Its great that we can now support OAuth2! I can see us using that in oVirt infra...
Does this somehow enable integration with Keycloak [1] or Ipsilon [2] ? [1]: http://keycloak.jboss.org/ [2]: https://fedorahosted.org/ipsilon/ On 24 November 2015 at 23:39, Alon Bar-Lev <[email protected]> wrote: > Hello, > > We have merged SSO patchset into master. > These kind of deep infra changes are non trivial, we hope we reduced most of > the side effects within the 171 revisions and testing. > Thanks for Ravi Nori for his great effort! > > The SSO is based on OAuth2 specification, full description is available[1], > it is a stable supported interface of engine. > > In a nut shell, the major change is that login dialog is now handled by a > separate non gwt webapp, this webapp provides authentication and > authorization services to other webapps. > > The immediate bonus is: no need to re-authenticate to user portal and/or > admin portal, maybe soon we integrate reports. > Performance bonus: if using spnego (kerberos) there is no performance penalty > (double request). > Usability bonus: support many authentication sequences we were unable to > provide using the previous implementation. > > Regards, > Alon Bar-Lev. > > [1] http://www.ovirt.org/Features/UniformSSOSupport > _______________________________________________ > Devel mailing list > [email protected] > http://lists.ovirt.org/mailman/listinfo/devel -- Barak Korren [email protected] RHEV-CI Team _______________________________________________ Devel mailing list [email protected] http://lists.ovirt.org/mailman/listinfo/devel
