos) there is no performance penalty (double request).
> Usability bonus: support many authentication sequences we were unable to provide using the previous implementation.
>
> Regards,
> Alon Bar-Lev.
>
> [1] http://www.ovirt.org/Features/UniformSSOSupport
> _______________________________________________
> Devel mailing list
> Devel at ovirt.org
> http://lists.ovirt.org/mailman/listinfo/devel
--
Barak Korren
bkorren at redhat.com
RHEV-CI Team
More information about the Devel
mailing list