On Tue, Aug 22, 2017 at 04:29:49PM +0200, gregor herrmann wrote: > On Tue, 22 Aug 2017 09:45:10 +0200, Alexander Wirt wrote: > > > > There is lemonldap-ng already packaged which provides saml, oauth, > > > openid-connect, CAS, and more (both identity provider and service > > > provider). It works with users in ldap but doesn't have a user management > > > interface. > > > > > > We use it at work and it integrates nicely with all kind of webapp > > > (including gitlab, via oauth). > > I haven't looked into it. Can lemonldap-ng have multiple backends at the > > same > > time? > > Specifially one LDAP (db.d.o.) Backend and one Oauth2 (gitlab) Backend? > > I haven't used lemonldap-ng but I'd like to add that it's maintained > in Debian by Xavier Guimard (within the Debian Perl Group) who's also > part of upstream. I'm sure he's happy to help by answering questions > and maybe also setup or changes etc. (CC'd). >
URL for clicking https://lemonldap-ng.org/welcome/ On Tue, Aug 22, 2017 at 09:30:50AM +0200, Philipp Hug wrote: > On Aug 22, 2017 8:23 AM, "Luca Filipozzi" <lfili...@debian.org> wrote: > > > Has anyone looked at Keycloak? http://www.keycloak.org/ > > I have and deployed it for others in production. Not an unreasonable > option. > > > I'm running it in production as well. If you need some help to > evaluate/configure it, just ping me. What I learned from the Alioth Sprint last weekend is that DSA previously handed-out a new (test) machine easily. New policy is handing-out machines for the stage after early tests. Thing that I hope is that Alioth successors will have the various services on separate machines. So that we have not again the situation when replacing a Source Code Management system we also have to replace the machine with all the -guest accounts. Don't count on me for that. New tasks I volunteert for during the Alioth replacement sprint are listmaster and http://gitea.debian.net maintenance. So most likely nothing new: We all agree that someone else should do it. And we all respect those who actually do. Groeten Geert Stappers -- Leven en laten leven
