Hello all, As some of you noticed, FreeIPA wiki authentication via OpenID was broken in the last days. I suspect (but did get reply from Patrick who running the Fedora infra yet) that it was caused by Fedora moving to mode modern authentication protocol, i.e. from OpenID to OpenID Connect (OIDC): https://fedoraproject.org/wiki/Infrastructure/Authentication
Unfortunately, I cannot make the OIDC login for our current FreeIPA instance available, given that our wiki runs on OpenShift v2 which uses PHP 5.3.3 cartridge, which can get us only as far as to Mediawiki 1.26. OIDC mediawiki authentication plugin is supported from 1.27 forward. So the wiki needs to be either: - migrated to newer PHP cartridge on current Red Hat OpenShift v2 instance - migrated to OpenShift v3 (preferred) to unblock us from this situation and get to proper OIDC authentication. However, this will need more time and preparation (which I do not even have right now). For now, I simply disabled OpenID authentication in our wiki and enabled password logins again! Anonymous account creation is disabled to avoid spammers. However, given that we now enforce people to be in a special group (editors) to fight the spammers, there is actually no big functionality lost in this, except having to use yet another password. To summarize, if you want to access the wiki again, please use the password you may have had before we migrated to Fedora OpenID. If you do not have the password yet, you should be able to simply reset it before logging in and you should get an email (the mail part did not work for martbab this afternoon, though). In the worst case, I can reset the password for you, just shoot me an email. Thanks! -- Martin Kosek <mko...@redhat.com> Manager, Software Engineering - Identity Management Team Red Hat, Inc. -- Manage your subscription for the Freeipa-devel mailing list: https://www.redhat.com/mailman/listinfo/freeipa-devel Contribute to FreeIPA: http://www.freeipa.org/page/Contribute/Code
