On 21 June 2016 at 12:14, Marc Dequènes (Duck) <d...@redhat.com> wrote: > > Maybe freeipa could help building this. I think Misc as more experience > with this; he could probably give some advice.
Probably not FreeIPA as it is based around its own LDAP, but maybe something like Keycloak working against external providers. (We have OVIRT-527 in Jira for this) > So as for now: > - Google OAuth: enabled but not working yet, waiting to have access to > data to create the API credentials > - Fedora: works well, tested with Misc's account > - Persona: works well > - OpenID: tested with LaunchPad/UbuntuOne, works well but URL has to > be entered manually, so maybe the page could be tweaked to have links > like in Gerrit > > Would it be sufficient to begin with? We'd probably better support GitHub too. Also we need to make sure we know how to converge credentials when the same users use different providers to login. (We have a detailed procedure on how to do this with Gerrit...) > I think we should warn users they would need to have their email address > registered on some provider if not already done (in the announcement). No harm in accounting. Since most users already need this to use Gerrit the impact will probably not be huge. -- Barak Korren bkor...@redhat.com RHEV-CI Team _______________________________________________ Infra mailing list Infra@ovirt.org http://lists.ovirt.org/mailman/listinfo/infra
