On 06/10/2015 04:55 PM, Drew Erny wrote:

On 06/10/2015 10:16 AM, Martin Kosek wrote:
AFAIK, this work would form some standalone page utilizing the FreeIPA
Web UI framework we have already, to get the same look and feel. Using
FreeIPA API to store/manipulate user entries should be thus much
easier, then taking care of separate database. Also, if Stage user
tree is used, the admins doing the validation of user entries may also
have other responsibilities in FreeIPA, so they may welcome having
these entries in Stage User in the FreeIPA Web UI without going to
special application. Just my thoughts, I would welcome other feedback.
I'm worried if I try to fit this into the existing WebUI framework, I'm
gonna end up wrangling with the fact that the WebUI expects to have an
authenticated LDAP user, but we need anonymous access for both
self-service registration and (eventually) for password reset. I'm not
sure what kind of changes would be needed to make this work. I'll use
the stageuser tree either way, though; your argument on that is
definitely correct.

https://ipa.demo1.freeipa.org/ipa/ui/sync_otp.html is an example of such standalone page.

Web UI framework doesn't need authentication until it talks to IPA API.
Petr Vobornik

Manage your subscription for the Freeipa-devel mailing list:
Contribute to FreeIPA: http://www.freeipa.org/page/Contribute/Code

Reply via email to