On Wed, Mar 3, 2021, 5:13 PM Matthew Miller <[email protected]> wrote:
> On Wed, Mar 03, 2021 at 01:53:28PM -0800, Kevin Fenzi wrote: > > 4) We could add some kind of GSSAPI/Kerberos support to pagure, so > > people could use https and a kerberos ticket. > > What's amount of effort required for this option? Because other than "it > might be a lot of work", it seems ideal, and would resolve a lot of other > cases where it's an extra step to have to configure an access token for > pagure. But "it might be a lot of work" is a pretty big con. > > If the answer is "yeah, it's a lot", I vote for whichever other option > makes > this a logical next step when there is time to do such work. > I don't think it would be that hard anymore. Recently, Pagure changed to proxy and handle Git via HTTPS, meaning that we can do whatever we want to authenticate pulls and pushes. Ideally, we'd support it as a full login backend, so that logins this way would also generate accounts automatically. We do have a ticket for GSSAPI for Git+HTTPS: https://pagure.io/pagure/issue/4995 >
_______________________________________________ infrastructure mailing list -- [email protected] To unsubscribe send an email to [email protected] Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/[email protected] Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure
