Add Single sign-on (SSO) support
Bug #1972736 reported by
Martin Chlumsky
This bug affects 8 people
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
skyline apiserver |
Fix Released
|
Wishlist
|
conna |
Bug Description
Description
===========
Add single sign-on (SSO) support. I would personally prefer an OpenID Connect integration over SAML 2.0.
Steps to reproduce
==================
* Deploy skyline with SSO configured with OpenID Connect (or SAML 2.0).
Expected result
===============
Skyline works with SSO enabled.
Actual result
=============
SSO is not supported.
Changed in skyline-apiserver: | |
importance: | Undecided → Wishlist |
tags: | added: feature |
Changed in skyline-apiserver: | |
assignee: | nobody → conna (yangshaoxue) |
status: | New → Confirmed |
Changed in skyline-apiserver: | |
status: | Confirmed → Fix Committed |
Changed in skyline-apiserver: | |
status: | Fix Committed → Fix Released |
To post a comment you must log in.
Looking at the kolla docs and also as a mainatainer of openstack-ansible, both of these projects seem to use apache mod_auth_oidc to provide OIDC SSO for horizon.
There would be benefit to doing SSO support in Skyline with the same library, then we can reuse existing code in the deployment tool projects, and end users would have confidence that their mod_auth_oidc configurations would also be appropriate for Skyline.
OIDC is complex with many valid authorisation flows - mod_auth_oidc is very configurable and seems to work well already for openstack.