Hi , In my previous work , I have deployed a SSO solution based on Keyloack ( https://www.keycloak.org ) <https://www.google.com/search?q=keycloak&oq=keyc&aqs=chrome.1.69i57j0i433i512l3j0i512j69i65l3.4677j0j7&sourceid=chrome&ie=UTF-8#>
1. <https://webcache.googleusercontent.com/search?q=cache:SLtH_iTBmccJ:https://www.keycloak.org/+&cd=1&hl=fr&ct=clnk&gl=fr> <https://translate.google.com/translate?hl=fr&sl=en&u=https://www.keycloak.org/&prev=search&pto=aue> and 389 as backend ldap. It Handles more than 3000 accounts and groups updated mostly from an ActiveDirectory. The 389 was also used as Unix/Linux ldap authentication. Regards, Le mer. 26 janv. 2022 à 12:05, N R <randria.nico...@gmail.com> a écrit : > Hi, > > I've done some SAML SSO integrations and work regularly with FreeIPA. > > SSO is usually handled via a protocol like SAML, OpenID or Shibboleth, > FreeIPA only serves as LDAP Identity database in these architectures. > Our deployments used a "proxy" to handle these authentications and link > them with LDAP, SimpleSAMLPHP. > > The implementation also depends a lot on the way you want to do SSO, > centralized, federated, or cooperative. > > I would recommend to take a look at simplesamlphp documentation as it > supports almost every SSO protocols and can easily be integrated to proxy > SSO web requests. > > Regards, > Nicolas > > > > Le lun. 10 janv. 2022 à 19:50, Jonathan Aquilina <jaquil...@eagleeyet.net> > a écrit : > >> Good Evening, >> >> >> >> I am just wondering can 389 along side free ipa be used to offer SSO >> capabilities? >> >> >> >> Regards, >> >> Jonathan >> _______________________________________________ >> 389-users mailing list -- 389-users@lists.fedoraproject.org >> To unsubscribe send an email to 389-users-le...@lists.fedoraproject.org >> Fedora Code of Conduct: >> https://docs.fedoraproject.org/en-US/project/code-of-conduct/ >> List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines >> List Archives: >> https://lists.fedoraproject.org/archives/list/389-users@lists.fedoraproject.org >> Do not reply to spam on the list, report it: >> https://pagure.io/fedora-infrastructure >> > _______________________________________________ > 389-users mailing list -- 389-users@lists.fedoraproject.org > To unsubscribe send an email to 389-users-le...@lists.fedoraproject.org > Fedora Code of Conduct: > https://docs.fedoraproject.org/en-US/project/code-of-conduct/ > List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines > List Archives: > https://lists.fedoraproject.org/archives/list/389-users@lists.fedoraproject.org > Do not reply to spam on the list, report it: > https://pagure.io/fedora-infrastructure >
_______________________________________________ 389-users mailing list -- 389-users@lists.fedoraproject.org To unsubscribe send an email to 389-users-le...@lists.fedoraproject.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/389-users@lists.fedoraproject.org Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure