infra-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Chris Lambertus (JIRA)" <j...@apache.org>
Subject [jira] [Commented] (INFRA-18245) Deploy a SAMLv2 compliant IDP backed by our LDAP server
Date Thu, 13 Jun 2019 02:56:00 GMT

    [ https://issues.apache.org/jira/browse/INFRA-18245?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16862665#comment-16862665
] 

Chris Lambertus commented on INFRA-18245:
-----------------------------------------

I have a potential solution for this, as Crowd now supports google apps integration via SAML.
I need to validate our dev environment, then set up some test cases for you to try. Since
I don't have access to the google side, I'll need to work with you in real-time. I'll let
you know when I'm ready, should be in the next few days.


> Deploy a SAMLv2 compliant IDP backed by our LDAP server
> -------------------------------------------------------
>
>                 Key: INFRA-18245
>                 URL: https://issues.apache.org/jira/browse/INFRA-18245
>             Project: Infrastructure
>          Issue Type: New Feature
>          Components: Identity Management
>         Environment: Any machine infra deems appropriate for this kind of workload
>            Reporter: Daniel Ruggeri
>            Assignee: Chris Lambertus
>            Priority: Major
>              Labels: gsuite
>   Original Estimate: 336h
>  Remaining Estimate: 336h
>
> Please see https://lists.apache.org/thread.html/28773f2df84a83a809d203e30f57723f774bbbddd1b9086a307d7cd0@%3Coperations.apache.org%3E
for additional context
> In order to integrate our gsuite and google cloud usage with our ASF identity store,
a SAMLv2 compliant identity provider (IDP) is needed that can perform authn of an ASF user.
SAMLv2 IDPs are generally useful as they are the fairly standard form for enabling enterprise
single sign on.
> Google documentation is here:
> https://support.google.com/a/answer/60224?hl=en
> https://support.google.com/a/answer/6262987
> An overview of working technologies is here:
> https://lists.apache.org/thread.html/733eb42e19fb5b56789a8df71f5a68b87d930cd8e252402b863260e1@%3Cusers.infra.apache.org%3E
> The POC for the IDP (using simplesamlphp) was confirmed to be working on a Debian-based
docker container with Debian-provided httpd, php and php modules. This should confirm a standard
Debian-based installation (VM, container or otherwise) is suitable for the purpose.
> The containers, their Dockerfiles and README.txt files are available here:
> http://people.apache.org/~druggeri/GCDS-POC/



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)

Mime
View raw message