Add Single sign-on (SSO) support

Bug #1972736 reported by Martin Chlumsky
38
This bug affects 8 people
Affects Status Importance Assigned to Milestone
skyline apiserver
Fix Released
Wishlist
conna

Bug Description

Description
===========
Add single sign-on (SSO) support. I would personally prefer an OpenID Connect integration over SAML 2.0.

Steps to reproduce
==================
* Deploy skyline with SSO configured with OpenID Connect (or SAML 2.0).

Expected result
===============
Skyline works with SSO enabled.

Actual result
=============
SSO is not supported.

Tags: feature
Boxiang Zhu (bxzhu-5355)
Changed in skyline-apiserver:
importance: Undecided → Wishlist
tags: added: feature
Revision history for this message
Jonathan Rosser (jrosser) wrote :

Looking at the kolla docs and also as a mainatainer of openstack-ansible, both of these projects seem to use apache mod_auth_oidc to provide OIDC SSO for horizon.

There would be benefit to doing SSO support in Skyline with the same library, then we can reuse existing code in the deployment tool projects, and end users would have confidence that their mod_auth_oidc configurations would also be appropriate for Skyline.

OIDC is complex with many valid authorisation flows - mod_auth_oidc is very configurable and seems to work well already for openstack.

Revision history for this message
Wu Wenxiang (wu-wenxiang) wrote :

Thanks for your reply!
We dev team are working for this issue now.

Changed in skyline-apiserver:
assignee: nobody → conna (yangshaoxue)
status: New → Confirmed
Revision history for this message
Wu Wenxiang (wu-wenxiang) wrote :

Supposed finish on Auguest, 15th, 2022

Revision history for this message
Boxiang Zhu (bxzhu-5355) wrote (last edit ):

https://review.opendev.org/c/openstack/skyline-console/+/853584
https://review.opendev.org/c/openstack/skyline-apiserver/+/852394

both skyline-apiserver and skyline-console have added the sso(now only openid) support.

Boxiang Zhu (bxzhu-5355)
Changed in skyline-apiserver:
status: Confirmed → Fix Committed
Boxiang Zhu (bxzhu-5355)
Changed in skyline-apiserver:
status: Fix Committed → Fix Released
To post a comment you must log in.
This report contains Public information  
Everyone can see this information.

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.