[
https://issues.apache.org/jira/browse/ATLAS-3153?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16879542#comment-16879542
]
ASF subversion and git services commented on ATLAS-3153:
--------------------------------------------------------
Commit 88ea258638d5dcb5911c6da406d3b136dab27ebc in atlas's branch
refs/heads/branch-2.0 from Nixon Rodrigues
[ https://gitbox.apache.org/repos/asf?p=atlas.git;h=88ea258 ]
ATLAS-3153 : Testcase fix due to Keycloak authentication method commit.
(cherry picked from commit e7071476aaba064d0967531cda6d9221f918db4e)
> Support OpenID Connect directly rather than through Knox
> --------------------------------------------------------
>
> Key: ATLAS-3153
> URL: https://issues.apache.org/jira/browse/ATLAS-3153
> Project: Atlas
> Issue Type: Improvement
> Components: atlas-core, atlas-webui
> Affects Versions: 2.0.0
> Reporter: Bolke de Bruin
> Priority: Major
> Labels: authentication, authorization
> Fix For: 3.0.0
>
> Attachments: 0001-ATLAS-3153-Add-keycloak-authentication.patch,
> 0001-ATLAS-3153-Testcase-fix-due-to-Keycloak-authenticati.patch,
> application.log, keycloak.json, openid_connect_atlas.md
>
> Time Spent: 40m
> Remaining Estimate: 0h
>
> The current SSO implementation with Apache Knox is limiting SSO
> interoperability to Apache Knox. Knox uses JWT verification which could
> easily be extended to allow for direct OpenID Connect support and doesn't
> require organizations to deploy Knox.
> Required changes:
> * Pickup bearer token from headers
> * Improve and standardize redirecting
> * Optionally: obtain certificates from well_known uri
> * Optionally: obtain user groups from userinfo endpoint rather than UGI
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)
