On Tue, Oct 18, 2022 at 11:20:10AM +0200, Joerg Jaspert wrote:
> Am 2022-10-18 04:52, schrieb Paul Wise:
> > > Salsa should be there for git (related) things.
> > > NOT as an identity/login provider for Debian
Please formally retract the agreement that was forged two years ago
then. I properly re
Am 2022-10-18 04:52, schrieb Paul Wise:
Salsa should be there for git (related) things.
NOT as an identity/login provider for Debian
There are already Debian services that do not offer any other option
for auth than Salsa.
Which is bad. And should be changed.
Arguably it is probably a good
On Mon, Oct 17, 2022 at 5:29 PM Sam Hartman wrote:
>
> I think the minimal solution here, which I'm not volunteering to do, is
> for tracker.debian.org to gain salsa sso support instead of client cert
> support.
Can point out the tracker.d.o code? Maybe I'll take a look, I find this topic
interes
On Mon, 2022-10-17 at 21:28 +0200, Joerg Jaspert wrote:
> Salsa should be there for git (related) things.
> NOT as an identity/login provider for Debian
There are already Debian services that do not offer any other option
for auth than Salsa.
Personally I do not like GitLab, Salsa nor OIDC/Oauth
On 17.10.22 17:29, Sam Hartman wrote:
That
* Gives us a second source of sso
* still leaves tracker wanting to consume client certs
* As far as I can tell keycloak can consume but not produce client certs
* Even if it can produce client certs we have all the usability
challenges of client certs
On 16654 March 1977, Sam Hartman wrote:
I think the minimal solution here, which I'm not volunteering to do,
is
for tracker.debian.org to gain salsa sso support instead of client
cert
support.
But that isnt neccessarily the best solution. I think it would be better
to NOT rely on salsa for
> "Stephan" == Stephan Lachnit writes:
Stephan> On Mon, Oct 17, 2022 at 11:57 AM Bastian Blank
wrote:
>>
>> Everyone coming up with solutions, please review the old thread
>> about that
>>
https://lists.debian.org/msgid-search/20200405184610.ga581...@waldi.eu.org
Le 17 octobre 2022 13:50:36 GMT+02:00, Stephan Lachnit
a écrit :
>On Mon, Oct 17, 2022 at 11:57 AM Bastian Blank wrote:
>>
>> Everyone coming up with solutions, please review the old thread about
>> that
>> https://lists.debian.org/msgid-search/20200405184610.ga581...@waldi.eu.org
>
>Keycloak
On Mon, Oct 17, 2022 at 11:57 AM Bastian Blank wrote:
>
> Everyone coming up with solutions, please review the old thread about
> that
> https://lists.debian.org/msgid-search/20200405184610.ga581...@waldi.eu.org
Keycloak also provides OpenID Connect / OAuth2 and can connect to LDAP
servers - so i
On Sun, Oct 16, 2022 at 07:22:28PM +0200, Enrico Zini wrote:
> I'm posting this to debian-devel as an early heads-up and a call for
> other maintainers. If nobody steps in my the end of October, I'll post a
> proper sunset announce to debian-devel-announce.
Everyone coming up with solutions, pleas
Hi,
On Mon, 17 Oct 2022, at 09:52, Hakan Bayındır wrote:
> We use Keycloak in both at office and in international projects as
> backbones of relatively big and federated SSO systems, and it works fine.
>
> It's not very hard to deploy and configure on bare metal. Enabling its
> own HTTPS/SSL fea
We use Keycloak in both at office and in international projects as
backbones of relatively big and federated SSO systems, and it works fine.
It's not very hard to deploy and configure on bare metal. Enabling its
own HTTPS/SSL features are also relatively straightforward.
I'm sure that it can
On Sun, Oct 16, 2022 at 7:23 PM Enrico Zini wrote:
>
> I would welcome better single sign-on systems for Debian than Salsa, and
> sso.debian.org is not it.
I think Keycloak [1] is quite nice and used more and more by other
FOSS projects (it is RedHat sponsored after all). Opinions about using
thi
On Sun, 2022-10-16 at 16:21 -0700, Sean Whitton wrote:
> At the present time, I believe this will break DDs logging into
> tracker.debian.org. I recently had to mess around with client
> certificates in order to login there and subscribe to a new package.
It will still be possible to manage DPT
Hello,
On Sun 16 Oct 2022 at 07:22PM +02, Enrico Zini wrote:
> Hello,
>
> I've just fixed sso.debian.org to work again after the upgrade of
> diabelli to bullseye.
>
> I however have not used SSO certificates in years and don't intend to.
> This means I'm unable to test if certificate authenticat
Hello,
I've just fixed sso.debian.org to work again after the upgrade of
diabelli to bullseye.
I however have not used SSO certificates in years and don't intend to.
This means I'm unable to test if certificate authentication still works,
and to effectively maintain the site: I won't be able to d
16 matches
Mail list logo
