[ https://issues.apache.org/jira/browse/ATLAS-3153?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16880585#comment-16880585 ]
Nixon Rodrigues commented on ATLAS-3153: ---------------------------------------- [~bolke], i have documented the mvn command to run test and error trace in following jira https://issues.apache.org/jira/browse/ATLAS-3317 > Support OpenID Connect directly rather than through Knox > -------------------------------------------------------- > > Key: ATLAS-3153 > URL: https://issues.apache.org/jira/browse/ATLAS-3153 > Project: Atlas > Issue Type: Improvement > Components: atlas-core, atlas-webui > Affects Versions: 2.0.0 > Reporter: Bolke de Bruin > Priority: Major > Labels: authentication, authorization > Fix For: 3.0.0 > > Attachments: 0001-ATLAS-3153-Add-keycloak-authentication.patch, > 0001-ATLAS-3153-Testcase-fix-due-to-Keycloak-authenticati.patch, > application.log, keycloak.json, openid_connect_atlas.md > > Time Spent: 40m > Remaining Estimate: 0h > > The current SSO implementation with Apache Knox is limiting SSO > interoperability to Apache Knox. Knox uses JWT verification which could > easily be extended to allow for direct OpenID Connect support and doesn't > require organizations to deploy Knox. > Required changes: > * Pickup bearer token from headers > * Improve and standardize redirecting > * Optionally: obtain certificates from well_known uri > * Optionally: obtain user groups from userinfo endpoint rather than UGI -- This message was sent by Atlassian JIRA (v7.6.3#76005)